Validate form before sending

kontakt70 · July 1, 2018, 8:23am

Hallo, i have problem with my form. Before sending, form is validating but despite the errors, mail is sending. I would like to send mail after correct validation. I have 3 rquired and 2 optional fields.

<?php

$errorMSG = "";

if (!isset($_POST["profil"])) {
    $errorMSG = "insert profile ";
} else { 
	$profil = implode($_POST['profil']);
}

if (empty($_POST["wiztype"])) {
    $errorMSG .= "insert wizi ";
} else { 
	$wiztype = implode(", " ,$_POST['wiztype']);
}

if (empty($_POST["scale"])) {
    $errorMSG .= "insert profile scale ";
} else { 
	$skala = ($_POST['scale']);
}


$plus = implode(", " ,$_POST['plus']);

$skad = ($_POST['skad']);
	
	
$body = "";

$body .=  "<div'><b>Profile:</b> " . $profil . "</div>";
$body .=  "<div'><b>Wiztype:</b> " . $wiztype . "</div>";
$body .=  "<div'><b>Scale:</b> " . $scalel . "</div>";

$body .=  "<div'><b>Plus:</b> " . $plus . "</div>";
$body .=  "<div'><b>skad:</b> " . $skadl . "</div>";


$to       = 'myemail@gmail.com';
$subject  = 'Contact form;
$message  =  $body;

$headers = "From: webmaster@example.com" . "\r\n";
$headers .= "Reply-To: " . "\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=UTF-8\r\n";

$success = mail($to, $subject, $message, $headers);

if ($success && $errorMSG == ""){
   echo "success";
} else{
   if($errorMSG == ""){
        echo "Something is wrong";
    } else {
        echo $errorMSG;
    }
}

?>

rpkamp · July 1, 2018, 9:02am

<?php

$errors = [];

if (!isset($_POST["profil"])) {
    $errors[] = "insert profile";
} else { 
    $profil = implode($_POST['profil']);
}

if (empty($_POST["wiztype"])) {
    $errors[] = "insert wizi";
} else { 
    $wiztype = implode(", " ,$_POST['wiztype']);
}

if (empty($_POST["scale"])) {
    $errors[] = "insert profile scale";
} else { 
    $skala = $_POST['scale'] ?? '';
}

if (count($errors)) {
    echo 'Please fix the following errors: '.implode(', ', $errors);
    exit;
}

$plus = implode(", " ,$_POST['plus'] ?? '');

$skad = $_POST['skad'];
	
	
$body = "";

$body .=  "<div'><b>Profile:</b> " . $profil . "</div>";
$body .=  "<div'><b>Wiztype:</b> " . $wiztype . "</div>";
$body .=  "<div'><b>Scale:</b> " . $scalel . "</div>";

$body .=  "<div'><b>Plus:</b> " . $plus . "</div>";
$body .=  "<div'><b>skad:</b> " . $skadl . "</div>";


$to       = 'myemail@gmail.com';
$subject  = 'Contact form;
$message  =  $body;

$headers = "From: webmaster@example.com" . "\r\n";
$headers .= "Reply-To: " . "\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=UTF-8\r\n";

$success = mail($to, $subject, $message, $headers);

echo $success ? "success" : "error sending email";

(assumes you’re using PHP7+)

kontakt70 · July 1, 2018, 9:34am

It works, thank You so much

benanamen · July 1, 2018, 4:22pm

Hold on fellas,

There is a missing a quote in the subject variable.

As is, the script will attempt to run as soon as it is called. Since the form is not posted I assume it is a separate page. Better to have a single page. Nevertheless, you should still check the REQUEST METHOD before the code runs.

if($_SERVER[‘REQUEST_METHOD’] == ‘POST’){
//Process Form
}

Next, all the implodes. Are those fields really arrays? If not, get rid of it.

Next, all the else’s and variables for nothing should go. You already have the POST variables, just use them, unless something is changed (i.e the implode is actually valid or some other transformation) The logic should be to just validate and populate the error array if there are any errors. No else’s.

The count in the errors check is not needed. This

if (count($errors)) {

Could simply be

if ($errors) {

The empty $body variable is completely pointless. And really, one $body is enough. You don’t need to break it into five.

There is also the issue of an Injection Attack which I wont get into except to say, NEVER trust user input.

The isset check here is incorrect. If the user is using your form and the field is written correctly, it will always be isset. You need to check if empty.

if (!isset($_POST[“profil”]))

As is, the form will validate if the user submits spaces. You need to trim the POST array before the empty checks which will also eliminate the need for the null coalesce operator (Double question marks ??)

system · September 30, 2018, 11:22pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Contact form PHP	2	238	July 14, 2010
Problem with sending of mail after form has been validated PHP	30	613	January 4, 2010
PHP Form Validation (newbie!) PHP	5	505	May 28, 2010
Help with PHP Form PHP	3	2673	October 8, 2014
PHP email question PHP	3	923	October 8, 2014

Validate form before sending

Related topics