Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End Contact.php

  • This topic is empty.
Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • #43485
    markblackler
    Member

    Hi,

    I am using a contact.php i downloaded for for my website and its all working fine but the only problem I’m having, is that every time my webpage gets reloaded or someone loads it, I get sent a blank email. Is there anything wrong with the .php? any help would be great I’m pretty new to all this. This is my .php

    $field_name = $_POST;
    $field_email = $_POST;
    $field_message = $_POST;

    $mail_to = ‘[email protected]’;
    $subject = ‘Message from a site visitor’.$field_name;

    $body_message = ‘From: ‘.$field_name.”n”;
    $body_message .= ‘E-mail: ‘.$field_email.”n”;
    $body_message .= ‘Message: ‘.$field_message.”n”;

    $headers = ‘From: ‘.$field_email.”rn”;
    $headers .= ‘Reply-To: ‘.$field_email.”rn”;

    $mail_status = mail($mail_to, $subject, $body_message, $headers);

    if ($mail_status) { ?>

    }
    else { ?>

    }
    ?>

    Thanks, Mark

    #128695
    Alen
    Participant

    Show us the HTML form that collects the data. You are most likely posting to the same page. It’s a good idea to have some kind of conditional that validates the data before posting.

    #128699
    __
    Participant

    …use a token to make sure you don’t process the same form twice.

    (This *will* require you to generate the form itself via PHP, but that’s not a bad thing.)

    Say, for example, that your current form looks something like this:




    You’ll need to make a PHP page for that HTML form.

    // start a session
    session_start();

    // a “token” is just an arbitrary, unique identifier
    $token = md5( rand().$_SERVER );

    // save the token to your user session
    $_SESSION = $token;

    // add the token to a hidden form field
    ?>




    Then, on your contact.php script, check that the token exists and is valid:

    session_start();
    if(
    // if there’s a token in the session
    ! empty( $_SESSION )
    // AND a token in the form submission
    && ! empty( $_POST )
    // AND the tokens match
    && $_SESSION === $_POST
    ){
    // THEN, the form submission is legit.

    // first, DELETE the token from the session:
    unset( $_SESSION );
    // that way, if the user hits the [back] button,
    // the script will ignore the repeated submission
    // because there’s no matching token in the session.

    // next, proceed with processing the form submission
    // and sending the email as normal.
    }else{

    // if there’s no matching token,
    // the form submission is a duplicate
    // (or possibly from a really old visit, and the session has expired).
    // so, don’t process it or send any emails.

    // you might redirect to the contact form again,
    // or the homepage, or whatever you like.
    }

    *****
    **Edit**

    > there doesn’t seem to be any actionable item aka: a submit button.

    since the entire `

    ` is missing from the code sample, I’m assuming that it’s on another page and functioning properly. He mentioned that the problem occurred when someone *reloaded* the page (or, presumably, navigated to it via the [back] button or by accident). @markblackler, does the script email you successfully when you submit the form the first time?

    > The biggest problem lies in your $mail_status, currently it just checks if it exists / has a value which can include blank values.

    `$mail_status` comes from the call to `mail()`, which will always be either `true` or `false`. It should work as expected.

    #128734
    markblackler
    Member

    Yes the script emails me successfully when you submit the form. This is the html code I am using:

    Your name

    Your e-mail

    Message



    I also tried using a token as you said, but the same problem occurred

    #128752
    __
    Participant

    Can you show me your current code (both scripts)?

    It may be easier to share the code on another site (I like making a [gist on github](http://gist.github.com)) – css-tricks isn’t great for sharing code :(

    #128860
    markblackler
    Member
    #128881
    __
    Participant

    So, you didn’t try adding a token to the form yet?

    #128882
    markblackler
    Member

    i tired what you said, but what i did, didn’t resolve the problem, i might of done it wrong as i wasn’t to sure how to do it cause i have never used tokens before, i will give it another go and see what happens

    #128883
    __
    Participant

    Why don’t you share your attempt?

    I’ll *help people* all day long, but I don’t just do “free work” :p

    *****
    **Edit**

    [have a look](https://gist.github.com/customanything/5201684). For explanations, see my comment above.

    #128893
    markblackler
    Member

    yes! that worked I’m not getting spammed with emails now, thank you so much for your help, I really do appreciate it, what I was doing wrong, was, I tried to attach another .php file instead of changing my code in my html file, sounds pretty stupid when I’m typing it now.

    Thank you so much for your help and advice :)

    #128964
    __
    Participant

    No problem, glad I could help. : )

Viewing 11 posts - 1 through 11 (of 11 total)
  • The forum ‘Back End’ is closed to new topics and replies.