PHP contact us form

shahzadsiddiqui8 · December 3, 2011, 7:47am

Dear all,

I am new bee and found this script from the net everything is working fine but I need to add in this Phone validation script how I can add this phone validation script in this form:

Form Code:

<?php
$your_email =‘xxx@xxx.com’;// <<=== update to your email address

session_start();
$errors = ‘’;
$name = ‘’;
$phone = ‘’;
$visitor_email = ‘’;
$user_message = ‘’;

if(isset($_POST[‘submit’]))
{

$name = $_POST['name'];
$phone = $_POST['phone'];
$visitor_email = $_POST['email'];
$user_message = $_POST['message'];
///------------Do Validations-------------
if(empty($name)||empty($visitor_email)||empty($phone))
{
    $errors .= "\

Name and Email are required fields. ";
}

if(IsInjected($visitor_email))
{
    $errors .= "\

Bad email value!“;
}
if(empty($_SESSION[‘6_letters_code’] ) ||
strcasecmp($_SESSION[‘6_letters_code’], $_POST[‘6_letters_code’]) != 0)
{
//Note: the captcha code is compared case insensitively.
//if you want case sensitive match, update the check above to
// strcmp()
$errors .= "
The captcha code does not match!”;
}

if(empty($errors))
{
    //send the email
    $to = $your_email;
    $subject="New Enquiry Form Submission";
    $from = $your_email;
    $ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
    
    $body = "A user  $name submitted the contact form:\

".
"Name: $name
".
"phone: $phone
".
"Email: $visitor_email
".
"Message:
".
"$user_message
".
"IP: $ip
";

    $headers = "From: $from \\r\

";
$headers .= "Reply-To: $visitor_email \r
";

    mail($to, $subject, $body,$headers);
    
    header('Location: thank-you.html');
}

}

// Function to validate against any email injection attempts
function IsInjected($str)
{
$injections = array(‘(
+)’,
‘(\r+)’,
‘(\ +)’,
‘(+)’,
‘(+)’,
‘(+)’,
‘( +)’
);
$inject = join(‘|’, $injections);
$inject = “/$inject/i”;
if(preg_match($inject,$str))
{
return true;
}
else
{
return false;
}
}
?>
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN” “http://www.w3.org/TR/html4/loose.dtd”>
<html>
<head>
<title>Contact Us</title>
<!-- define some style elements–>
<style>
label,a, body
{
font-family : verdana;
font-size : 12px;
}
.err
{
font-family : Verdana;
font-size : 12px;
color: red;
}
</style>
<!-- a helper script for vaidating the form–>
<script language=“JavaScript” src=“scripts/gen_validatorv31.js” type=“text/javascript”></script>
</head>

<body>
<?php
if(!empty($errors)){
echo “<p class=‘err’>”.nl2br($errors).“</p>”;
}
?>
<div id=‘contact_form_errorloc’ class=‘err’></div>
<form method=“POST” name=“contact_form”
action=“<?php echo htmlentities($_SERVER[‘PHP_SELF’]); ?>”>

<p>
<label for=‘phone’>Phone / Mobile: </label><br>
<input type=“text” name=“phone” value=‘<?php echo htmlentities($phone) ?>’>
</p>

<p>
<label for=‘email’>Email: </label><br>
<input type=“text” name=“email” value=‘<?php echo htmlentities($visitor_email) ?>’>
</p>
<p>
<label for=‘message’>Message:

StarLion · December 3, 2011, 10:35am

for future reference, please wrap your code in


```php

 tags so that its easier to read.

What validation do you need? I see you're already checking to see if its empty.

Cups · December 3, 2011, 11:38am

In order to filter against a “phone number” you have to define what constitutes a phone number, but exactly.

what shape is it? what min/max length? What chars can it take?

0123 45678
01 23 45 67 89
0044 0123 45678
++44 123 45678
0123-456 780
(0123) 456 - 789

Then you have to decide, if someone adds a char outside of your list, do you remove that char, forgive them and carry on and store it? (Sanitize) Or do you decide that they are not following your onscreen instructions (and maybe subverting your JS client side validation too) and so you simply abort the operation? (Validate)

ps Leave email validation to PHPs Filter http://php.net/manual/en/filter.filters.validate.php

softgroups · December 6, 2011, 11:22pm

Why not checking the length of the phone string!?

Just something like:


$length=strlen($phone);  

if($length<=7){echo "Invalid phone number "; errors=1; }

?!