Php form submitting blanks

Hello I have a form located at www.meadowlarkco.com/directdeposit.htm

I have set it so that the enter key is disabled and my fields mcnumber, phonenumber, and emailaddress are required but periodically am receiving blank forms as shown below

-----Original Message-----
From: xxxxxxxxxxx
Sent: Tuesday, November 22, 2011 7:43 PM
To: user
Subject: Direct Deposit Signup

Date: Nov 23 2011
hiddenField:
Carrier Name:
MC Number:
Address:
Phone Number:
Contact Name:
Remittance Preference:
Email Adress:
Fax Number:

Could someone take a look and see as to why we’re receiving blanks?

thanks

can you post the part of the PHP script that handles the sending of this email?

<?php
// validate each of the variables in the form
$carriername = $_POST[‘carriername’];
$hiddenField = $_POST[‘hiddenField’];
$address = $_POST[‘address’];
$phonenumber = $_POST[‘phonenumber’];
$emailaddress = $_POST[‘emailaddress’];
$contactname = $_POST[‘contactname’];
$faxnumber = $_POST[‘faxnumber’];
$contact = $_POST[‘contact’];
$address = $_POST[‘address’];
$mcnumber = $_POST[‘mcnumber’];
// add date the form was submitted
$date = gmdate(“M d Y”);

// Thank the user
print “<center><b><p>Thank you $custname we will get back to you shortly</p></b></center>”;
print “<center>$date</center>”;
// Send to specificed email address
$to ="rmcguire@meadowlarkco.com";
$subject = “Direct Deposit Signup”;
$body =" Date: $date
hiddenField: $hiddenField
Carrier Name: $carriername
MC Number: $mcnumber
Address: $address
Phone Number: $phonenumber
Contact Name: $contactname
Remittance Preference: $contact
Email Adress: $emailaddress
Fax Number: $faxnumber";
mail($to,$subject,$body);
?>

All you probably have to do is turn js off and hit “Submit”.

There appears to be no server-side validation either - which leaves you open to a variety of attacks.

could you direct me to how to setup the server-side validation?

could someone direct me as to what I need to do for my form located at www.meadowlarkco.com/directdeposit.htm, once submitted the data is directed to directdeposit.php.

Basically, how do I setup my php validation and do I do it within my directdeposit.php page?

thanks

Take this:

$emailaddress = $_POST[‘emailaddress’];

An email address must conform to a certain pattern of characters.

That can be checked by using a known regular expression (regex) or using PHPs Filter classes start with [a search or take a look at [URL=“http://php.net/manual/en/book.filter.php”]Filter](check email in php).

Im trying to add in validation for just the phonenumber and mcnumber fields. Also if I want to add in a reCAPTCHA do I do that directly within my page at www.meadowlarkco.com/directdeposit.htm....that form when submitted sends reads in the fields to www.meadowlarkco.com/directdeposit.php or within my directdeposit.php file

<?php
require_once(‘recaptchalib.php’);
$publickey = “mykey”;
echo recaptcha_get_html($publickey);
?>

is the reCAPTCHA script

I got the reCAPTCHA on there now, but how do I set up the validation for my mcnumber and phonenumber?

First off, define exactly what you will accept as mcnumber and phonenumber - what characters can be used in which patterns?

Bear in mind that you may well have to explain those rules on your GUI in order that your users have a fair chance of getting it right first time.