stackoom
  简体   繁体   中英

PHP Contact Form - How to check server side validation

 原文  2015-04-04 08:50:20       php/ validation/ contact-form

Question

I'm learning about contact forms in PHP and am trying to check my server side validation that I moved into another php file.

Using the validation in the same file as the form works fine, but I'd like to separate the PHP validation logic into it's own file and call it from the form.

eg, 

<form action="validate.php">

When moving the server side validation logic into it's own file, and I submit an empty form, I get the redirect to validate2.php with no errors and a blank page.

Is there something I'm missing to get this to work? I've tried turning off HTML5 validation using novalidate in the form to check for the server validations.

How can I fix this?

Form 

<h1>Contact Form</h1>
    <?php echo $result; ?>

    <form action="validate.php" method="POST" novalidate>
        <div class="form-group">
            <label for="name">Name:</label>
            <input type="text" class="form-control" name="name" required>
        </div>

        <div class="form-group">
            <label for="email">Email:</label>
            <input type="email" class="form-control" name="email" required>
        </div>

        <div class="form-group">
            <label for="comment">Comment:</label>
            <textarea class="form-control" name="comment" required></textarea>
         </div>

         <input type="submit" name="submit" class="btn btn-success btn-lg" value="Submit">
     </form>

Validation 

<?php

$error = null;

if ($_POST["submit"]) {
$result = 'Form submitted';
if (!$_POST['name']) {
    $error = "<br />Please enter your name";
}

if (!$_POST['email']) {
    $error .= "<br />Please enter your email address";
}

if (!$_POST['comment']) {
    $error .= "<br />Please enter a comment";
}

if ($_POST['email']!="" AND !filter_var($_POST['email'],
        FILTER_VALIDATE_EMAIL)) {
    $error .= "<br />Please enter a valid email address";
}

if ($error) {
    $result = '<div class="alert alert-danger"><strong>There were error(s) in your form:</strong>'.$error.'</div>';
} else {
    if (mail("example@gmail.com", "Comment from website!", "Name: ". $_POST['name']." Email: ".$_POST['email']." Comment: ".$_POST['comment'])) {
        $result = '<div class="alert alert-success"><strong>Thank you!</strong> I\'ll be in touch.</div>';
    } else {
        $result = '<div class="alert alert-danger">Sorry, there was an error sending your message. Please try again later.</div>';
    }
}
header('Location: contact_form.php');
}

2 answers

solution1
 2  2015-04-04 09:16:28

    if (isset($_POST["submit"]))
     {
    if (isset($_POST['name']) && $_POST['name']=="") {
         $error = "<br />Please enter your name";
    }

    if (isset($_POST['email'])&& $_POST['email']=="") {
         $error .= "<br />Please enter your email address";
    }

    if (isset($_POST['comment'])&& $_POST['comment']=="") {
         $error .= "<br />Please enter a comment";
    }

    if (!empty($_POST['email']) AND !filter_var($_POST['email'],FILTER_VALIDATE_EMAIL)) {
        $error .= "<br />Please enter a valid email address";
    }
if ($error) {
    $result = '<div class="alert alert-danger"><strong>There were error(s) in your form:</strong>'.$error.'</div>';
?>
<script>
window.location.href='';
</script>
<?php }else{}?>

use like this

solution2
 0 ACCPTED  2015-04-04 09:48:03

Before redirecting assign message in session like below 

<?php
    session_start();


    $error = null;

    if ($_POST["submit"]) {
    $result = 'Form submitted';
    if (!$_POST['name']) {
        $error = "<br />Please enter your name";
    }

    if (!$_POST['email']) {
        $error .= "<br />Please enter your email address";
    }

    if (!$_POST['comment']) {
        $error .= "<br />Please enter a comment";
    }

    if ($_POST['email']!="" AND !filter_var($_POST['email'],
            FILTER_VALIDATE_EMAIL)) {
        $error .= "<br />Please enter a valid email address";
    }

    if ($error) {
        $result = '<div class="alert alert-danger"><strong>There were error(s) in your form:</strong>'.$error.'</div>';
    } else {
        if (mail("example@gmail.com", "Comment from website!", "Name: ". $_POST['name']." Email: ".$_POST['email']." Comment: ".$_POST['comment'])) {
            $result = '<div class="alert alert-success"><strong>Thank you!</strong> I\'ll be in touch.</div>';
        } else {
            $result = '<div class="alert alert-danger">Sorry, there was an error sending your message. Please try again later.</div>';
        }
    }

    if(isset($result) && !empty($result)) {
          $_SESSION['error'] = $result;
    }

   header('Location:contact_form.php');
   exit;
   } 
    ?>

In contact_form.php 

<?php
    session_start();

    if(isset($_SESSION['error']) && !empty($_SESSION['error'])) {
        print_r($_SESSION['error'])
    }
?>

At the bottom of the contact_form page 

<?php
    if(isset($_SESSION['error']) && !empty($_SESSION['error'])) {
        unset($_SESSION['error']);
    }

?>

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Server Side Validation with Flamingo and Contact Form 7 PHP Contact Form - Validation and PHP contact form validation Contact form validation in php PHP Contact form Validation? Contact form is not working (Php side) PHP/JS Contact Form - Validation Php contact form with validation not working How vulnerable is this server side form validation? Server side validation php
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM