联系表未通过 php 发送完整的提交数据
Contact form not sending full submission data via php
我有一个 HTML 联系表,它使用 javascript 作为更改功能。我有一个主题下拉菜单,根据人们选择的选项显示不同的字段。例如,如果他们选择错误报告,就会出现与选择添加我的组不同的字段。每当用户未填写表格时,它就会通过电子邮件发送给我他们根据他们选择的主题对问题的回答不会通过电子邮件发送给我。
我已经包含了下面的代码,感谢您的帮助。
HTML
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script>
<script type="text/javascript">
$(function () {
$("#select").change(function () {
if ($(this).val() == "subject1") {
$("#EVENT").show();
} else {
$("#EVENT").hide();
}
if ($(this).val() == "subject2") {
$("#GROUPCLUBS").show();
} else {
$("#GROUPCLUBS").hide();
}
if ($(this).val() == "subject3") {
$("#DIRECTORY").show();
} else {
$("#DIRECTORY").hide();
}
if ($(this).val() == "subject4") {
$("#BUG").show();
} else {
$("#BUG").hide();
}
});
});
</script>
<form name="contactform" method="post" action="contact.php">
<table width="450px">
<tr>
<td valign="top">
<label for="name">Name *</label>
</td>
<td valign="top">
<input type="text" name="name" maxlength="50" size="30">
</td>
</tr>
<tr>
<td valign="top">
<label for="email">Email Address *</label>
</td>
<td valign="top">
<input type="text" name="email" maxlength="80" size="30">
</td>
</tr>
<tr>
<td valign="top">
<label for="subject">Subject *</label>
</td>
<td valign="top">
<select name="subject" id="select">
<option value="">-- select an option --</option>
<option value="subject1">Add an Event</option>
<option value="subject2">Add my Group or Club</option>
<option value="subject3">I want listed in the Business Directory</option>
<option value="subject4">Submit a Bug Report</option>
<option value="subject5">Other Questions</option>
</select>
<div id="EVENT" style="display: none">
<label for="EventDate">Event Date</label>
<input type="text" name="eventdate" />
<br>
<label for="EventTime">Event Time</label>
<input type="text" name="eventtime" />
<br>
<label for="EventLocation">Event Location</label>
<input type="text" name="eventlocation" />
<br>
<label for="EventDescription">Event Description</label>
<input type="text" name="eventdescription" />
<br>
<label for="Ticketinfo">Ticket Information</label>
<input type="text" name="eventticketinfo" />
<br>
<label for="ExtraInfo">Extra Info</label>
<input type="text" name="extrainfo" />
<br>
<label for="Website">Website</label>
<input type="text" name="website" />
<br>
<label for="ContactInfo">Contact Info</label>
<input type="text" name="contact" />
</div>
<div id="GROUPCLUBS" style="display: none">
<label for="ClubDescription">Club Description</label>
<input type="text" name="clubdescription" />
<br>
<label for="Meet">When does the club meet?</label>
<input type="text" name="meeting" />
<br>
<label for="Location">Location</label>
<input type="text" name="location" />
<br>
<label for="Cost">Cost of joining</label>
<input type="text" name="cost" />
<br>
<label for="ExtraInfo">Extra Info</label>
<input type="text" name="extrainfo" />
<br>
<label for="ContactInfo">Contact Info</label>
<input type="text" name="contact" />
</div>
<div id="DIRECTORY" style="display: none">
<label for="BusinessDescription">Business Description</label>
<input type="text" name="businessdescription" />
<br>
<label for="BusinessLocation">Business Location</label>
<input type="text" name="location" />
<br>
<label for="OpeningHours">Opening Hours</label>
<input type="text" name="openinghours" />
<br>
<label for="Website">Website</label>
<input type="text" name="website" />
<br>
<label for="ContactInfo">Contact Info</label>
<input type="text" name="contact" />
</div>
<div id="BUG" style="display: none">
<label for="device">Device</label>
<input type="text" name="device" />
<br>
<label for="info"></label>
<strong>Please provide more details in the message box below</strong>
</div>
</td>
</tr>
<tr>
<td valign="top">
<label for="message">Message *</label>
</td>
<td valign="top">
<textarea name="message" maxlength="1000" cols="25" rows="6"></textarea>
</td>
</tr>
<tr>
<td colspan="2" style="text-align:center">
<input type="submit" value="Submit">
</td>
</tr>
</table>
</form>
PHP
<?php
if(isset($_POST['email'])) {
$email_to = "david@davidsthompson.co.uk";
$email_subject = "New Contact Form";
function died($error) {
// your error code can go here
echo "We are very sorry, but there were error(s) found with the form you submitted. ";
echo "These errors appear below.<br /><br />";
echo $error."<br />";
echo "Please go back and fix these errors.<br /><br />";
die();
}
// validation expected data exists
if(!isset($_POST['name']) ||
!isset($_POST['email']) ||
!isset($_POST['subject']) ||
!isset($_POST['message'])) {
died('We are sorry, but there appears to be a problem with the form you submitted.');
}
$name = $_POST['name']; // required
$email_from = $_POST['email']; // required
$subject = $_POST['subject']; // required
$message = $_POST['message']; // required
$error_message = "";
$email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
$string_exp = "/^[A-Za-z .'-]+$/";
if(!preg_match($string_exp,$name)) {
$error_message .= 'The Name you entered does not appear to be valid.<br />';
}
if(!preg_match($email_exp,$email_from)) {
$error_message .= 'The Email Address you entered does not appear to be valid.<br />';
}
if(strlen($subject) < 2) {
$error_message .= 'The Subject you entered does not appear to be valid.<br />';
}
if(strlen($message) < 2) {
$error_message .= 'The Message you entered does not appear to be valid.<br />';
}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Form details below.\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "Name: ".clean_string($name)."\n";
$email_message .= "Email: ".clean_string($email_from)."\n";
$email_message .= "Subject: ".clean_string($subject)."\n";
$email_message .= "Message: ".clean_string($message)."\n";
// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
?>
<!-- include your own success html here -->
Thank you for contacting us. We will be in touch with you very soon.
<?php
}
?>
从下图中您可以看到未通过电子邮件发送的信息字段。
Image
您需要像这样将收集到的变量发送到您的邮箱 body..
之后...
$email_message .= "Message: ".clean_string($message)."\n";
添加这个...
$email_message .= "Event Date: ".clean_string($_POST['eventdate'])."\n";
$email_message .= "Event Time: ".clean_string($_POST['eventtime'])."\n";
//etc...
对您希望在电子邮件中看到的表单字段重复此操作。
您永远不应该像以前那样真正接受来自 $_POST 的原始输入,而应该对其进行过滤以防止受到攻击。
我还注意到您正试图阻止电子邮件 header 注入,这是一个很好的(也是建议的)做法,但是,将您的 str_replace
功能更改为 str_ireplace
以确保有人可以'在您的表单字段中输入 BCC
(等)而不仅仅是 bcc
(小写)。
我有一个 HTML 联系表,它使用 javascript 作为更改功能。我有一个主题下拉菜单,根据人们选择的选项显示不同的字段。例如,如果他们选择错误报告,就会出现与选择添加我的组不同的字段。每当用户未填写表格时,它就会通过电子邮件发送给我他们根据他们选择的主题对问题的回答不会通过电子邮件发送给我。
我已经包含了下面的代码,感谢您的帮助。
HTML
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script>
<script type="text/javascript">
$(function () {
$("#select").change(function () {
if ($(this).val() == "subject1") {
$("#EVENT").show();
} else {
$("#EVENT").hide();
}
if ($(this).val() == "subject2") {
$("#GROUPCLUBS").show();
} else {
$("#GROUPCLUBS").hide();
}
if ($(this).val() == "subject3") {
$("#DIRECTORY").show();
} else {
$("#DIRECTORY").hide();
}
if ($(this).val() == "subject4") {
$("#BUG").show();
} else {
$("#BUG").hide();
}
});
});
</script>
<form name="contactform" method="post" action="contact.php">
<table width="450px">
<tr>
<td valign="top">
<label for="name">Name *</label>
</td>
<td valign="top">
<input type="text" name="name" maxlength="50" size="30">
</td>
</tr>
<tr>
<td valign="top">
<label for="email">Email Address *</label>
</td>
<td valign="top">
<input type="text" name="email" maxlength="80" size="30">
</td>
</tr>
<tr>
<td valign="top">
<label for="subject">Subject *</label>
</td>
<td valign="top">
<select name="subject" id="select">
<option value="">-- select an option --</option>
<option value="subject1">Add an Event</option>
<option value="subject2">Add my Group or Club</option>
<option value="subject3">I want listed in the Business Directory</option>
<option value="subject4">Submit a Bug Report</option>
<option value="subject5">Other Questions</option>
</select>
<div id="EVENT" style="display: none">
<label for="EventDate">Event Date</label>
<input type="text" name="eventdate" />
<br>
<label for="EventTime">Event Time</label>
<input type="text" name="eventtime" />
<br>
<label for="EventLocation">Event Location</label>
<input type="text" name="eventlocation" />
<br>
<label for="EventDescription">Event Description</label>
<input type="text" name="eventdescription" />
<br>
<label for="Ticketinfo">Ticket Information</label>
<input type="text" name="eventticketinfo" />
<br>
<label for="ExtraInfo">Extra Info</label>
<input type="text" name="extrainfo" />
<br>
<label for="Website">Website</label>
<input type="text" name="website" />
<br>
<label for="ContactInfo">Contact Info</label>
<input type="text" name="contact" />
</div>
<div id="GROUPCLUBS" style="display: none">
<label for="ClubDescription">Club Description</label>
<input type="text" name="clubdescription" />
<br>
<label for="Meet">When does the club meet?</label>
<input type="text" name="meeting" />
<br>
<label for="Location">Location</label>
<input type="text" name="location" />
<br>
<label for="Cost">Cost of joining</label>
<input type="text" name="cost" />
<br>
<label for="ExtraInfo">Extra Info</label>
<input type="text" name="extrainfo" />
<br>
<label for="ContactInfo">Contact Info</label>
<input type="text" name="contact" />
</div>
<div id="DIRECTORY" style="display: none">
<label for="BusinessDescription">Business Description</label>
<input type="text" name="businessdescription" />
<br>
<label for="BusinessLocation">Business Location</label>
<input type="text" name="location" />
<br>
<label for="OpeningHours">Opening Hours</label>
<input type="text" name="openinghours" />
<br>
<label for="Website">Website</label>
<input type="text" name="website" />
<br>
<label for="ContactInfo">Contact Info</label>
<input type="text" name="contact" />
</div>
<div id="BUG" style="display: none">
<label for="device">Device</label>
<input type="text" name="device" />
<br>
<label for="info"></label>
<strong>Please provide more details in the message box below</strong>
</div>
</td>
</tr>
<tr>
<td valign="top">
<label for="message">Message *</label>
</td>
<td valign="top">
<textarea name="message" maxlength="1000" cols="25" rows="6"></textarea>
</td>
</tr>
<tr>
<td colspan="2" style="text-align:center">
<input type="submit" value="Submit">
</td>
</tr>
</table>
</form>
PHP
<?php
if(isset($_POST['email'])) {
$email_to = "david@davidsthompson.co.uk";
$email_subject = "New Contact Form";
function died($error) {
// your error code can go here
echo "We are very sorry, but there were error(s) found with the form you submitted. ";
echo "These errors appear below.<br /><br />";
echo $error."<br />";
echo "Please go back and fix these errors.<br /><br />";
die();
}
// validation expected data exists
if(!isset($_POST['name']) ||
!isset($_POST['email']) ||
!isset($_POST['subject']) ||
!isset($_POST['message'])) {
died('We are sorry, but there appears to be a problem with the form you submitted.');
}
$name = $_POST['name']; // required
$email_from = $_POST['email']; // required
$subject = $_POST['subject']; // required
$message = $_POST['message']; // required
$error_message = "";
$email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
$string_exp = "/^[A-Za-z .'-]+$/";
if(!preg_match($string_exp,$name)) {
$error_message .= 'The Name you entered does not appear to be valid.<br />';
}
if(!preg_match($email_exp,$email_from)) {
$error_message .= 'The Email Address you entered does not appear to be valid.<br />';
}
if(strlen($subject) < 2) {
$error_message .= 'The Subject you entered does not appear to be valid.<br />';
}
if(strlen($message) < 2) {
$error_message .= 'The Message you entered does not appear to be valid.<br />';
}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Form details below.\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "Name: ".clean_string($name)."\n";
$email_message .= "Email: ".clean_string($email_from)."\n";
$email_message .= "Subject: ".clean_string($subject)."\n";
$email_message .= "Message: ".clean_string($message)."\n";
// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
?>
<!-- include your own success html here -->
Thank you for contacting us. We will be in touch with you very soon.
<?php
}
?>
从下图中您可以看到未通过电子邮件发送的信息字段。
Image
您需要像这样将收集到的变量发送到您的邮箱 body..
之后...
$email_message .= "Message: ".clean_string($message)."\n";
添加这个...
$email_message .= "Event Date: ".clean_string($_POST['eventdate'])."\n";
$email_message .= "Event Time: ".clean_string($_POST['eventtime'])."\n";
//etc...
对您希望在电子邮件中看到的表单字段重复此操作。
您永远不应该像以前那样真正接受来自 $_POST 的原始输入,而应该对其进行过滤以防止受到攻击。
我还注意到您正试图阻止电子邮件 header 注入,这是一个很好的(也是建议的)做法,但是,将您的 str_replace
功能更改为 str_ireplace
以确保有人可以'在您的表单字段中输入 BCC
(等)而不仅仅是 bcc
(小写)。