CODEWITHSUNDEEP
javascriptphpjqueryhtmlcss
MKDesigns
MKDesigns

Reputation: 55

PHP Contact form submits without needing all fields filled in

I have a PHP contact form which works even if the fields are not filled in. This hasn't been a problem until recently when I've started to get handfuls of blank emails every day.

How do enforce all fields to be filled out in the form before the submit button can be used?

Here is my PHP code below:

    <?php

header("Access-Control-Allow-Origin: *");

$EmailFrom = "myemail";
$EmailTo = "myemail";
$Subject = "subject goes here";
$Email = Trim(stripslashes($_POST['email'])); 
$Message = Trim(stripslashes($_POST['message'])); 

// validation
$validationOK=true;
if (!$validationOK) { 
    print "<meta http-equiv=\"refresh\" content=\"0;URL=error.htm\">";
    exit;
}

// prepare email body text
$Body .= "Email: ";
$Body .= $Email;
$Body .= "\n";
$Body .= "Message: ";
$Body .= $Message;
$Body .= "\n";

// send email  
$success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom" . "\r\n" );

// redirect to success page 
if ($success){
   print "<meta http-equiv=\"refresh\"   content=\"0;URL=contactthanks.php\">";
}
else{
   print "<meta http-equiv=\"refresh\" content=\"0;URL=error.htm\">";
}
?>

And here is my HTML markup:

                <!-- CONTACT FORM -->
                <div class="span9 contact_form">
                    <div id="note"></div>
                    <div id="fields">
                        <div id="post-ajax" style="display: none;"></div>
                        <form id="contact-form-face" class="clearfix" action="/php/contactengine.php">
                            <input type="text" name="email" value="Email" onFocus="if (this.value == 'Email') this.value = '';" onBlur="if (this.value == '') this.value = 'Email';" />
                            <textarea name="message" onFocus="if (this.value     == 'Message') this.value = '';" onBlur="if (this.value == '') this.value = 'Message';">Message</textarea>
                            <input class="contact_btn" name="submit" type="submit" value="Send Message" />
                        </form>
                    </div>
                </div>
                <!-- //CONTACT FORM -->

Upvotes: 2

Views: 69

Answers (2)

Masivuye Cokile
Masivuye Cokile

Reputation: 4772

Apart from adding the required attribute as indicated in the other answer(which can be by passed very easy through inspect element) you also need validation in the server side as well before processing.

You can create an array of the required fields then check, if those fields are set and not empty.

<?php

        $errors = ""; 
        $requiredFields = array("email","message"); // enter the name in the inputs, ie name="someInput"

        foreach($requiredFields as $fieldname){

            if(!isset($_POST[$fieldname]) && empty($_POST[$fieldname])){

                $errors++;

                echo "Enter all fields";

                //OR redirect to error page

            }
        }

        if($errors <=0){

            // Proccess the form

            $EmailFrom = "myemail";
            $EmailTo = "myemail";
            $Subject = "subject goes here";
            $Email = Trim(stripslashes($_POST['email'])); 
            $Message = Trim(stripslashes($_POST['message']));

            // prepare email body text
            $Body .= "Email: ";
            $Body .= $Email;
            $Body .= "\n";
            $Body .= "Message: ";
            $Body .= $Message;
            $Body .= "\n";

            // send email  
            $success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom" . "\r\n" );

            // redirect to success page 
            if ($success){

               header("location:contactthanks.php");
               exit();
            }
            else{
                header("location:error.htm")

                exit();
            }
        }
?>

Upvotes: 0

Raptor
Raptor

Reputation: 54268

I can't find your fields. But in general, HTML5 provides a very convenient way to make a form field required. To do so, you can add a required attribute in your form elements, such as:

<input type="text" name="txt_name" required />

Modern browsers will validate the fields during form submit. To support older browsers, you can use JS validation libraries for client-side validation and use PHP condition check, e.g. if(!empty($_POST['txt_name'])) for server-side validation.

Moreover, it is suggested not to use meta refresh tag for redirection; use header('Location: error.htm'); exit; for example, instead.

<!-- CONTACT FORM -->
<div class="span9 contact_form">
    <div id="note"></div>
    <div id="fields">
        <div id="post-ajax" style="display: none;"></div>
        <form id="contact-form-face" class="clearfix" action="/php/contactengine.php">
            <input type="text" name="email" value="Email" onFocus="if (this.value == 'Email') this.value = '';" onBlur="if (this.value == '') this.value = 'Email';" required />
            <textarea name="message" onFocus="if (this.value     == 'Message') this.value = '';" onBlur="if (this.value == '') this.value = 'Message';" required>Message</textarea>
            <input class="contact_btn" name="submit" type="submit" value="Send Message" />
        </form>
    </div>
</div>
<!-- //CONTACT FORM -->

Upvotes: 1

Related Questions