|
PHP - Adding A Little Spam Security To My Form
I have a simple contact form I did a while ago for a small company.
They emailed me saying they are getting bits of spam mail from the site occasionally and would like to get it stopped if possible. This is how my form looks: Code: [Select] <form method="post" action="mailer.php"> <div class="form_left"> <p>Name:<br> <input type="text" name="name" size="24" autofocus="true" placeholder="Type Here" required="true" /></p> </div> <div class="form_right"> <p>Email:<br> <input type="email" name="email" size="24" placeholder="Type Here" required="true" /></p> </div> <div class="form_left"> <p>Company Name:<br /> <input type="text" name="company" size="24" placeholder="Type Here" required="true" /></p> </div> <div class="form_right"> <p>Phone Number:<br /> <input type="text" name="phone" size="24" placeholder="Type Here" required="true" /></p> </div> <div class="form_left"> <p>Your Message:<br /> <textarea rows="6" name="message" cols="55" placeholder="Type Here" ></textarea></p> </div> <p class="submit"><input type="submit" value="Send Mail" name="submit" /></p> </form> Code: [Select] <?php if(isset($_POST['submit'])) { // $to = "mail@mydomain.com"; $to = "mail@mydomain.com"; $subject = "Web Enquiry"; $name = $_POST['name']; $email = $_POST['email']; $company = $_POST['company']; $phone = $_POST['phone']; $message = $_POST['message']; if (strlen(trim($message)) > 0) { $body = "From: $name \n\n Email: $email \n \n Company: $company \n\n Phone Number: $phone \n\n Message: $message"; if (mail($to, $subject, $body)) { echo "<h3>Thanks! Your email has been sent <br />We will answer your enquiry as soon as possible.</h3>"; } else { echo 'Cannot sent mail'; } } else { echo "<h3>Error! <br />Please ensure that all fields are filled out correctly in order to email us.</h3>"; } } ?> Any help or pointers as to how I could add in a little security would be appreciated. Similar TutorialsGuys: I'm implementing a form for user submission. At the end of the form, there is an image that displays some randomly generated code. The user will be required to enter the code shown on this image before he clicks the submit button. This is done to protect the form from spamming, automatic submission. After the submit button is clicked, I need to do this: if ($_POST['the code the user enters'] == the code on the image) { // proceed(); } Any idea on how to get the code displayed on the image ? Thanks. Hello there! I made a contact-form with PHP but the e-mails go directly into the spam folder. Then I ran a test on http://www.mail-tester.com and I got some errors. As you can tell, I am new to PHP and I don't know what to do. I appreciate any help! Errors: 1. HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag 2. MIME_HTML_ONLY Message only has text/html MIME parts 3. MISSING_DATE Missing Date: header 4. "Your message is not signed by DKIM" 5. "There is no SPF record. Please add (number).easyname.com to your DNS zone file."
Here is my PHP:
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$from = 'From: mywebsite.com';
$to = 'someone@something.net';
$subject = 'Subject-line';
$body = "From: $name\n E-Mail: $email\n Message:\n $message";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html\r\n";
$headers .= 'From: '. $email. "\r\n" .
$headers .= "Reply-To: ". $email. "\r\n";
$headers .= "X-Mailer: PHP/" . phpversion();
$message = nl2br($message);
$status = mail($to, $subject, $message, $headers);
if($status)
{
echo '<p>Your Message has been send!</p>';
} else {
echo '<p>Something went wrong. Please try again.</p>';
}
?>
Here is my HTML:
<div class="contact-form">
<form id="contact-form" method="post" action="contact-form-handler.php">
<input name="name" type="text" class="form-control" placeholder="Your Name" required>
<br>
<input name="email" type="email" class="form-control" placeholder="Your Email">
<br>
<textarea name="message" class="form-control" placeholder="Message" rows="40" required></textarea><br>
<input type="submit" class="form-control" value="SEND MESSAGE">
</form>
</div>
I tried many things but nothing really worked. Also, I am a noob at PHP so I am kind of lost. Thanks for your help!
Below is my contact from - and I have set anti spam question as I don't like captcha. How to I code the post/human bit so it is case insensitive?
<div class="one-half-column-right" id="contactform">
<form method="post" action="index.php#contactform">
<label>Name*</label>
<div class="clear"></div>
<input name="name" placeholder="Type Here">
<label>Email*</label>
<div class="clear"></div>
<input name="email" type="email" placeholder="Type Here">
<label>Message</label>
<textarea name="message" placeholder="Type Here"></textarea>
<label>*If today is Tuesday, what is tomorrow? <br> [lowercase answer please]<br> (Anti-spam)</label>
<input name="human" placeholder="Type Here">
<input id="submit" name="submit" type="submit" value="Submit">
</form>
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$from = 'From: Website Form';
$to = ‘name@name.com’;
$subject = 'website form enquiry';
$human = $_POST['human'];
$headers .= 'From: '.$from."\r\n".
'Reply-To: '.$from."\r\n" .
'X-Mailer: PHP/' . phpversion();
$body = "From: $name\n E-Mail: $email\n Message:\n $message";
if ($_POST['submit'] && $human == ‘wednesday’) {
if (mail ($to, $subject, $body, $from)) {
echo '<p style="font-family: Montserrat, Helvetica, Arial, sans-serif; font-weight: 600; text-align:center; font-size: 16px; color: #000; text-transform: uppercase; background-color: #FFD700">
Request has been sent. We will get back to within 48 hours!<br></p>';
} else {
echo '<p style="font-family: Montserrat, Helvetica, Arial, sans-serif; font-weight: 600; text-align:center; font-size: 16px; color: #000; text-transform: uppercase; background-color: #FFD700">
Something went wrong, go back and try again!</p>';
}
} else if ($_POST['submit'] && $human != '') {
echo '<p style="font-family: Montserrat, Helvetica, Arial, sans-serif; font-weight: 600; text-align:center; font-size: 16px; color: #000; text-transform: uppercase; background-color: #FFD700">
You answered the anti-spam question incorrectly!</p>';
}
?>
<!--// form //-->
Hey, Wondering if this would work, it is based on the idea that everyone who is a real visitor will be using a browser, is that correct? Do robots use browsers too? if so, it wont work! haha. <? $browser = mb_substr($_SERVER['HTTP_USER_AGENT'], 0, 31); if (!empty($browser)){echo '<form action="send.php" method="post">';} ?> Just thought it was nice and simple, and couldnt see anywhere if it would work or not... Hello, I have coded a contact form in PHP and I want to know, if according to you, it is secure! I am new in PHP, so I want some feedback from you. Moreover, I have also two problems based on the contact form. It is a bit complicated to explain, thus, I will break each of my problem one by one. FIRST:The first thing I want to know, is if my contact form secure according to you: The HTML with the PHP codes: Code: [Select] <?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { //Assigning variables to elements $first = htmlentities($_POST['first']); $last = htmlentities($_POST['last']); $sub = htmlentities($_POST['subject']); $email = htmlentities($_POST['email']); $web = htmlentities($_POST['website']); $heard = htmlentities($_POST['heard']); $comment = htmlentities($_POST['message']); $cap = htmlentities($_POST['captcha']); //Declaring the email address with body content $to = 'alithebestofall2010@gmail.com'; $body ="First name: '$first' \n\n Last name: '$last' \n\n Subject: '$sub' \n\n Email: '$email' \n\n Website: '$web' \n\n Heard from us: '$heard' \n\n Comments: '$comment'"; //Validate the forms if (empty($first) || empty($last) || empty($sub) || empty($email) || empty($comment) || empty($cap)) { echo '<p class="error">Required fields must be filled!</p>'; header ('refresh= 3; url= index.php'); return false; } elseif (filter_var($first, FILTER_VALIDATE_INT) || filter_var($last, FILTER_VALIDATE_INT)) { echo '<p class="error">You cannot enter a number as either the first or last name!</p>'; return false; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { echo '<p class="error">Incorrect email address!</p>'; return false; } elseif (!($cap === '12')){ echo '<p class="error">Invalid captcha, try again!</p>'; return false; } else { mail ($to, $sub, $body); echo '<p class="success">Thank you for contacting us!</p>'; } } ?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <p>Your first name: <span class="required">*</span></p> <p><input type="text" name="first" size="40" placeholder="Ex: Paul"/></p> <p>Your last name: <span class="required">*</span></p> <p><input type="text" name="last" size="40" placeholder="Ex: Smith"/></p> <p>Subject: <span class="required">*</span></p> <p><input type="text" name="subject" size="40" placeholder="Ex: Contact"/></p> <p>Your email address: <span class="required">*</span></p> <p><input type="text" name="email" size="40" placeholder="Ex: example@xxx.com"/></p> <p>Website:</p> <p><input type="text" name="website" size="40" placeholder="Ex: http//:google.com"/></p> <p>Where you have heard us?: <span class="required">*</span></p> <p><select name="heard"> <option>Internet</option> <option>Newspapers</option> <option>Friends or relatives</option> <option>Others</option> </select></p> <p>Your message: <span class="required">*</span></p> <p><textarea cols="75" rows="20" name="message"></textarea></p> <p>Are you human? Sum this please: 5 + 7 = ?: <span class="required">*</span></p></p> <p><input type="text" name="captcha" size="10"/></p> <p><input type="submit" name="submit" value="Send" class="button"/> <input type="reset" value="Reset" class="button"/></p> </form> SECOND PROBLEM:If a user has made a mistake, he gets the error message so that he can correct! However, when a mistake in the form occurs, all the data the user has entered are disappeared! I want the data to keep appearing so that the user does not start over again to fill the form. THIRD: When the erro message is displayed to notify the user that he made a mistake when submitting the form, the message is displaying on the top of the page. I want it to appear below each respective field. How to do that? In JQuery it is simple, but in PHP, I am confusing! Hi, I am having issues getting a simple contact form getting past the junk filter and into the inbox. Is there something wrong with my code? I have tried to set the email to 'not junk' in the 2 different email providers, but not change. Here is my code: Code: [Select] <?php $name = $_POST['name']; $email = $_POST['email']; $message = $_POST['message']; $from = 'From: Contact Form'; $to = 'my_email@gmail.com'; $subject = 'Hello'; $human = $_POST['human']; $body = "From: $name\n E-Mail: $email\n Message:\n $message"; $headers .= "Content-type: text/plain; charset=utf-8\n"; $headers .= "From: website user<someone_from@mysite.com> \n"; if ($_POST['submit']) { if ($name != '' && $email != '') { if ($human == '10') { if (mail ($to, $subject, $body, $from)) { echo '<p>Your message has been sent!</p>'; } else { echo '<p>Something went wrong, go back and try again!</p>'; } } else if ($_POST['submit'] && $human != '4') { echo '<p>You answered the anti-spam question incorrectly!</p>'; } } else { echo '<p>You need to fill in all required fields!!</p>'; } } ?> Code: [Select] <form method="post" action="mail_.php"> <label>Name</label> <input name="name" placeholder="Type Here"> <label>Email</label> <input name="email" type="email" placeholder="Type Here"> <label>Message</label> <textarea name="message" placeholder="Type Here"></textarea> <label>*What is 7+3? (Anti-spam)</label> <input name="human" placeholder="Type Here"> <input id="submit" name="submit" type="submit" value="Submit"> </form> Any help is greatly appreciated. Hi, I Have a form after successful submission a mail must be send to particular recipient and thank you mail is send to the person who filled the form ,The problem is i am receiving mails in spam whats the reason for going in spam I have kept Capture code also Can please let me know what to do i want to make a form that has a name, subject, email and comment input box... this is all done and working. the thing i am having trouble with is making the comment box not allow links in it. i thought it would be something like: if("comments" == "<a href=''></a>"){ echo "You have Entered the Wrong Information"; }else{ Insert Record Code.. } the "comments" name is the name of the comment text box. is this anywhere near what it should be ? I'm using the following to clean up input from my contact form, but I got header injection attacked anyway. What am I doing wrong? $trail_section_mile = strip_tags(stripslashes($trail_section_mile)) //this is repeated for several other fields, then: $email_message .= "Trail Section Mile Markers: ".clean_string($trail_section_mile)."\n"; //this is repeated for several other fields, then: /* see isInjected function below */ function clean_string($string) { $bad = array("content-type","bcc:","to:","cc:","href","/n",""); return str_replace($bad,"",$string); } // send the mail Hi all, I have heard stories that hackers/viruses or basically something that you don't want uploaded to a server through a website form have been able to type some sort of code in to a html form field to access information. I know how to control the length of fields, how to validate that an email address is in the correct format etc. - but when it comes to having a textfield for the user to add up to 2000 characters of their own words, how can I protect from malicious code being inserted? The textfield is located inside the user area but anyone can join, so anyone ultimately can enter code! Thanks for the help. Hi Guys I have built a simple form, which has text fields Name, Telephone Number, Best Time to Call and E-mail. For security purposes, I am testing each against the function shown below which looks for dangerous code snippets, in an effort to protect against email header injection attacks. When it comes to the E-mail field, I am not actually testing whether a valid e-mail address has been entered, as it is the telephone number which is essential, not the e-mail. My question is, do you think this is a security weakness? Many thanks Code: [Select] //http://www.tonyspencer.com/2005/12/15/email-injection-exploit-through-a-php-contact-form/ //preg_match string to match goes within forward slashes, i.e. /str/, and i at the end makes it case insensitive function containsInjectionAttempt($input) { if (preg_match("/\r/i", $input) || preg_match("/\n/i", $input) || preg_match("/%0a/i", $input) || preg_match("/%0d/i", $input) || preg_match("/Content-Type:/i", $input) || preg_match("/<script>/i", $input) || preg_match("/bcc:/i", $input) || preg_match("/to:/i", $input) || preg_match("/cc:/i", $input)) { return true; } else { return false; } } I know, csrf token is like a random string. Does every form need a csrf token? Does every form need to have a different csrf token or all forms have a same csrf token for one logged in user? When an user logged in, I set $_SESSION['key']=$useremail; is it ok to set email for a logged in session? Do I have to set or add another $_SESSION with csrf token? How does csrf token add security for form submission? After form submission, what would PHP do with the hidden input field or with the csrf token? Hi the user fill details and then the email his sent to me the only problem is that the emails keeps going to my spam, can someone help me out please I looked already php website and email format looks the same. This is the link to my form. http://www.people.eurico.co.uk/ here my form script Code: [Select] <?php // Set email variables $email_to = 'xxxxx@xxxxxxx.co.uk'; $email_subject = 'Call back form'; // Set required fields $required_fields = array('fullname','email','telephone','comment'); // set error messages $error_messages = array( 'fullname' => 'Please enter a Name to proceed.', 'email' => 'Please enter a valid Email.', 'telephone' => 'Please telephone.', 'comment' => 'Please enter your Message to continue.' ); // Set form status $form_complete = FALSE; // configure validation array $validation = array(); // check form submittal if(!empty($_POST)) { // Sanitise POST array foreach($_POST as $key => $value) $_POST[$key] = remove_email_injection(trim($value)); // Loop into required fields and make sure they match our needs foreach($required_fields as $field) { // the field has been submitted? if(!array_key_exists($field, $_POST)) array_push($validation, $field); // check there is information in the field? if($_POST[$field] == '') array_push($validation, $field); // validate the email address supplied if($field == 'email') if(!validate_email_address($_POST[$field])) array_push($validation, $field); } // basic validation result if(count($validation) == 0) { // Prepare our content string $email_content = 'peoplesmartlearning.co.uk: ' . "\n\n"; // simple email content foreach($_POST as $key => $value) { if($key != 'submit') $email_content .= $key . ': ' . $value . "\n"; } // if validation passed ok then send the email mail($email_to, $email_subject, $email_content); // Update form switch $form_complete = TRUE; } } function validate_email_address($email = FALSE) { return (preg_match('/^[^@\s]+@([-a-z0-9]+\.)+[a-z]{2,}$/i', $email))? TRUE : FALSE; } function remove_email_injection($field = FALSE) { return (str_ireplace(array("\r", "\n", "%0a", "%0d", "Content-Type:", "bcc:","to:","cc:"), '', $field)); } ?> The HTML Code: [Select] <div class="call_us_form"> <p class="title">WE'LL CALL YOU BACK</p> <?php if($form_complete === FALSE): ?> <form class="contact_form" id="fm-form" method="post" action="index.php" > <fieldset> <div class="fm-req"> <label for="fm-firstname">Name</label> <input type="text" id="fullname" class="detail" name="fullname" value="<?php echo isset($_POST['fullname'])? $_POST['fullname'] : ''; ?>" /> <?php if(in_array('fullname', $validation)): ?><script type="text/javascript">alert("Please enter a Name"); history.back();</script><?php endif; ?> </div> <div class="fm-req"> <label for="fm-firstname">Email</label> <input type="text" id="email" class="detail" name="email" value=" <?php echo isset($_POST['email'])? $_POST['email'] : ''; ?>" /> <?php if(in_array('email', $validation)): ?><script type="text/javascript">alert("Please enter a valid Email Address"); history.back();</script><?php endif; ?> </div> <div class="fm-req"> <label for="fm-firstname">Number</label> <input type="text" id="telephone" class="detail" name="telephone" value="<?php echo isset($_POST['telephone'])? $_POST['telephone'] : ''; ?>" /> <?php if(in_array('telephone', $validation)): ?><script type="text/javascript">alert("Please enter telephone number"); history.back();</script><?php endif; ?> </div> <div class="fm-req"> <label for="fm-lastname">Message</label> <textarea cols="40" rows="5" id="comment" name="comment" class="mess"><?php echo isset($_POST['comment'])? $_POST['comment'] : ''; ?></textarea> <?php if(in_array('comment', $validation)): ?><script type="text/javascript">alert("Please enter your message"); history.back();</script><?php endif; ?> </div> <input class="submit_button" type="submit" value="Call us" /> </fieldset> </form> <?php else: ?> <p>Thank you for your Message!</p> <p>We will get back to you as soon as we can</p> <script type="text/javascript"> setTimeout ('ourRedirect()', 5000) function ourRedirect () { location.href='index.php' } </script> <?php endif; ?> I read ages ago (and checked to see if it's true, it was and given how it works, it must still be) the end user can alter the value of any form field, using Firebug or similar, before submitting it. Two things I've figured out today: 1) a form input doesn't need a value - doesn't even need the attribute - if you're only checking whether the POST var isset and the actual value isn't important 2) Although it appears not to matter in the example I'm working on now, if the script doesn't check what the value is, and potentially sanitise it, the user could submit the form with any value, true, false, malicious, idk... So my question is: is this one of the ways malicious bad things can happen and do I *have to* specify a value, not because the script won't work without it, it does, but because in the real world it opens a security door if I don't check for malicious script by saying "if value not as expected, script has to die". Having formulated the question properly and thought about it I can't imagine simply making a form, without obvious connections to anything important, could be a problem in the way I'm asking about but I asked it now so Edited by appobs, 03 July 2014 - 12:08 PM. Hi People. I am having a problem with this form and for the life of me can't see where I have made the mistake. On line 33 I have commented where I get the problem. If I remove this line (or comment it out) and remove the insert statements for that line then it all works and I can see the php form on my live site. However, with this in, as it is, I can't see anything, I get a blank page altogether. Please, can anyone see my mistake? I have been going over the code now for ages and it's getting late, and I probably am missing something stupid. Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Untitled Document</title> </head> <body> <?php $host = 'localhost'; $usr = "vinny"; $password = 'thepassword'; $db_name = 'logbook'; $date = $_POST['date']; $type = $_POST['type']; $reg_01 = $_POST['reg_01']; $reg_02 = $_POST['reg_02']; $captain = $_POST['captain']; $passenger = $_POST['passenger']; $where_01 = $_POST['where_01']; $where_02 = $_POST['where_02']; $takeoff_hr = $_POST['takeoff_hr']; $takeoff_min = $_POST['takeoff_min']; $landing_hr = $_POST['landing_hr']; $landing_min = $_POST['landing_min']; $ws_captain_hrs = $_POST['ws_captain_hrs']; $ws_captain_min = $_POST['ws_captain_min']; $ws_student_hrs = $_POST['ws_student_hrs']; $ws_student_min = $_POST['ws_student_min']; $3_captain_hrs = $_POST['3_captain_hrs'];// I have a problem with this line or where it inserts this into the DB??? /*$3_captain_min = $_POST['3_captain_min']; $3_student_hrs = $_POST['3_student_hrs']; $3_student_min = $_POST['3_student_min']; */ $errorstring = ""; // default value of errorstring if(isset($_POST['save_flight'])) { // Validate all the code inputs that are required fields if ($date =="") $errorstring = $errorstring. "Date<br>"; if ($type =="") $errorstring = $errorstring. "Aircraft Type<br>"; if ($reg_01 =="") $errorstring = $errorstring. "Reg Prefix<br>"; if ($reg_02 =="") $errorstring = $errorstring. "Registration Mark<br>"; if ($captain =="") $errorstring = $errorstring. "Captain<br>"; if ($where_01 =="") $errorstring = $errorstring. "Flight From<br>"; if ($where_02 =="") $errorstring = $errorstring. "Flight To<br>"; if ($takeoff_hr =="") $errorstring = $errorstring. "Takeoff Hours<br>"; if ($takeoff_min =="") $errorstring = $errorstring. "Takeoff Minutes<br>"; if ($landing_hr =="") $errorstring = $errorstring. "Landing Hours<br>"; if ($landing_min =="") $errorstring = $errorstring. "Landing Minutes<br>"; // does the errorstring = "nothing"? if ($errorstring !="") echo "You have not put anything in the following fields: <br><br> $errorstring"; //echo "If you have nothing to put in the box please type the word \"None\" or \"N\/A\""; //die ("Please try again, ensuring that you fill out all the fields!"); else { //echo "Your data has been saved"; //connect to database mysql_connect ("$host","$usr","$password") or die ('Error During Connect:<br>'.mysql_error()); mysql_select_db ("$db_name") or die ('Error Selecting DB:<br>'.mysql_error()); $insert_query = "INSERT INTO pilots_logbook (date, type, reg_01, reg_02, captain, passenger, where_01, where_02, takeoff_hr, takeoff_min, landing_hr, landing_min, ws_captain_hrs, ws_captain_min, ws_student_hrs, ws_student_min, 3_captain_hrs) VALUES ('$date', '$type', '$reg_01', '$reg_02', '$captain', '$passenger', '$where_01', '$where_02', '$takeoff_hr', '$takeoff_min', '$landing_hr', '$landing_min', '$ws_captain_hrs', '$ws_captain_min', '$ws_student_hrs', '$ws_student_min', '$3_captain_hrs')"; $insert_action = mysql_query($insert_query) or die ('Error During Insert :<br>'.mysql_error().'<br><br>Error occured running the following code :<br>'.$insert_query); $id = mysql_insert_id(); echo "Thank you, Your logbook entry has been saved."; } } ?> <p>Use this form to add an entry to your logbook.</p> <form name = "form1" method ="post" action=""> <table width="650" border="1" cellspacing="0" cellpadding="5"> <tr> <td>Required *</td> <td> </td> <td>This Format Only</td> </tr> <tr> <td width="180">Date *</td> <td width="300"> <input type="text" name="date" id="date" size = "25"/> </label> <input type="submit" name="today" id="today" value="Add Today" /></td> <td width="170">YYYY-MM-DD</td> </tr> <tr> <td>Aircraft Type *</td> <td><input type="text" name="type" id="type" size = "40" /></td> <td>E.G. Quantum</td> </tr> <tr> <td>Reg Number *</td> <td><input type="text" name="reg_01" id="reg_01" size = "5" /> - <input type="text" name="reg_02" id="reg_02" size = "15"/></td> <td>G - ABCD</td> </tr> <tr> <td>Captain *</td> <td><input type="text" name="captain" id="captain" size = "40" /></td> <td>Name of Captain</td> </tr> <tr> <td>Passenger or Student</td> <td><input type="text" name="passenger" id="passenger" size = "40" /></td> <td>Were you? P or S</td> </tr> <tr> <td>Flight From *</td> <td><input type="text" name="where_01" id="where_01" size = "40" /></td> <td>Take off Airfield</td> </tr> <tr> <td>Flight To *</td> <td><input type="text" name="where_02" id="where_02" size = "40" /></td> <td>Landing Airfield</td> </tr> <tr> <td>Takeoff GMT *</td> <td><label>Hr <input type="text" name="takeoff_hr" id="takeoff_hr" size = "10" /> Min <input type="text" name="takeoff_min" id="takeoff_min" size="10"/> </label></td> <td>24 Hr Format Only</td> </tr> <tr> <td>Landing GMT *</td> <td><label>Hr <input type="text" name="landing_hr" id="landing_hr" size="10" /> Min <input type="text" name="landing_min" id="landing_min" size="10" /> </label></td> <td>24 Hr Format Only</td> </tr> <tr> <td>Captain Weighshift</td> <td><label>Hrs <input type="text" name="ws_captain_hrs" id="ws_captain_hrs" size = "10"/></label> <label>Min <input type="text" name="ws_captain_min" id="ws_captain_min" size = "10" /> <input type="submit" name="autofill_ws_captain" id="autofill_ws_captain" value="Auto Insert" /> </label></td> <td>Button works it out and inserts it here</td> </tr> <tr> <td>Student Weightshift</td> <td><label>Hrs <input type="text" name="ws_student_hrs" id="ws_student_hrs" size = "10"/></label> <label>Min <input type="text" name="ws_student_min" id="ws_student_min" size="10" /> <input type="submit" name="autofill_ws_student" id="autofill_ws_student" value="Auto Insert" /> </label></td> <td>Button works it out and inserts it here</td> </tr> <tr> <td>Captain 3 Axis</td> <td><label>Hrs <input type="text" name="3_captain_hrs" id="3_captain_hrs" size = "10"/> </label> <label>Min <input type="text" name="3_captain_min" id="3_captain_min" size = "10" /> <input type="submit" name="autofill_3_captain" id="autofill_3_captain" value="Auto Insert" /> </label></td> <td>Button works it out and inserts it here</td> </tr> <tr> <td>Student 3 Axis</td> <td><label>Hrs <input type="text" name="3_student_hrs" id="3_student_hrs" size = "10"/> </label> <label>Min <input type="text" name="3_student_min" id="3_student_min" size = "10" /> <input type="submit" name="autofill_3_student" id="autofill_3_student" value="Auto Insert" /> </label></td> <td>Button works it out and inserts it here</td> </tr> <tr> <td>Passenger Interest Only</td> <td>Hrs <input type="text" name="passenger_only_hrs" id="passenger_only_hrs" size="10"/> Min <input type="text" name="passenger_only_mins" id="passenger_only_mins" size="10"/> <input type="submit" name="passenger_button" id="passenger_button" value="Auto Insert" /></td> <td>Button works it out and inserts it here</td> </tr> <tr> <td>Remarks</td> <td><textarea name="remarks" id="remarks" cols="45" rows="5"></textarea></td> <td>Went to get microlight forum cup from XYZ airfield. Maximum 500 characters</td> </tr> <tr> <td><input type="submit" name="save_flight" id="save_flight" value="Save Flight" /></td> <td><input type="submit" name="reset" id="reset" value="Reset Form" /></td> <td> </td> </tr> </table> <p> </p> <p> </p> </body> </html> I have an email form that can have comma separated email addresses. I need to modify my code such that initially if the form does not contain any value, it should let me add email addresses to it. When I enter the web page next time it should display and let me edit the existing email addresses. Here is my code below. Right now it does not insert anything the first time. Code: [Select] <? error_reporting(E_ALL & ~E_NOTICE); $conn = mysql_connect('localhost','test','*****') or trigger_error("SQL", E_USER_ERROR); $db = mysql_select_db('test',$conn) or trigger_error("SQL", E_USER_ERROR); //$sql=mysql_query("SELECT * from new_database") or die(mysql_error()); $getemail=mysql_query("SELECT * from email") or die(mysql_error()); if(mysql_num_rows($getemail) > 0) { while($getemail_results=mysql_fetch_assoc($getemail)) { $getemailadd=$getemail_results['email']; } } else { $getemailadd=''; } if (!isset($_POST['submit'])) { ?> <b>ADDING A Email</b><br> <form action="<?php echo $PHP_SELF;?>" method="post"> Email:<br> <input type="text" size ="80" name="email" value="<?PHP if(isset($getemailadd)){ echo $getemailadd; } ?>" /><br> <input type="submit" name="submit" value="submit" /> </form> <? } else { // Get values from form $email=$_POST['email']; //$sql=mysql_query("INSERT into email(email)VALUES('$email')") or die (mysql_error()); $sql=mysql_query("UPDATE email SET email='$email'") or die (mysql_error()); header('Location: index.php'); } ?> Hi, I have this PHP code which displays a form input, but I cannot work out how to add this javascript to the text field. PHP: <?php $data = '<div class="ui-widget infoBoxContainerSearch">' . ' <div class="ui-widget-contentSearch infoBoxContentsSearch" style="text-align: center;">' . ' <div style="text-align: center;">' . tep_draw_form('quick_find', tep_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', 'NONSSL', false), 'get') . '' . ' ' . tep_draw_input_field('keywords', '') . ' ' . tep_draw_hidden_field('search_in_description', '1') . tep_hide_session_id() //. tep_image_submit('search_icon.png', MODULE_BOXES_SEARCH_BOX_TITLE) . '</div>' . ' </form>' . ' </div>' . '</div>'; echo $data; ?> JavaScript: value="Search" onfocus="this.value==this.defaultValue?this.value='':null" onblur="this.value==''?this.value=this.defaultValue:null;" Could anyone point me in the right direction? Thanks Hi, I would like to know if there's a way to quickly collect and sort form data, then use that data in an if statement. I've tried for a while now and i just can't seem to figure it out. I would like to do this with radio buttons. Hopefully this will make it clear: Code: Code: [Select] <?php if (isset($_POST['submit'])) { // I don't know how to do this but maybe something like // if $_POST values == "Yes" // put them into an array // then count how many are in the array, e.g. 2 if 2 "Yes" radio buttons are selected $count = count($array) . " Yes values selected"; echo $count; //else if do the same for "No" values // hopefully this is understandable } ?> <!-- i want to take these values and group them, so all the "Yes" values selected together and the "no" values together --> <form method="post" action=""> <input type="radio" name="first" value="Yes" /> <input type="radio" name="first" value="No" /> <input type="radio" name="second" value="Yes" /> <input type="radio" name="second" value="No" /> <input type="submit" name="submit"> </form> Hello: I have this form below that stores the data in a database, and sends an email to my client so he gets the information (And if there is a more proper way to code this, I am all ears): Code: [Select] <?php include('include/myConn.php'); ?> <html> ... <?php $error = NULL; $myDate = NULL; $ParentsName = NULL; $BestPhone = NULL; $Email = NULL; $StudentsName = NULL; $StudentsSchool = NULL; if(isset($_POST['submit'])) { $myDate = $_POST['myDate']; $ParentsName = $_POST['ParentsName']; $BestPhone = $_POST['BestPhone']; $Email = $_POST['Email']; $StudentsName = $_POST['StudentsName']; $StudentsSchool = $_POST['StudentsSchool']; if(empty($ParentsName)) { $error .= '<div style=\'margin-bottom: 6px;\'>- Enter the parent\'s name.</div>'; } if(empty($BestPhone)) { $error .= '<div style=\'margin-bottom: 6px;\'>- Enter the best phone number to reach you.</div>'; } if(empty($Email) || !preg_match('~^([0-9a-zA-Z]([-.\w]*[0-9a-zA-Z])*@([0-9a-zA-Z][-\w]*[0-9a-zA-Z]\.)+[a-zA-Z]{2,9})$~',$Email)) { $error .= '<div style=\'margin-bottom: 6px;\'>- Enter a valid email.</div>'; } if(empty($StudentsName)) { $error .= '<div style=\'margin-bottom: 6px;\'>- Enter the student\'s name.</div>'; } if(empty($StudentsSchool)) { $error .= '<div style=\'margin-bottom: 6px;\'>- Enter the student\'s school.</div>'; } if($error == NULL) { $sql = sprintf("INSERT INTO mySignUpData(myDate,ParentsName,BestPhone,Email,StudentsName,StudentsSchool) VALUES ('%s','%s','%s','%s','%s','%s')", mysql_real_escape_string($myDate), mysql_real_escape_string($ParentsName), mysql_real_escape_string($BestPhone), mysql_real_escape_string($Email), mysql_real_escape_string($StudentsName), mysql_real_escape_string($StudentsSchool); if(mysql_query($sql)) { $error .= '<div style=\'margin-bottom: 6px;\'>Thank you for using the sign-up sheet.</div>'; mail( "me@mywebsite.com", "Sign-up Sheet Request", "Date Sent: $myDate\n Parent's Name: $ParentsName Best Phone: $BestPhone Email: $Email Student's Name: $StudentsName Student's School: $StudentsSchool\n ", "From: $Email" ); unset($ParentsName); unset($BestPhone); unset($Email); unset($StudentsName); unset($StudentsSchool); } else { $error .= 'There was an error in our Database, please Try again!'; } } } ?> <form name="myform" action="" method="post"> <input type="hidden" name="myDate" size="45" maxlength="50" value="<?php echo date("F j, Y"); ?>" /> <div id="tableFormDiv2"> <fieldset> <hr /> </fieldset> <fieldset><span class="floatLeftFormWidth2"><span class="textErrorItalic">* - Required</span></span> <span class="floatFormLeft"> </span></fieldset> <?php echo '<span class="textError">' . $error . '</span>';?> <fieldset><span class="floatLeftFormWidth2"><span class="textErrorItalic">*</span> Parent's Name:</span> <span class="floatFormLeft"><input type="text" name="ParentsName" size="45" maxlength="50" value="<?php echo $ParentsName; ?>" /></span></fieldset> <fieldset><span class="floatLeftFormWidth2"><span class="textErrorItalic">*</span> Best Phone # To Reach You:</span> <span class="floatFormLeft"><input type="text" name="BestPhone" size="45" maxlength="50" value="<?php echo $BestPhone; ?>" /></span></fieldset> <fieldset><span class="floatLeftFormWidth2"><span class="textErrorItalic">*</span> Email:</span> <span class="floatFormLeft"><input type="text" name="Email" size="45" maxlength="50" value="<?php echo $Email; ?>" /></span></fieldset> <fieldset><span class="floatLeftFormWidth2"><span class="textErrorItalic">*</span> Student's Name:</span> <span class="floatFormLeft"><input type="text" name="StudentsName" size="45" maxlength="50" value="<?php echo $StudentsName; ?>" /></span></fieldset> <fieldset><span class="floatLeftFormWidth2"><span class="textErrorItalic">*</span> Student's School:</span> <span class="floatFormLeft"><input type="text" name="StudentsSchool" size="45" maxlength="50" value="<?php echo $StudentsSchool; ?>" /></span></fieldset> </div> <input type="submit" name="submit" value="Click here to submit your registration form" class="submitButton2" /><br /> </form> </html> I want to add a feature that will also send an autoresponder email with a message to the user who submitted the form. How can that be done? Do I need to somehow revise this section: Code: [Select] mail( "me@mywebsite.com", "Sign-up Sheet Request", "Date Sent: $myDate\n Parent's Name: $ParentsName Best Phone: $BestPhone Email: $Email Student's Name: $StudentsName Student's School: $StudentsSchool\n ", "From: $Email" Please let me know and thanks in advance. |
|||||||