Reputation: 23
empty $_POST in PHP mail()
Some help with the following would be greatly appreciated! I've been searching the web and stackoverflow for hours. There is this problem with my php mail function.
There's a form on my website (the site uses wordpress) with two text fields, name and phone number. There's also a hidden field in the form that displays the current url, so we can see on what page the form was filled in. This information is also stored in a php session.
<?php session_start();
$_SESSION['url'] = $_SERVER['REQUEST_URI'];
?>
<form name="callback" action="callme.php" method="post" onsubmit="return(validate());">
<label>Name:</label><input type="text" name="name" size=15 />
<label>Tel:</label><input class="sky" type="text" name="tel" size=15 />
<div id="afterfive"><p>Call after five<input type="checkbox" name="afterfive" value="Call back after five"></p></div>
<input type="hidden" name="url" value="<?php echo $_SESSION['url']; ?>">
<input type="submit" class="classname" value="Call me back!" title="Call me back!" />
</form>
<script>
function validate()
{
if( document.callme.name.value == "" )
{
alert( "Please fill in your name" );
document.callme.name.focus() ;
return false;
}
if( document.callme.tel.value == "" )
{
alert( "Please fill in your phone number" );
document.callme.tel.focus() ;
return false;
}
}
</script>
The following php code is callme.php:
<?php session_start();
$name = $_POST['name'];
$tel = $_POST['tel'];
$afterfive = $_POST['afterfive'];
$url = $_POST['url'];
$to = "[email protected]";
$subject = "Please call back $name";
$message .= "Hi, the following person would like to be called back: \n";
$message .= "Name: $name \n";
$message .= "Phonenumber: $tel \n";
$message .= "$afterfive \n";
$message .= "This message was send from this page: $url \n";
$headers = "From: [email protected]" . "\r\n";
$headers .= "BCC: [email protected]" . "\r\n";
if(mail($to, $subject, $message, $headers)){
$_SESSION['name'] = $_POST['name'];
$_SESSION['tel'] = $_POST['tel'];
header("Location: http://www.mywebsite.thankyou");
}
?>
After submitting the form, the visitor is redirected to our thankyou page and given the opportunity the fill in additional information using a second form. The information previously stored in the php session (form fields name, tel and url) are added in hidden form fields.
This all works fine most of the time, but sometimes we receive e-mails with all or some fields empty. Of course this could be users with javascript disabled or google bots that submit blank forms, but the weird thing is that sometimes even the url field is empty (the form is not visible on our homepage). Shouldn't $_SERVER['REQUEST_URI'] always still work?
I was thinking about adding php form validation, but I'm not sure this will solve the problem. Could this have something to do with the hyper cache plug-in for wordpress? Or could it be related to the php session?
Upvotes: 0
Views: 1716
Answers (2)
Reputation: 74217
"but sometimes we receive e-mails with all or some fields empty"
You should be using a server-side method instead of JS such as
if(empty($_POST['name'])){ die("You need to enter your name.");
(JS can always be disabled by the user, one probable cause for empty emails/fields)
and that will ensure that the fields you wish to be NOT empty, be filled. In conjunction with what Andrewsi mentioned, use if(isset($_POST['submit'])){ at the top of your handler, and name your submit button to name="submit" that way the callme.php if accessed directly, won't process the information without the submit button being clicked.
For example:
Note: There are many other ways to achieve this, but this is a basic yet effective method.
Naming your submit button such as:
<input type="submit" name="submit" value="Submit">
in your case, it would be:
<input type="submit" name="submit" class="classname" value="Call me back!" title="Call me back!" />
PHP handler
<?php
session_start();
if(isset($_POST['submit'])){
if(empty($_POST['name'])){ die("You need to enter your name."); }
if(empty($_POST['tel'])){ die("You need to enter your telephone number."); }
if(empty($_POST['afterfive'])){ die("You need to fill this field."); }
if(empty($_POST['url'])){ die("You need to fill this field."); }
$name = $_POST['name'];
$tel = $_POST['tel'];
$afterfive = $_POST['afterfive'];
$url = $_POST['url'];
$to = "[email protected]";
$subject = "Please call back $name";
$message .= "Hi, the following person would like to be called back: \n";
$message .= "Name: $name \n";
$message .= "Phonenumber: $tel \n";
$message .= "$afterfive \n";
$message .= "This message was send from this page: $url \n";
$headers = "From: [email protected]" . "\r\n";
$headers .= "BCC: [email protected]" . "\r\n";
if(mail($to, $subject, $message, $headers)){
$_SESSION['name'] = $_POST['name'];
$_SESSION['tel'] = $_POST['tel'];
header("Location: http://www.mywebsite.thankyou");
}
}
// You could use this at end also to show a message
// if callme.php is accessed directly.
// else {echo "You cannot do that from here.";exit;}
?>
Upvotes: 7
Reputation: 44831
Your javascript refers to document.callme, but there is nothing in your code with that name.
Upvotes: 1
Related Questions
- PHP form (using POST) doesn't submit or send email, just shows a blank page
- Mail with empty variables if using $_POST to check for button state
- $_POST sometimes empty when sending mail
- php form post is empty
- Blank mail PHP undefined index on $_POST
- $_post sending blank field data to .php file
- session_start() causing empty $_POST after form submission
- php form mail (post) still not working
- Email form yields empty $_POST upon submit
- form not posting to php mail