PHPMailer Form Sending with Empty Field Values

Question

This has been going on for a while now, and I just can't seem to understand why. I've built a form that sends with PHPMailer and for whatever reason we continually get emails from the form with all blank field values. This is happening on multiple forms on different websites, all with the same setup. So it is not limited to this specific form.

Blank form sends aside, the form does work properly when tested. If I fill it out and send a test, everything will come through fine. I'm not sure how these empty submissions are happening. The form has validation on most fields using javascript.

Here is my HTML code:

                    <div class="thank-you-message"></div>

                <form id="contactForm" class="form-horizontal" action="" method="post">


                    <!-- col 1 -->
                    <div class="form-l">

                    <div class="control-group">

                        <div class="controls">
                            <input type="text" name="first-name" id="first-name" class="validate[required,custom[onlyLetterSp],length[0,100]]" placeholder="first name" />
                        </div>

                    </div><!-- /.control-group -->

                    <div class="control-group">

                        <div class="controls">
                            <input type="text" name="last-name" id="last-name" class="validate[required,custom[onlyLetterSp],length[0,100]]" placeholder="last name" />
                        </div>

                    </div><!-- /.control-group -->

                    <div class="control-group">

                        <div class="controls">
                            <input type="text" name="email" id="email" class="validate[required,custom[email]]" placeholder="email address" />
                        </div>

                    </div><!-- /.control-group -->

                    <div class="control-group">

                        <div class="controls">
                            <input class="last" type="text" name="phone" id="phone" class="validate[required,custom[phone]]" placeholder="phone number" />
                        </div>

                    </div><!-- /.control-group -->

                    </div>
                    <!--../ col 1 -->
                    <!-- col 2 -->          
                    <div class="form-r">        

                    <div class="control-group">

                        <div class="controls">
                            <textarea rows="5" name="comments" id="comments" placeholder="message"></textarea>
                        </div>

                    </div><!-- /.control-group -->

                    <div class="control-group">

                        <div class="controls">
                            <button type="submit" class="submit"><span>send</span></button>
                        </div>

                    </div><!-- /.control-group -->
                    </div>
                    <!--../ col 1 -->

                </form>

And here is the phpMailer code

<?php

// REQUIRE PHPMAILER CLASS
// -----------------------------------------------------------------------------

require_once("PHPMailerAutoload.php");
$mail = new PHPMailer();


// SET POST VARIABLES
// -----------------------------------------------------------------------------

$visitorEmail=filter_var($_POST['email']);
$name=filter_var($_POST['first-name'].' '.$_POST['last-name']);
$phone=filter_var($_POST['phone']);
$comments=filter_var($_POST['comments']);



// TO ADMIN EMAIL
// -----------------------------------------------------------------------------

// Mail Headers
$mail->IsHTML(true); // Send as HTML

$mail->AddReplyTo($visitorEmail, $name);
$mail->From  = 'the@adminemail.com';
$mail->FromName = 'The Admin <the@adminemail.com>';
$mail->AddAddress("the@adminemail.com");

// Mail Subject
$mail->Subject  = "The Web Form";

// Mail Body
$mail->Body     = '<html><body>
                                    <img src="http://url.to/image.jpg" alt="Thank you for contacting us!" />
                                    <p>Someone has submitted your form.</p>
                                    <table rules="all" style="border-color: #666;" cellpadding="10">
                                    <tr style="background: #eee;"><td><strong>Sent From:</strong> </td><td>The Web Form</td></tr>
                                    <tr><td><strong>Name:</strong> </td><td>' .$name. '</td></tr>
                                    <tr><td><strong>Email:</strong> </td><td>' .$visitorEmail. '</td></tr>
                                    <tr><td><strong>Phone:</strong> </td><td>' .$phone. '</td></tr>
                                    <tr><td><strong>Comments:</strong> </td><td>' .$comments. '</td></tr>
                                    </table>
                                    </body></html>';

$mail->Send(); // Send mail to admin
$mail->ClearAddresses(); // Clear all addresses and attachments for next loop                           


// TO VISITOR EMAIL
// -----------------------------------------------------------------------------

// Mail Headers
$mail->IsHTML(true); // Send as HTML

$mail->From  = 'the@adminemail.com';
$mail->FromName = "The Admin <the@adminemail.com>";
$mail->AddAddress($visitorEmail);

// Mail Subject
$mail->Subject  = "Thank you for contacting us";

// Mail Body
$mail->Body     = '<html><body>
                                    <img src="http://url.to/image.jpg" alt="Thank you for contacting us!" />
                                    <p>Hello,</p> 
                                    <p>Thanks for contacting us. We have received your message and will get in touch with you shortly.</p> 
                                    <p>A copy of the information you provided us with has been posted below:</p>
                                    <table rules="all" style="border-color: #666;" cellpadding="10">
                                    <tr style="background: #eee;"><td><strong>Name:</strong> </td><td>' .$name. '</td></tr>
                                    <tr><td><strong>Email:</strong> </td><td>' .$visitorEmail. '</td></tr>
                                    <tr><td><strong>Phone:</strong> </td><td>' .$phone. '</td></tr>
                                    <tr><td><strong>Comments:</strong> </td><td>' .$comments. '</td></tr>
                                    </table>
                                    </body></html>';


// THANK YOU MESSAGE
// -----------------------------------------------------------------------------

if($visitorEmail == '') {
    // If email field is blank, and validation doesn't work
    echo '<h2>Error</h2><p>An error has occurred. Please reload the page and try again. Thanks!</p>';
} else {

    if(!$mail->Send()) {
        // If mail fails to send
        echo '<h2><strong>Message was not sent.</strong></h2>';
        echo '<p>Mailer error: ' . $mail->ErrorInfo . '</p>';
    } else {
        // Success
        echo '<h2>thanks for contacting us</h2> <p>We will get back to you as soon as possible.</p>
        <p>If you have any immediate questions please give us a call. </p>';
    }

}


?>

Answer 1

As stated in comments, it may very well be Spam bots, and also people visiting your site and simply not entering anything. This is known to happen.

Far as I can tell, you are only checking if if($visitorEmail == '') equals nothing.

It's best to use conditional statements for the form fields, along with using PHP's

• empty() and isset() functions.

I.e.: using || - OR operator (if one or the other is empty)

if(!empty($_POST['form_field']) || !empty($_POST['other_form_field']))

   { 

// we are good to go, fire up your PHP/mailing code

}

else { 

   // do something else 

}

or (using && - AND operator) - (if one is not empty AND is set)

if(!empty($_POST['form_field']) && isset($_POST['form_field']))

   { 

// we are good to go, fire up your PHP/mailing code

}

else { 

   // do something else 

}

---

• Applying this logic to your code will help you reduce if not eliminate empty fields.

---