@eric, I have the code in place, I'm simply missing something small, I believe. Can you offer a shorter solution than editing all the above code to match mine? Thank you very much sir!
Sorry bud. Php is not my strong suit. I can't just look at it and see the error. I'd have put it all together and test and stare at my desktop for many many minutes prob to fix. Someone else will swoop in and spot the error.
You can js will prevent the form from being submitted until all required fields have been filled out correctly. Once it passes the js then it submits and php reads it. The way I do it is to simply have my js validation mirror my php validation. If you have js in place only 2% will ever need to be validated by the php.
Okay, I will try this @eric, thank you. To be clear, will I still be using the PHP to send the form to the email address? This new line of JS will work hand in hand with the PHP, correct? My above PHP code does work, but it just won't make the fields REQUIRED. Will the above JS make the fields REQUIRED? Thank you sir!
Everything you said is spot on. Nothing will change with the way it currently works. But you will eventually want to get some php validation in there. Spambots could use your form for all kinds of spammy things.
But oh it works you just need that one thing? Someone will write hat for you in two secs
You need to consider that javascript is not secure. JavaScript validation is great for the user - to make their experience using your form happier - but it is not a replacement for server-side validation. JS can be turned off. JS can be manipulated. It is under the complete control of the user, and therefore, cannot be trusted.
Server-side validation is always necessary.
Also,
This new line of JS will work hand in hand with the PHP, correct?
Edit: I may have misunderstood your question, here. No, they don't work together (i.e., they don't interact), but you may have been asking if they would conflict with each other? If so, that's unlikely. /edit
No. Javascript and PHP cannot "work together." They don't run at the same time, or even on the same computer:
...PHP runs first, on your server. When it's done, it sends its output (typically HTML markup + JavaScript code) to the user's browser. Then it stops.
...JavaScript runs later, on the user's computer. It has no clue that PHP ever existed.
If you're still trying to figure this out, please point me to your code, and I'd be happy to help.
@traq, thank you very much for your detailed explanation. Please, remind me the best way to get all the code to you for examination? I believe you suggested GitHub?
(3) click on [Create Public Gist] and share the URL
I was only asking because your initial posts seem to have originally contained code, but do not now. Your original question seems to be missing as well - unless this thread is a continuation of your earlier CONTACT FORM not working ... please help!! thread? Either way, it would be good if you could explain again where you are with your problem.
BTW, your email is not "from" the user. It's "from" your website. Putting the user's email address here will get your email dropped or flagged as spam by some mail servers or clients.
The From email address should always belong to a domain that is allowed to send mail from your mail server (e.g., your domain). The easiest solution here is a no-reply address. For example, if my website was example.com, I'd use no-reply@example.com.
If you want to include the user's email in the headers, the Reply-to field is a good place for it.
What errors are you getting? If they're "undefined index" errors, it's not what I added - it's because you don't check if the form was submitted before trying to use it.
To explain, for example:
$name = trim(strip_tags($_POST['name']));
if the form was submitted, then $_POST['name'] will hold the value that the user entered. However, if the form was not submitted, then $_POST['name'] won't even exist, so you get an error.
I suspect you had the HTML form and the PHP processing script on separate pages before(?), so you wouldn't have noticed. It would have still been a problem, though (for example, if the user didn't fill out one of those fields).
Try a structure like this:
<?php
/* if $_POST['Submit'] is empty,
the form was not submitted. */
if( !empty( $_POST['Submit'] ) ){
/* form was submitted
validation code goes here */
/* don't forget to set $error
if something is invalid */
if( empty( $error ) ){
/* all fields valid
code to send email goes here */
}
/* here, you could put an else{} block
for error handling/messages */
}
Also, please note I only wrote a check for one field (as an example; you can check the other fields similarly)
You must do server side validation for true security. The folks above are helping on that. But if you're using HTML5, you can just also add the required attribute to your inputs
@bkbillma, I'm going to test the code that @traq submitted above tonight. @technosailor, I'm not sure if it's HTML5 or not. I posted the code above in a GIST link.
@traq, yes thank you, I currently have the form on one page, then people click 'SEND' and the .php is on another page. In your code above, all the html AND php go on the contact page? Correct? Thank you.
Guys, I appreciate all the help. But my rookie PHP skills aren't at this time adequate for me to understand an implement this solution. I will try it again later when I have more time to put into this. @traq, thank you sir very much for all your help. Perhaps in the future you will be able to assist in other problems I have. Thank you.
Okay, thank you @eric. With the above code, will I have to recreate my current forms or .PHP fields? I will follow through your above tutorial. Thank you again.
.
Here is the HTML:
Here is how I did it with js http://www.visibilityinherit.com/code/jquery-validation.php
Here is how I did it with php http://www.visibilityinherit.com/code/php-form-validation.php
Here is how @traq did it with php http://custom-anything.com/sand/contact_example.php
@eric, I have the code in place, I'm simply missing something small, I believe. Can you offer a shorter solution than editing all the above code to match mine? Thank you very much sir!
Sorry bud. Php is not my strong suit. I can't just look at it and see the error. I'd have put it all together and test and stare at my desktop for many many minutes prob to fix. Someone else will swoop in and spot the error.
@eric, or anyone ... If I'm using .PHP to submit a contact form, can I also use JS to validate the form?
You can js will prevent the form from being submitted until all required fields have been filled out correctly. Once it passes the js then it submits and php reads it. The way I do it is to simply have my js validation mirror my php validation. If you have js in place only 2% will ever need to be validated by the php.
The 2% that have js off
I'm in over my head with PHP and JS ... I had a friend write this contact submit form code, and am lost!
So if you just want to throw some simple js validation in there until you get the php working then use this - take you 2 seconds. http://www.visibilityinherit.com/code/js-form-validation.php
Okay, I will try this @eric, thank you. To be clear, will I still be using the PHP to send the form to the email address? This new line of JS will work hand in hand with the PHP, correct? My above PHP code does work, but it just won't make the fields REQUIRED. Will the above JS make the fields REQUIRED? Thank you sir!
Everything you said is spot on. Nothing will change with the way it currently works. But you will eventually want to get some php validation in there. Spambots could use your form for all kinds of spammy things.
But oh it works you just need that one thing? Someone will write hat for you in two secs
Okay, so then I'll please wait if someone else can offer a resolution! Thanks @eric. Anyone if you have way to add just this one tweak, PLEASE HELP!
@hendrix - I don't see any of your code?
However, I will say this:
You need to consider that javascript is not secure. JavaScript validation is great for the user - to make their experience using your form happier - but it is not a replacement for server-side validation. JS can be turned off. JS can be manipulated. It is under the complete control of the user, and therefore, cannot be trusted.
Server-side validation is always necessary.
Also,
Edit: I may have misunderstood your question, here. No, they don't work together (i.e., they don't interact), but you may have been asking if they would conflict with each other? If so, that's unlikely. /edit
No. Javascript and PHP cannot "work together." They don't run at the same time, or even on the same computer:
...PHP runs first, on your server. When it's done, it sends its output (typically HTML markup + JavaScript code) to the user's browser. Then it stops.
...JavaScript runs later, on the user's computer. It has no clue that PHP ever existed.
If you're still trying to figure this out, please point me to your code, and I'd be happy to help.
@traq, thank you very much for your detailed explanation. Please, remind me the best way to get all the code to you for examination? I believe you suggested GitHub?
I've suggested that before, yes -
(1) copy+paste your code to gist.github.com
(2) **** out any sensitive/secure info
(3) click on [Create Public Gist] and share the URL
I was only asking because your initial posts seem to have originally contained code, but do not now. Your original question seems to be missing as well - unless this thread is a continuation of your earlier CONTACT FORM not working ... please help!! thread? Either way, it would be good if you could explain again where you are with your problem.
@traq, thank you sir. Here's the link to the GIST with the PHP and HTML code: https://gist.github.com/4384872
https://gist.github.com/4385576
BTW, your email is not "from" the user. It's "from" your website. Putting the user's email address here will get your email dropped or flagged as spam by some mail servers or clients.
The
Fromemail address should always belong to a domain that is allowed to send mail from your mail server (e.g., your domain). The easiest solution here is a no-reply address. For example, if my website wasexample.com, I'd useno-reply@example.com.If you want to include the user's email in the headers, the
Reply-tofield is a good place for it.Here is a demo I just worked up with all of it in place. The js/php/captcha http://www.visibilityinherit.com/code/how-to-html-form-with-php-js-captcha-validation-demo.php
@Eric do not use ereg() - it's deprecated. Use preg_match() instead.
Why include the spam answer in your email?
@traq, I'll check everything once I get home. Thank you very much for taking the time to post sir.
@traq, I copied and pasted the code, but kept getting errors. I'll recheck in a bit when I can upload the code. Thank you for your help.
What errors are you getting? If they're "undefined index" errors, it's not what I added - it's because you don't check if the form was submitted before trying to use it.
To explain, for example:
if the form was submitted, then
$_POST['name']will hold the value that the user entered. However, if the form was not submitted, then$_POST['name']won't even exist, so you get an error.I suspect you had the HTML form and the PHP processing script on separate pages before(?), so you wouldn't have noticed. It would have still been a problem, though (for example, if the user didn't fill out one of those fields).
Try a structure like this:
Also, please note I only wrote a check for one field (as an example; you can check the other fields similarly)
You must do server side validation for true security. The folks above are helping on that. But if you're using HTML5, you can just also add the required attribute to your inputs
@traq ok I'll look into pregmatch. I like to see that the spam question was answered. If you or other don't then remove it.
Not sure where this stands currently. Just trying to catch up but it looks like it is close to complete.
@bkbillma, I'm going to test the code that @traq submitted above tonight. @technosailor, I'm not sure if it's HTML5 or not. I posted the code above in a GIST link.
@traq, yes currently the form HTML and the PHP are on separate pages.
it is not HTML5 but it doesn't really matter as the HTML5 form support is severely lacking right now
Okay very good, thank you @bkmillma. Yes I will move forward with the code @traq suggested this evening. I will post results. Thank you all.
@traq, yes thank you, I currently have the form on one page, then people click 'SEND' and the .php is on another page. In your code above, all the html AND php go on the contact page? Correct? Thank you.
I appreciate the guidance, I am an extreme novice with php.
Yes; though it's easier to write reusable code if it's in a separate file.
For what you're doing, it's not a critical issue. Do whatever makes most sense to you.
Guys, I appreciate all the help. But my rookie PHP skills aren't at this time adequate for me to understand an implement this solution. I will try it again later when I have more time to put into this. @traq, thank you sir very much for all your help. Perhaps in the future you will be able to assist in other problems I have. Thank you.
Here is the whole solution. Copy and paste http://www.visibilityinherit.com/code/how-to-html-form-with-php-js-captcha-validation.php
Okay, thank you @eric. With the above code, will I have to recreate my current forms or .PHP fields? I will follow through your above tutorial. Thank you again.
Rome wasn't built in a day