How to add form validation echo before result echo

Question

I have a form in php which works just fine, except that the user can see result without providing email and name fields. I want to add a php code that will echo to user that name and email is required before he gets to see the final answer. I have tried adding various if and else statements but the form stops working if i fiddle with the code. I would b really grateful for some help

<?php 
$name = $_POST['fieldname5_1'];
$email = $_POST['fieldname6_1'];
$score = $_POST['fieldname158_1'];
if(empty($name) || empty($email))
{
echo "You did not fill out the required fields.";

}
else {
if($score<"6") {
echo " something1 $score";
} elseif($score<"11") {
echo " something2 $score";
} elseif($score<"30") {
echo " something3 $score";
} elseif($score<"81") {
echo " something4 $score";
}  else {
echo " something5 $score";
}
}
$formcontent="something6 $score";
$recipient = "myemail@email.com, $email";
$subject = "Your test";
$mailheader = "From: myemail@email.com \r\n";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");

?>

Answer 1

You have broken the logic of if else, I suggest you to perform some checks at startup with isset (empty is not enought, it doesn't exclude the case of vars isset) and if not set then print a message using exit() to ensure that the full code is not being executed... now sanitize your input using htmlentities with UTF-8 that protect your code from XSS and Injection... then add the mail headers to ensure that your mail will be sent... checking with boolean if your mail is sent or not... add the 5th parameter (-f) to your mail to ensure your mail will be forced sent correctly... below you can see my fixes...

<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" method="post">
Name: <input type="text" name="fieldname5_1"><br/>
Mail: <input type="text" name="fieldname6_1"><br/>
Score: <input type="number" name="fieldname158_1"><br/>
<input type="submit" value="Send">
</form>
<?php
if ((!isset($_POST['fieldname5_1']) || (empty($_POST['fieldname5_1']))) || (!isset($_POST['fieldname6_1']) || (empty($_POST['fieldname6_1'])))) {
  exit("Enter a valid name and mail!");
} elseif (!preg_match('/^[a-zA-Z0-9]+([_\\.-][a-zA-Z0-9]+)*'.'@([a-zA-Z0-9]+([\.-][a-zA-Z0-9]+))+$/', $_POST['fieldname6_1'])) {
  exit("Provide a valid email address!");
} else {
  $name = htmlentities($_POST['fieldname5_1'], ENT_QUOTES, 'UTF-8');
  $email = htmlentities($_POST['fieldname6_1'], ENT_QUOTES, 'UTF-8');
}
if ((!isset($_POST['fieldname158_1']) || (empty($_POST['fieldname158_1'])))) {
  exit("Please enter your vote!");
} else {
  $score = htmlentities($_POST['fieldname158_1'], ENT_QUOTES, 'UTF-8');
}
if ((isset($score)) && ($score < 6)) {
  echo " something1 $score";
} elseif ((isset($score)) && ($score < 11)) {
  echo " something2 $score";
} elseif ((isset($score)) && ($score < 30)) {
  echo " something3 $score";
} elseif ((isset($score)) && ($score < 81)) {
  echo " something4 $score";
} elseif (isset($score)) {
  echo " something5 $score";
}
$formcontent = "something6 $score";
$recipient = "myemail@email.com, $email";
$subject = "Your test";
$mailheader = "From: myemail@email.com" . PHP_EOL;
$mailheader .= "MIME-Version: 1.0" . PHP_EOL;
$mailheader .= "Content-Type: text/plain; Charset=\"UTF-8\"" . PHP_EOL;
$mailheader .= "Content-Transfer-Encoding: 8bit" . PHP_EOL . PHP_EOL;
if (!@mail($recipient, $ubject, $formcontent, $mailheader, "-f$recipient")) {
  echo("Mail Sent!");
} else {
  echo("Mail Not Sent!");
}
?>

Sorry but I can't understand what you're actually trying to get out of your code. I interpreted your desires but I don't know if that's what you asked for because reading your code everything is approximate. I hope I satisfied you.

Hope this helps.

Answer 2

if this html form u can add "required" to input? or in js if form submited check fields , if all ok, your POST will go to php action/method