PHP Form Error

PHP
1

When i am filling my form it gives me a validation error but i’m not understanding why am i getting it even after filling the form correctly

and the php validation code is below: Please help me where am i going wrong!

<?php
 
if(isset($_POST['email'])) {
 
     
 
   
 
    $email_to = "mail@example.com";
 
    $email_subject = "Mail from Digital Marketing Engiry form";
 
     
 
     
 
    function died($error) {
 
        
 
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
 
        echo "These errors appear below.<br /><br />";
 
        echo $error."<br /><br />";
 
        echo "Please go back and fix these errors.<br /><br />";
 
        die();
 
    }
 
     
 
    // validation expected data exists
 
    if(!isset($_POST['first_name']) ||
 
        !isset($_POST['occupation']) ||
		
        !isset($_POST['education']) ||
		
		!isset($_POST['age']) ||
 
        !isset($_POST['email']) ||
 
        !isset($_POST['telephone']) ||
 
        !isset($_POST['comments'])) {
 
        died('We are sorry, but there appears to be a problem with the form you submitted.');       
 
    }
 
     
 
    $first_name = $_POST['first_name']; // required
 
    $last_name = $_POST['occupation']; // required
	
	$last_name = $_POST['education']; // required
	 
	$last_name = $_POST['age']; // not required
 
    $email_from = $_POST['email']; // required
 
    $telephone = $_POST['telephone']; // not required
 
    $comments = $_POST['comments']; // required
 
     
 
    $error_message = "";
 
    $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
 
  if(!preg_match($email_exp,$email_from)) {
 
    $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
 
  }
 
    $string_exp = "/^[A-Za-z .'-]+$/";
 
  if(!preg_match($string_exp,$first_name)) {
 
    $error_message .= 'The First Name you entered does not appear to be valid.<br />';
 
  }
 
  if(!preg_match($string_exp,$occupation)) {
 
    $error_message .= 'The occupation you entered does not appear to be valid.<br />';
 
  }
  
  if(!preg_match($string_exp,$education)) {
 
    $error_message .= 'The education you entered does not appear to be valid.<br />';
 
  }
 
  if(strlen($comments) < 2) {
 
    $error_message .= 'The Comments you entered do not appear to be valid.<br />';
 
  }
 
  if(strlen($error_message) > 0) {
 
    died($error_message);
 
  }
 
    $email_message = "Form details below.\n\n";
 
     
 
    function clean_string($string) {
 
      $bad = array("content-type","bcc:","to:","cc:","href");
 
      return str_replace($bad,"",$string);
 
    }
 
     
 
    $email_message .= "First Name: ".clean_string($first_name)."\n";
 
    $email_message .= "occupation: ".clean_string($occupation)."\n";
	
	$email_message .= "education: ".clean_string($education)."\n";
	
	$email_message .= "age: ".clean_string($age)."\n";
 
    $email_message .= "Email: ".clean_string($email_from)."\n";
 
    $email_message .= "Telephone: ".clean_string($telephone)."\n";
 
    $email_message .= "Comments: ".clean_string($comments)."\n";
 
     
 
     
 
// create email headers
 
$headers = 'From: '.$email_from."\r\n".
 
'Reply-To: '.$email_from."\r\n" .
 
'X-Mailer: PHP/' . phpversion();
 
@mail($email_to, $email_subject, $email_message, $headers);  
 
?>
 
 
 
<!--  success html  -->
 
 
 
<div style="border:1px solid #F60;background-color:#FFC;text-alignment:justify;width:200px;height:200px;padding:40px;"><p>Thank you for contacting us. <br/>We will get in touch with you.<p><p><a href="http://skymo-digiworld.com/enquiry.php">Go Back</a></p></div>
 
 
 
<?php
 
}
 
?>
2

Hi there @skymodigiworld it doesn’t help that you don’t say on the form what a valid occupation or education is, or that message isn’t marked as a required field.

3

I don’t think it is possible to go one day without seeing a mail question.

1 Like
4

$last_name = $_POST['age'];
doesn’t seem to make a lot of sense!

1 Like
5

hey thanks for the help but i figured out my $value and name were different so i was getting the error

1 Like
6

yes that was the error and it just slipped through my eye

7

it makes as much sense as

$age = $_POST['age'];

since all it is doing is creating another way to access a tainted variable that contain anything at all.

The first version is probably more meaningful than the second when something other than a number is entered.

8

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.