Grow your CSS skills. Land your dream job.

Contact.php

  • # March 18, 2013 at 8:43 pm

    Hi,

    I am using a contact.php i downloaded for for my website and its all working fine but the only problem I’m having, is that every time my webpage gets reloaded or someone loads it, I get sent a blank email. Is there anything wrong with the .php? any help would be great I’m pretty new to all this. This is my .php

    < ?php
    $field_name = $_POST;
    $field_email = $_POST;
    $field_message = $_POST;

    $mail_to = ‘mail@markblackler.com’;
    $subject = ‘Message from a site visitor’.$field_name;

    $body_message = ‘From: ‘.$field_name.”n”;
    $body_message .= ‘E-mail: ‘.$field_email.”n”;
    $body_message .= ‘Message: ‘.$field_message.”n”;

    $headers = ‘From: ‘.$field_email.”rn”;
    $headers .= ‘Reply-To: ‘.$field_email.”rn”;

    $mail_status = mail($mail_to, $subject, $body_message, $headers);

    if ($mail_status) { ?>

    < ?php
    }
    else { ?>

    < ?php
    }
    ?>

    Thanks, Mark

    # March 18, 2013 at 9:28 pm

    Show us the HTML form that collects the data. You are most likely posting to the same page. It’s a good idea to have some kind of conditional that validates the data before posting.

    # March 18, 2013 at 9:28 pm

    From just this, there doesn’t seem to be any actionable item aka: a submit button. There’s also no validation on any of the fields, which is a big no no.

    The biggest problem lies in your $mail_status, currently it just checks if it exists / has a value which can include blank values.

    __
    # March 18, 2013 at 9:56 pm

    …use a token to make sure you don’t process the same form twice.

    (This *will* require you to generate the form itself via PHP, but that’s not a bad thing.)

    Say, for example, that your current form looks something like this:




    You’ll need to make a PHP page for that HTML form.

    < ?php
    // start a session
    session_start();

    // a “token” is just an arbitrary, unique identifier
    $token = md5( rand().$_SERVER );

    // save the token to your user session
    $_SESSION = $token;

    // add the token to a hidden form field
    ?>




    Then, on your contact.php script, check that the token exists and is valid:

    < ?php
    session_start();
    if(
    // if there’s a token in the session
    ! empty( $_SESSION )
    // AND a token in the form submission
    && ! empty( $_POST )
    // AND the tokens match
    && $_SESSION === $_POST
    ){
    // THEN, the form submission is legit.

    // first, DELETE the token from the session:
    unset( $_SESSION );
    // that way, if the user hits the [back] button,
    // the script will ignore the repeated submission
    // because there’s no matching token in the session.

    // next, proceed with processing the form submission
    // and sending the email as normal.
    }else{

    // if there’s no matching token,
    // the form submission is a duplicate
    // (or possibly from a really old visit, and the session has expired).
    // so, don’t process it or send any emails.

    // you might redirect to the contact form again,
    // or the homepage, or whatever you like.
    }

    *****
    **Edit**

    > there doesn’t seem to be any actionable item aka: a submit button.

    since the entire `

    ` is missing from the code sample, I’m assuming that it’s on another page and functioning properly. He mentioned that the problem occurred when someone *reloaded* the page (or, presumably, navigated to it via the [back] button or by accident). @markblackler, does the script email you successfully when you submit the form the first time?

    > The biggest problem lies in your $mail_status, currently it just checks if it exists / has a value which can include blank values.

    `$mail_status` comes from the call to `mail()`, which will always be either `true` or `false`. It should work as expected.

    # March 19, 2013 at 7:24 am

    Yes the script emails me successfully when you submit the form. This is the html code I am using:

    Your name

    Your e-mail

    Message



    I also tried using a token as you said, but the same problem occurred

    __
    # March 19, 2013 at 9:50 am

    Can you show me your current code (both scripts)?

    It may be easier to share the code on another site (I like making a [gist on github](http://gist.github.com)) – css-tricks isn’t great for sharing code :(

    # March 19, 2013 at 6:21 pm

    https://gist.github.com/anonymous/5200669

    There you go my friend.

    __
    # March 19, 2013 at 9:39 pm

    So, you didn’t try adding a token to the form yet?

    # March 19, 2013 at 9:44 pm

    i tired what you said, but what i did, didn’t resolve the problem, i might of done it wrong as i wasn’t to sure how to do it cause i have never used tokens before, i will give it another go and see what happens

    __
    # March 19, 2013 at 9:59 pm

    Why don’t you share your attempt?

    I’ll *help people* all day long, but I don’t just do “free work” :p

    *****
    **Edit**

    [have a look](https://gist.github.com/customanything/5201684). For explanations, see my comment above.

    # March 20, 2013 at 6:39 am

    yes! that worked I’m not getting spammed with emails now, thank you so much for your help, I really do appreciate it, what I was doing wrong, was, I tried to attach another .php file instead of changing my code in my html file, sounds pretty stupid when I’m typing it now.

    Thank you so much for your help and advice :)

    __
    # March 20, 2013 at 10:45 am

    No problem, glad I could help. : )

Viewing 12 posts - 1 through 12 (of 12 total)

You must be logged in to reply to this topic.

*May or may not contain any actual "CSS" or "Tricks".