PHP form sending blank emails every day

Hi all,
I am new to PHP and I have built one php form using php mailer. But everyday my mailbox is full with blank email from this form. Kindly help to solve it as i have been struggling for a long time to resolve this issue.

PHP CODE

<?php

if(isset($_REQUEST['submit'])){	   
$name=$_POST['name'];
$designation=$_POST['designation'];
$company=$_POST['company'];
$email=$_POST['email'];
$phone=$_POST['phone'];
$description=$_POST['description'];	
					
$to = "email@example.com";		
$multipleemail = array($to);
$msgSend = stripslashes(nl2br($message));			
require_once('class.phpmailer.php');
$noreply = "email@example.com";								
$mail = new PHPMailer(); // defaults to using php "mail()"								
//$body             = file_get_contents('contents.html');					
$mailbody =
     >     > "<table width='700px' cellpadding='2' border='1' cellspacing='0' cellspacing='0' style='font-size:14px; font-family:Helvetica, sans-serif; border:1px solid #526a6d;'>
    >     >  <tr><td align='left' colspan='2'style='padding-left:10px;font-size:14px; background:#526a6d; color:#ffffff; font-family:Helvetica, sans-serif; font-weight:bold; padding:5px'>Enquiry Details</td></tr>  
    >     >  <tr><td width='30%' align='left'  style='padding-left:10px'><b>Full Name:</b></td><td align='left'>$name </td></tr>
    >     >  <tr><td width='30%' align='left'  style='padding-left:10px'><b>Current Designation:</b></td><td align='left'>$designation </td></tr>
    >     >  <tr><td align='left' style='padding-left:10px'><b>Company:</b></td><td align='left'>$company </td></tr>
    >     >  <tr><td align='left' style='padding-left:10px'><b>Email:</b></td><td align='left'>$email </td></tr>
    >     >  <tr><td align='left' style='padding-left:10px'><b>Phone:</b></td><td align='left'> $phone</td></tr>
    >     >  <tr><td align='left' style='padding-left:10px'><b>Message:</b></td><td align='left'> $description</td></tr>				  			   
    >     >  </table>";									
$mail->SetFrom($noreply, "riviere")					
foreach($multipleemail as $val) {					
$mail->AddAddress($val, 'riviere');								
}								
$mail->Subject    = "Enquiry from website";
$mail->AltBody    = "Enquiry from website"; // Alt Body									
//$mail->MsgHTML($body);								
							
$mail->Body = $mailbody;
if (isset($_FILES['file_attach']) &&
$_FILES['file_attach']['error'] == UPLOAD_ERR_OK) {
$mail->AddAttachment($_FILES['file_attach']['tmp_name'],
 $_FILES['file_attach']['name']);
}
$mail->Send();
/********************************User Rply*****************************************/
$mail1 = new PHPMailer();
$multipleemail = array($email);																				
$mailbody = "<html><head><title>This is your HTML email!</title></head><body style='top left repeat-x; text-align:left;'><div style='background:#526a6d;width:700px; font-family:Georgia; font-size:14px; color:#fff; text-align:left; padding:30px;'>Dear ".$name.",Thanks for reaching out. I will get in touch with you shortly.</div></body></html>";					
$mail1->SetFrom($noreply, "riviere");								
foreach($multipleemail as $val) {
$mail1->AddAddress($val, 'riviere');								
}										
$mail1->Subject    = "Thank you for contacting me";							
$mail1->AltBody    = "Thank you for contacting me"; // Alt Body	
//$mail->MsgHTML($body);
$mail1->Body = $mailbody;
if(!$mail1->Send()) {
  echo "Mailer Error: " . $mail->ErrorInfo;
} else {
('location:thank-you.php');
}// End Php mailer
/*echo '<script language="javascript">';
echo 'window.location="contact.php?mess=successful"';
echo '</script>';*/
}?>
<?php include 'header.php';?>

HTML CODE

>  <form id="" action="" enctype="multipart/form-data" class="git_form get_in_touch_form form-horizontal" onSubmit="return validate()" method="POST">
> <input type="hidden" name="retURL" value="thank-you.php">

                   
      <div class="form-group">
       <input type="text" class="form-control form-effect" id="name" name="name" 
        pattern="[A-Za-z\\s]*"
        oninvalid="setCustomValidity('Please enter valid name')"
        onchange="try{setCustomValidity('')}catch(e){}"
       placeholder="Full Name" required>
      </div>
      <div class="form-group">
       <input type="text" class="form-control form-effect" id="designation" name="designation" placeholder="Current Designation">
     </div>
    <div class="form-group">
       <input type="text" class="form-control form-effect" id="company" name="company" placeholder="Company">
    </div>
    <div class="form-group">                                 
  	   <input type="email" class="form-control form-effect" id="email" name="email" pattern="[^ @]*@[^ @]*" placeholder="Email" required>
    </div>
    <div class="form-group">                                 
       <input type="text" class="form-control form-effect" id="phone" name="phone" placeholder="Telephone">
    </div>
    <div class="form-group">
      <textarea type="textarea" class="form-control form-effect" id="description" name="description"placeholder="Message"></textarea>
    </div>  
    <button type="submit" class="btn center-block" id="submit" name="submit" required>Send</button>
    </form>

Have you tried sending yourself a message? A blank email could be someone trying to break your script.

If you get blank emails when you send yourself a message it might be worth trying plain text messages first as they’re easier to follow.

It may be a good idea to validate the form data to make sure that everything has been filled in properly before the mail can be sent.

Thanks for your reply but i dont want all the fields mandatory.
when anyone fill up a form i get data in proper table format. as i want it.
otherwise everyday i get blank emails desired format but empty

no one has suggested that you do that.

Please checkout the below script -

<?php

/* These are the variable that tell the subject of the email and where the email will be sent.*/

$emailSubject = 'Customer Has a Question!';
$mailto = 'you@youremail.com';

/* These will gather what the user has typed into the fieled. */

$nameField = $_POST['name'];
$emailField = $_POST['email'];
$questionField = $_POST['question'];

/* This takes the information and lines it up the way you want it to be sent in the email. */

$body = <<<EOD
<br><hr><br>
Name: $name <br>
Email: $email <br>
Question: $question <br>
EOD;

$headers = "From: $email\r\n"; // This takes the email and displays it as who this email is from.
$headers .= "Content-type: text/html\r\n"; // This tells the server to turn the coding into the text.
$success = mail($mailto, $emailSubject, $body, $headers); // This tells the server what to send.

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Form Mailer</title>
</head>

<body>
<form id="form1" name="form1" method="post" action="form_mailer.php">
<table width="455" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td width="175" height="44" align="center"><label for"name">name</label></td>
    <td width="280"><input name="name" type="text" id="name" size="30" />
      </td>
  </tr>
  <tr>
    <td height="45" align="center"><label for="email">email</label></td>
    <td><input name="email" type="text" id="email" size="30" /></td>
  </tr>
  <tr>
    <td height="41" align="center"><label for="question">question</label></td>
    <td><textarea name="question" cols="30" rows="5" id="question"></textarea></td>
  </tr>
  <tr>
    <td height="38">&nbsp;</td>
    <td><label>
      <input type="submit" name="Submit" id="Submit" value="Submit" />
    </label></td>
  </tr>
</table>

</form>
</body>
</html>

those statements are unnecessary - copying values from one field to another achieves nothing unless you also validate or sanitise it at the same time (and then can tell by which name is referenced as to whether the field is definitely valid or has yet to be validated).

If you are not going to validate the inputs then it is better to use the $_POST values in the assignment to $body as then it is at least ovious that the fields can contain anything.

But you clearly want some to be mandatory, or else you would be happy to receive blank emails.
You don’t have to make them all mandatory, but as things stand there is no back-end validation, so you will continue to get blank forms.
Any front-end validation cannot be relied upon, as older browsers don’t recognise the required attribute or all input types. Java script may be disabled, and anything front-end can be manipulated, changed or bypassed by a malicious user.
Therefore any front-end validation should be backed up by back-end validation.

Looking at your input attributes, only “email” is required, which implies you are happy for the others to be left blank.
Luckily for you, php has a function to validate that for you, see filter_var and FILTER_VALIDATE_EMAIL as its filter type.

if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { $valerrors[] = "The Email address you supplied is invalid." ; }

If you want to check any of the text fields are blank, something like this would work

if(!str_ireplace(' ','',$name)) { $valerrors[] = "You did not fill in the name field." ; }

This will be true if the field is blank or contains nothing but spaces.
You can later check if the array $valerrors is set, if it is, send them back to the form and you may echo out the array as a list. If the array is not set, send the mail.
There may be other ways and other considerations like sanitisation, but it’s a simple method of ensuring that emails don’t get sent without input in the required fields.

So should i use POST instead of REQUEST??

thanks i will try this.

To test if the form has been submitted use:

if($_SERVER['REQUEST_METHOD'] == "POST")  

then validate all the inputs and copy the valid values to different names (but only if they are valid).

eg.

if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
   $email = $_POST['email'];
} else {
   // code for invalid email goes here
   $email = '';
}

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.