Skip navigation
Currently Being Moderated

Some help with PHP and forms!

May 21, 2013 3:16 AM

Tags: #php #dreamweaver_cs5

Hi there,

 

I have built a basic form in Dreamweaver (full code below) and i need the form details (once filled out) to be sent to a specified email address, the host server i use is 000webhost and they support PHP so no problems there. But, i am having majour problems writing the code as i don't have much knowledge of PHP, only HTML and CSS.

I've looked online and have found some generic PHP form code but none of them work (even after making the relevant changes). I did notice that all the 'borrowed' PHP scripts were working fine with a form that was written in HTML as opposed to one built in Dreamweaver.

Can anyone give me an insight to writing the correct code, the code i have tried so far is:

 

<?php

   $name = $_REQUEST['name'];

  $email = $_REQUEST['email'] ;

  $message = $_REQUEST['message'] ;

 

  mail( "yourname@example.com", "Feedback Form Results",

    $message, "From: $email" );

  header( "Location: http://www.example.com/thankyou.html" );

?>

 

But it does nothing. Also could someone explain the Name and ID pop up that comes up when creating a form in Dreaweaver, is it essential to fill out both fields?

 

Many thanks and my HTML form code is below!

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

</head>

 

 

<body>

<form id="form1" name="form1" method="post" action="">

  <p>

    <label for="Name">Name</label>

  </p>

  <p>

    <input type="text" name="Name" id="Name" />

  </p>

  <p>

    <label for="Email">Email</label>

  </p>

  <p>

    <input type="text" name="Email" id="Email" />

  </p>

  <p>

    <label for="Message">Message</label>

  </p>

  <p>

    <textarea name="Message" id="Message" cols="45" rows="5"></textarea>

  </p>

  <p>

    <input type="submit" name="Sumbit" id="Sumbit" value="Submit" />

  </p>

</form>

</body>

</html>

 
Replies
  • Currently Being Moderated
    May 21, 2013 4:08 AM   in reply to vikki1987

    Try this -

     

    <?php

       if(array_key_exists('Submit',$_POST) {

      $name = $_REQUEST['Name'];

      $email = $_REQUEST['Email'] ;

      $message = $_REQUEST['Message'] ;

     

      mail( "yourname@example.com", "Feedback Form Results",

        $message, "From: $email" );

      header( "Location: http://www.example.com/thankyou.html" );

    }

    ?>

     

    But be aware that this form is subject to email injection. It's best to sanitize the email address before using it in one of the mail headers, e.g.

     

    $email = filter_var($email, FILTER_SANITIZE_EMAIL); // goes after the $email definition above and before the $message definition

     
    |
    Mark as:
  • Currently Being Moderated
    May 21, 2013 4:13 AM   in reply to vikki1987

    ...also the action attribute for your <form> is empty. You would set it to point to your PHP code.

     

    --

    Kenneth Kawamoto

    http://www.materiaprima.co.uk/

     
    |
    Mark as:
  • Currently Being Moderated
    May 21, 2013 4:55 AM   in reply to vikki1987

    But the problem is not the empty action attribute, it's the fact that your field identification is not properly cased. By this I mean that you have named a field "Email" but you reference it with "email".

     
    |
    Mark as:
  • Currently Being Moderated
    May 21, 2013 5:39 AM   in reply to vikki1987

    Did you apply the filter on the email address?

     
    |
    Mark as:
  • Currently Being Moderated
    May 21, 2013 6:02 AM   in reply to vikki1987

    I showed you in my suggestion -

     

    But be aware that this form is subject to email injection. It's best to sanitize the email address before using it in one of the mail headers, e.g.

     

    $email = filter_var($email, FILTER_SANITIZE_EMAIL); // goes after the $email definition above and before the $message definition

     
    |
    Mark as:
  • Currently Being Moderated
    May 21, 2013 6:25 AM   in reply to vikki1987

    It sanitizes the email address before you put it into your mail() header, a la mail(to, subject, message, HEADERS). By "sanitize" I mean that it removes any embedded javascript in that email address that could allow an unscrupulous individual to hijack your email server, thereby sending out oodles of spam emails without your knowledge or permission. In other words, it prevents 'email injection' attacks.

     
    |
    Mark as:

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points