Skip to main content
March 14, 2017
Answered

PHP form

  • March 14, 2017
  • 3 replies
  • 1764 views

Hi every nice being of the Adobe forum,

I have created a mail form consisting of both the HTML form and the PHP-script.

Because it will be used for serious businesses, I would appreciate it if you could: 1: Confirm that it works properly (and is most reliable); 2: Give suggestions on improvements, faults, etc ...

I encourage you to copy and test the code yourself!

Initial remarks:

  • The captcha box used is the "Google reCAPTCHA v2.0" and the POST method in PHP is used to verify the user's response.
  • The x's represent personal information. (the x's representing the site and secret key from Google reCAPTCHA have to be replaced with real keys that you receive from getting the Google reCAPTCHA v2.0)

PHP-script:

<?php

/* variable definition */

$name = $email = $message = $submit = $recaptcha = "";

$errors = $success = array();

/* end of "variable definition" */

if (isset($_POST["submit"])) {

/* when submit is pressed */

/* test_input function definition */

function test_input($data) {

  $data = trim($data);

  $data = stripslashes($data);

  $data = htmlspecialchars($data);

  return $data;

}

/* end of "test_input function definition" */

/* process the name field */

if (empty($_POST["name"])) {

  $errors['name'] = "A name must be entered.";

}

else {

  $name = test_input($_POST["name"]);

  if (preg_match("/^[a-zåäöA-ZÅÄÖ ]*$/", $name) == FALSE) {

  $errors['name'] = "Only words and blank spaces are allowed.";

  }

}

/* end of "process the name field" */

/* process the email field */

if (empty($_POST["email"])) {

  $errors['email'] = "An email address must be entered.";

}

else {

  $email = test_input($_POST["email"]);

  if (filter_var($email, FILTER_VALIDATE_EMAIL) == FALSE) {

  $errors['email'] = "Wrong email format.";

  }

}

/* end of "process the email field" */

/* process the message field */

if (empty($_POST["message"])) {

  $errors['message'] = "A message must be entered.";

}

else {

  $message = test_input($_POST["message"]);

}

/* end of "process the message field" */

/* check google recaptcha box */

if (empty($_POST["g-recaptcha-response"])) {

  $errors['recaptcha'] = "Confirm that you are not a robot!";

}

else {

  $recaptcha = $_POST["g-recaptcha-response"];

  $secret = "xxxxx";

  $response = json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secret."&response=".$recaptcha));

  if ($response->success) {

  }

  else {

  $errors['recaptcha'] = "The robot verification failed.\r\nPlease try again!";

  }

}

/* end of "check google recaptcha box" */

/* if no errors */

if (count($errors) == 0) {

  $to = "xxxxx";

  $subject = "Message from visit at xxxxx";

  $headers = "From: $name <$email>";

  mail($to, $subject, $message, $headers);

  $success['success'] = "Thanks for your mail!\r\nWe will answer as quickly as possible!";

}

/* end of "if no errors" */

/* end of "when submit is pressed" */

}

?>

HTML:

<form id="mail_form" method="post" action="">

<!-- .form -->

<div class="h_s_s_d">

<!-- .h_s_s_d -->

<p>Namn</p>

<!-- /.h_s_s_d -->

</div>

<div class="h_s_s2_d">

<!-- .h_s_s2_d -->

<input type="text" name="name" id="name" value="<?php echo $name; ?>" size="36" maxlength="72" />

<p class="error">

<!-- .error -->

<?php

if (isset($errors['name'])) {

  echo $errors['name'];

}

?>

<!-- /.error -->

</p>

<!-- /.h_s_s2_d -->

</div>

<div class="h_s_s_d">

<!-- .h_s_s_d -->

<p>Email</p>

<!-- /.h_s_s_d -->

</div>

<div class="h_s_s2_d">

<!-- .h_s_s2_d -->

<input type="text" name="email" id="email" value="<?php echo $email; ?>" size="36" maxlength="72" />

<p class="error">

<!-- .error -->

<?php

if (isset($errors['email'])) {

  echo $errors['email'];

}

?>

<!-- /.error -->

</p>

<!-- /.h_s_s2_d -->

</div>

<div class="h_s_s_d">

<!-- .h_s_s_d -->

<p>Message</p>

<!-- /.h_s_s_d -->

</div>

<div class="h_s_s2_d">

<!-- .h_s_s2_d -->

<textarea name="message" id="message" cols="37" rows="9"><?php echo $message; ?></textarea>

<p class="error">

<!-- .error -->

<?php

if (isset($errors['message'])) {

  echo $errors['message'];

}

?>

<!-- /.error -->

</p>

<!-- /.h_s_s2_d -->

</div>

<div class="h_s_s_d">

<!-- .h_s_s_d -->

<div class="g-recaptcha" data-sitekey="xxxxx"></div>

<p class="error">

<!-- .error -->

<?php

if (isset($errors['recaptcha'])) {

  echo $errors['recaptcha'];

}

?>

<!-- /.error -->

</p>

<!-- /.h_s_s_d -->

</div>

<div class="h_s_s_d">

<!-- .h_s_s3_d -->

<input type="submit" name="submit" value="Send">

<?php

if (isset($success['success'])) {

  echo $success['success'];

}

?>

<!-- /.h_s_s3_d -->

</div>

<!-- /.form -->

</form>

This topic has been closed for replies.
Correct answer BenPleysier

I think that you have done an excellent job.

A few points that you may consider

3 replies

March 16, 2017

Wanted to clarify: there is NOTHING wrong with the preg_match (involving åäöÅÄÖ) above

The problem lies within PHP not allowing those letters.

I am going to make a transition to a client side validation in the future, as added by Ben.

However I'd appreciate some last opinions on this code because the mail() returns a boolean value:

if (mail($to, $subject, $message, $headers) == TRUE) {

  $success['success'] = "Tack f&ouml;r ditt meddelande!\r\nVi svarar s&aring; snabbt som m&ouml;jligt!";

}

else {

  $errors['mail'] = "Det verkar som n&aring;got gick fel!\r\nVar god f&ouml;rs&ouml;k att skicka mailet igen!";

}

}

I have experienced instances where the email has not been sent in disregard of the receiver being a valid destination, so thought this code with provide some increased reliability

Rob Hecker2
Legend
March 16, 2017

In post 5 you said. . .

Also, the preg_match above does not work ...

Then in post 8 you say:

Wanted to clarify: there is NOTHING wrong with the preg_match (involving åäöÅÄÖ) above

Did you see in my message where I said:

You can't use the normal PHP email validation or the normal HTML email type.

In other words, you can't use FILTER_VALIDATE_EMAIL. It won't allow the non-latin characters.

Non-latin characters in email addresses have not historically been widely supported by email clients. This has slowly been changing, but as you can see, PHP still won't validate an email address that includes them.

March 16, 2017

I KNOW!

Decided not to allow åäö at all for the time being, since another solution is coming up shortly

I MEANT, after having contacted David Powers, that there was nothing wrong with the way I had added åäöÅÄÖ to preg_match() in how the function is defined

Legend
March 14, 2017

Looks pretty good to me. Dont know about the Google captcha because Ive never implemented it myself but if it floats your boat then why not.

Area l would look at is you dont have any labels or title associated with your form input fields.

You might also want to move your error p tags within the php otherwise youre just printing blank paragraph tags to the page when the form runs.

BenPleysier
Community Expert
Community Expert
March 15, 2017

As an off topic reply, wouldn't it be great if Dreamweaver had a facility for installers, it would make it so easy to do the following

Wappler is the DMXzone-made Dreamweaver replacement and includes the best of their powerful extensions, as well as much more!
BenPleysier
Community Expert
BenPleysierCommunity ExpertCorrect answer
Community Expert
March 14, 2017

I think that you have done an excellent job.

A few points that you may consider

Wappler is the DMXzone-made Dreamweaver replacement and includes the best of their powerful extensions, as well as much more!
March 15, 2017

I was about to ask if someone could forward me to a source covering client side verification so thanks!

Have a look at: Using the Invisible reCAPTCHA  |  reCAPTCHA  |  Google Developers

How would you implement this, given the code above, instead of the reCAPTCHA v2.0?