php联系表单验证(无效的电子邮件仍在发送)

【问题标题】:php contact form validation (invalid email still sending)php联系表单验证(无效的电子邮件仍在发送)
【发布时间】:2013-08-24 06:33:55
【问题描述】:

所以我正在整理一个表格,并建议我验证该表格。我找到了一个教程,但似乎仍然无法让 php 正常运行。

表单的html:

<div id="FGSform"> 
<form action="/working/wp-content/themes/NEW/mail.php" method="post" name="contactFGS"          id="contactFGS">
<ul>
<li>
    <label for="first-name">First Name</label>
<br>
    <input type="text" id="firstname" name="firstname" required aria-required="true">
</li>
<br>
<li>
    <label for="last-name">Last Name</label><br>
    <input type="text" id="lastname" name="lastname" required aria-required="true">
</li>
<br>
<li>
    <label for="email">Email</label>
<br>
    <input type="email" id="email" name="email" required aria-required="true">
</li>
<br>
<li>
  <label for="contact-reason" id="reason" name="reason">Reason for Contact</label>
      <select id="reason" name="reason" required>
      <option value="."></option>
      <option value="Print Services">Print Services</option>
      <option value="Design Services">Design Services</option>
      <option value="Employment">Employment</option>
      <option value="Questions">Questions</option>
      <option value="Other">Other</option>     
      </select> 
</li>
<br>
<li>
  <label for="comments">Comments</label>
<br>
    <textarea name="contactcomments" id="contactcomments" cols="40" rows="10" required></textarea>
</li> 
<br>
<li>
    <input type="radio" id="newsletter" name="newsletter">
    <label for="signmeup">Sign me up for newsletter, updates and other information about FGS</label>  
</li>
<br>
<li>
<input type="submit" value="Send" name="submit">
</li>

这里是php:

<?php
/*Validate and Sanitaize */

    if (isset($_POST['submit'])){

}

if ($_POST['firstname'] != "") {
    $_POST['firstname'] = filter_var($_POST['firstname'], FILTER_SANITIZE_STRING);
    if ($_POST['firstname'] == "") {
        $errors .= 'Please enter a valid name.<br/><br/>';
    }       
} else {
    $errors .= 'Please enter your name.</br>';
}   

if ($_POST['lastname'] != "") {
    $_POST['lastname'] = filter_var($_POST['lastname'], FILTER_SANITIZE_STRING);
    if ($_POST['lastname'] == "") {
        $errors .= 'Please enter a valid name.<br/><br/>';
    }       
} else {
    $errors .= 'Please enter your last name.</br>';
}

if ($_POST['emial'] != "") {
    $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
    if (!filter_var($email, FILTER_VALITDATE_EMAIL)) {
        $errors .="$email is <strong>NOT</strong> a valid email address.<br/<br/>";
    }
} else {
    $errors .= 'Please enter your email address.<br/>';
}

if (isset($_REQUEST['reason']) && $_REQUEST['reason'] =='.') {
    echo 'Please select a reason for contacting.<br/>';
}

if ($_POST['contactcomments'] != "") {  
    $_POST['contactcomments'] = filter_var($_POST['contactcomments'], FILTER_SANITIZE_STRING);
    if ($_POST['contactcomments'] == "") {
        $errors .='Please enter a message to send.<br/>';
    }
} else {
    $errors .='Please enter a message to send.<br/>';
}





 /* Email Variables */
 $emailSubject = 'Website Mail!'; 
$webMaster = 'email@here.com';



 /* Data Variables */
 $firstname = $_POST['firstname'];
 $lastname = $_POST['lastname'];
$email = $_POST['email'];
$reason = $_POST['reason'];
$contactcomments = $_POST['contactcomments'];
$newsletter = $_POST['newsletter'];





$body = <<<EOD
<br><hr><br>
Name: $firstname <br>
Last Name: $lastname <br>
Email: $email <br>
Reason: $reason <br>
Comments: $contactcomments <br>
Newsletter = $newsletter <br>
EOD;
$headers = "From: $email\r\n";
$headers .= "Content-type: text/html\r\n";
$success = mail($webMaster, $emailSubject, $body,
$headers);


/* Results rendered as HTML */
$theResults = <<<EOD
<html>
<head>
<title>sent message</title>
 <meta http-equiv="refresh" content="3;URL=http://mywebsite.com/working/?       page_id=8">
<style type="text/css">
<!--
body {
background-color: #fff; 
font-family: Arial, Helvetica, sans-serif;
font-size: 20px;
font-style: normal;
line-height: normal;
font-weight: normal;
color: #555555;
text-decoration: none;
padding-top: 200px;
margin-left: 150px;
width: 800px;
}
-->
</style>
</head>
<div align="center">Thank you! We will contact you back as soon as posible.</div>
</div>
</body>
</html>
EOD;
echo "$theResults";
?>

我遇到的问题是一个人可以提交无效的电子邮件,他们也可以选择无效的选择项。

我将表单的操作连接到 php 文件,但我不确定是否需要让每个表单元素调用 php 文件的特定 if/then 语句。

我是 php 新手,所以这已被证明是一个真正的挑战。

感谢所有提供帮助的人。

【问题讨论】:

  • if ($_POST['emial'] != "") {
  • 我在您的代码中看不到任何可以防止在出现错误时发送邮件的内容。它总是发送。看来发送邮件应该依赖$errors
  • @showdev OP 有(作为发布的代码)if ($_POST['emial'] != "") { 它应该读作if ($_POST['email'] != "") { 注意 "emial" 在 OP 的代码中拼写错误。
  • @Fred-ii- 是的,我看到了你的答案。我的评论与那个错字无关。
  • 在您的表单中取出 value="." in &lt;option value="."&gt;&lt;/option&gt; 然后将此 if (isset($_REQUEST['reason']) &amp;&amp; $_REQUEST['reason'] =='.') { 更改为 if (!isset($_REQUEST['reason'])) { 并且该选项将起作用(经过测试)

标签: php forms validation sanitization


【解决方案1】:

它应该是 FILTER_VALIDATE_EMAIL 而不是 FILTER_VALITDATE_EMAIL

【讨论】:

  • 很好,迪米特里。
  • (+1) 就我而言 ;-) 干杯
【解决方案2】:

你有几个选择。

在您的表格中取出value="." in &lt;option value="."&gt;&lt;/option&gt;

然后改变这个if (isset($_REQUEST['reason']) &amp;&amp; $_REQUEST['reason'] =='.') {

if (!isset($_REQUEST['reason'])) { 并且该选项将起作用(已测试)

请务必为if ($_POST['emial'] != "") { 进行更改

if ($_POST['email'] != "") {

连同Dimitri Mostrey's 回答。

你也可以试试你已经拥有的,但是像这样在末尾包含exit;,并在你的if isset中添加!

请注意添加的!,它不在您的处理程序中并且需要它。

否则,使用if (isset,你会告诉“如果它已设置”它不是。

if (!isset($_REQUEST['reason']) || $_REQUEST['reason'] =='.') {
    echo 'Please select a reason for contacting.<br/>';

exit;

电子邮件验证

在下面if (isset($_POST['submit'])){

添加$email = $_POST['email'];

然后改变:

if ($_POST['email'] != "") {


    $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $errors .="$email is <strong>NOT</strong> a valid email address.<br/<br/>";
    }
}


if(!filter_var($email, FILTER_VALIDATE_EMAIL))
  {
  echo "E-mail is not valid";

exit;

  }

这是一个完整的重写:

注意:最好将变量放在顶部,而不是再往下。

我在if (isset($_POST['submit'])){下面添加了$email = $_POST['email'];

<?php
/*Validate and Sanitize */

    if (isset($_POST['submit'])){

    $email = $_POST['email'];

}

$error = ""; // added by me

if ($_POST['firstname'] != "") {
    $_POST['firstname'] = filter_var($_POST['firstname'], FILTER_SANITIZE_STRING);
    if ($_POST['firstname'] == "") {
        $errors .= 'Please enter a valid name.<br/><br/>';
    }       
} else {
    $errors .= 'Please enter your name.</br>';
}   

if ($_POST['lastname'] != "") {
    $_POST['lastname'] = filter_var($_POST['lastname'], FILTER_SANITIZE_STRING);
    if ($_POST['lastname'] == "") {
        $errors .= 'Please enter a valid name.<br/><br/>';
    }       
} else {
    $errors .= 'Please enter your last name.</br>';
}


/*
if ($_POST['email'] != "") {


    $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $errors .="$email is <strong>NOT</strong> a valid email address.<br/<br/>";
    }
}
*/

if(!filter_var($email, FILTER_VALIDATE_EMAIL))
  {
  echo "E-mail is not valid";

exit;

  }

else {
    $errors .= 'Please enter your email address.<br/>';
}

if (!isset($_REQUEST['reason']) || $_REQUEST['reason'] =='.') {
    echo 'Please select a reason for contacting.<br/>';

exit;
}

if ($_POST['contactcomments'] != "") {  
    $_POST['contactcomments'] = filter_var($_POST['contactcomments'], FILTER_SANITIZE_STRING);
    if ($_POST['contactcomments'] == "") {
        $errors .='Please enter a message to send.<br/>';
    }
} else {
    $errors .='Please enter a message to send.<br/>';
}


 /* Email Variables */
 $emailSubject = 'Website Mail!'; 
$webMaster = 'kmurray@frgraphicsolutions.com';


 /* Data Variables */
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$reason = $_POST['reason'];
$contactcomments = $_POST['contactcomments'];
$newsletter = $_POST['newsletter'];


$body = <<<EOD
<br><hr><br>
Name: $firstname <br>
Last Name: $lastname <br>
Email: $email <br>
Reason: $reason <br>
Comments: $contactcomments <br>
Newsletter = $newsletter <br>
EOD;
$headers = "From: $email\r\n";
$headers .= "Content-type: text/html\r\n";
$success = mail($webMaster, $emailSubject, $body, $headers);

/* Results rendered as HTML */
$theResults = <<<EOD
<html>
<head>
<title>sent message</title>
<meta http-equiv="refresh" content="3;URL=http://frgraphicsolutions.com/working/?page_id=8">

<style type="text/css">
<!--
body {
background-color: #fff; 
font-family: Arial, Helvetica, sans-serif;
font-size: 20px;
font-style: normal;
line-height: normal;
font-weight: normal;
color: #555555;
text-decoration: none;
padding-top: 200px;
margin-left: 150px;
width: 800px;
}
-->
</style>
</head>
<div align="center">Thank you! We will contact you back as soon as possible.</div>
</div>
</body>
</html>
EOD;
echo "$theResults";
?>

【讨论】:

  • 非常感谢!糟糕的打字加上缺乏知识造成了可怕的混乱,但这解决了它。
  • @user2701059 不客气,很高兴它成功了。我认为这是一个可以接受的答案。干杯:)
  • @user2701059 我的朋友,就是我们所说的“经验”。每个人都是这样学习的,包括我自己。继续;-)
  • @user2701059 你确实欠我一个解释,为什么你不接受我的回答。毕竟我帮助了你。我不介意帮忙,我花在这上面的时间和你转身。这根本不对。
  • 对不起,当您将网站从搜索中删除时,我试图从谷歌搜索中删除此页面,这是正确的,我只需要删除该网站即可。这不是对你的某种人身攻击。
【解决方案3】:

在其他拼写错误和逻辑错误(参见 Fred -ii- 的答案和 cmets)中,您似乎发现了错误,但不要采取任何措施。

目前,在伪代码中:

Check for errors.
If there are any errors, add them to a message.

Regardless of the possible errors, send the email.

应该是这样的:

Check for errors.
If there are any errors, add them to a message.

Check to see if there is any error message(s)
If yes, complain loudly and exit
Otherwise, send the email.

发现错误只是成功的一半!那么你需要尽可能地纠正它们,或者如果你不能,则以其他方式处理它们!

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2019-09-04
    • 1970-01-01
    • 2016-09-21
    • 2018-01-26
    • 2019-01-30
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode