The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End Problem: Able to visit form action “form.php” directly — sending blank forms.

  • This topic is empty.
Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
  • #26960

    Hi guys. I’m not very literate in php, I only use it where I have to and sort of muck through it. I’ve created a form at this site (under the contact tab):

    The form submits fine — action=”form.php” — form.php is the same as contact.html the only difference is a bit of red text that let’s the person know the form was successfully submitted.

    My problem is this (and I’m sure it’s because I’m not good at php, so excuse me) people could, if they wanted to, go directly to form.php and in so doing submit a blank form to me.

    How do I prevent people from accessing form.php unless they’ve actually submitted a form?

    Thanks guys,
    Tanner Campbell


    Hey Tanner,

    Basically what you will want to do is check if the user has actually clicked the ‘Submit’ button, else redirect them to the contact form.

    Something like the following will suffice, placed as the first line on the PHP page:

    if (!isset($_POST)){
    header("Location: contact.html");

    First line after the opening or anything else to the page though, because otherwise the header redirect won’t work


    There is no need to add a hidden input field. You can just check if the ‘submit’ button has been set

Viewing 4 posts - 1 through 4 (of 4 total)
  • The forum ‘Back End’ is closed to new topics and replies.