TAFE STUDENT - PHP - Send mail - Verify feilds

[goldy30]

It's not something we've done yet, although we have done a bit of php. I put a basic sendmail.php but it doesnt stop users slapping the submit button which sends me a blank email.

I tried something like this but its giving me errors about '{' and other stuff.. I've changed it a few times but I'm not fully versed on php.

Any thoughts?

<?php
$first_name=$_REQUEST['first_name'];
$last_name=$_REQUEST['last_name'];
$email = $_REQUEST['email'] ;
$message = $_REQUEST['message'] ;

if (!isset($_REQUEST['email'])) {
header( "Location: http://www.housepainter.pcriot.com/contact.htm" ); // header is obviously a problem, yes??
}
elseif (empty($email) || empty($message)) {
header( "Location: http://www.example.com/contact_error.htm" ); //how do you redirect to a page?
}
else {
mail( "myname@example.com", "Contact Notification",
$message, "From: $email" );
}
?>
www.housepainter.pcriot.com

Thanks,
TAFE STUDENT
Edit:
it's obviously wrong but Im not sure?? I get this error:

Warning: Cannot modify header information - headers already sent by (output started at /home/goldy30/public_html/sendmail.php:8) in /home/goldy30/public_html/sendmail.php on line 29

 

[xmakina]

Go read up on PHP over a www.w3schools.com.

Also, I use <meta http-equiv="REFRESH" content="0;url=http://www.the-domain-you-want-to-redirect-to.com"> to redirect folks to pages.

 

[Nahid_hossain]

Is this your full script? Because header("Location: $url") never gives this kind of error if no html tag or contents generates b4 the header.

This means your script generates html contents before sending this header.

I've also tried this piece of code myself and it is working fine on my server.

 

[scorch94]

I guess header() is a problem.
Try this:
header("Location: blabla"); die();
I guess that should do it.

 

[freecrm]

This doesn't really control data entry very well.

I use javascript to check each form field. You can then validate field formats, nulls, comparisons etc etc. and even colour the fields when they are wrong/ correct...

I don't think this level of control is possible in php.

This is all provided the user permits JS!

 

[mattura]

Use javascript in the first instance, but also use the PHP to check, along the lines of:

$message=$_REQUEST['message'] ;
$err=false; //no error, yet
if ($message=="") {$err=true;} //blank message will create error
...
if (!$err) { //if no error
 //send the email
 ...
} else {
 //an error, dont send the email
 echo "Please fill in all fields!";
}

Obviously you can check other fields too, and clean the input to be safe, check for a valid email address etc.
But the above will stop a blank message from being sent.
To find an email validating expression, look up preg_match in php docs

 

[freecrm]

To find an email validating expression, look up preg_match in php docs

Ooooh... didn't know about this!

 

[mattura]

Hehe, your first dive into regular expressions? They are mighty confusing, I find myself having to re-learn something every time I want to use them!

I'd recommend preg_match and preg_replace over things like eregi. They tend to be more efficient and don't tend to have various security holes.

Everyone has their own idea about what a valid email should be, but here's a simple one:

$validemail="/^[a-z0-9._-]+@[a-z0-9_-]+\.[a-z0-9._-]+$/i";
if (preg_match($validemail,$_POST['email'])) {
 //email is valid
}

That is to say:
at least one number/letter/dot/underscore/hyphen, followed by the @ sign, followed by at least one number/letter/underscore/hyphen, followed by a dot, followed by at least one number/letter/underscore/hyphen/dot

So it's not perfect as "-@-.-" (for example) is valid, but you can never check everything...at least it's not too restrictive, so all valid emails should work.