PHP - 在没有错误时提交错误消息

时间:2015-04-23 10:11:03

标签: php email

所以我构建了这个电子邮件表单,该表单应该显示错误消息'姓名和电子邮件是强制性的'如果没有提交姓名或/和电子邮件。但是,如果他们是,我会收到相同的消息。怎么能修好?

<?php
if(!isset($_POST['submit-enquiry']))
{
    //This page should not be accessed directly. Need to submit the form.
    echo "error; you need to submit the form!";
}
$name = $_POST['name'];
$guest_email = $_POST['email'];
$mobile = $_POST['mobile'];
$message = $_POST['enquiry-message'];

//Validate first
if(empty($name)||empty($guest_email)) 
{
    echo '<script language="javascript">';
    echo 'alert("Name and email are mandatory")';
    echo '</script>';
    exit;
}

if(IsInjected($visitor_email))
{
    echo '<script language="javascript">';
    echo 'alert("Bad Email Value")';
    echo '</script>';
    exit;
}

$email_from = $guest_email;//<== update the email address
$email_subject = "Enquiry from $name";
$email_body = "Name: $name. \n". "Mobile: $mobile .\n". "Message:      $message. \n";

$to = "my_email";//<== update the email address 
$headers = "From: $email_from \r\n";
$headers .= "Reply-To: $guest_email \r\n"; 
/ /Send the email!
mail($to,$email_subject,$email_body,$headers);
//done. redirect to thank-you page.
header('Location: enquiry.php');

// Function to validate against any email injection attempts
function IsInjected($str)
{
   $injections = array('(\n+)',
          '(\r+)',
          '(\t+)',
          '(%0A+)',
          '(%0D+)',
          '(%08+)',
          '(%09+)'
          );
  $inject = join('|', $injections);
  $inject = "/$inject/i";
  if(preg_match($inject,$str))
  {
   return true;
  }
  else
  {
   return false;
  }
}

 ?>

fprm的html:

<div id="enquiry-form">
                    <form method="post" name="enquiry-form" action="" target="_self">
                        <span class="short-input" id="name">
                            <h6>name</h6>
                            <input type="text" name="name">
                        </span>
                        <span class="short-input" id="mobile">
                            <h6>mobile</h6>
                            <input type="text" name="mobile">
                        </span>
                         <span class="long-input" id="email">
                            <h6>e-mail</h6>
                            <input type="text" name="email">
                        </span>
                        <span class="long-input" id="enquiry-message">
                            <h6>enquiry</h6>
                            <textarea name="enquiry-message"></textarea>
                        </span>

                </div>
                <div id="contact-info">
                    <h2>Contact Details</h2>
                </div>
                 <button type="submit" id="submit-enquiry" name="submit-enquiry">send</button>
               </form>

3 个答案:

答案 0 :(得分:1)

if( (empty($name)) || (empty($guest_email)) )

了解更多信息:php operation precedence

答案 1 :(得分:0)

尝试

if( $name=='' || $guest_email=='' )
在某些情况下,空白会导致意外结果。我的经验让我说,对于表单验证,最好以这种方式检查变量是否为空。然后检查变量的内容(例如,查看它是否是有效的电子邮件),这对我来说足够安全。 如果您的代码仍然无效,则有必要进行进一步的调查。

答案 2 :(得分:0)

if( empty(trim($name)) || empty(trim($guest_email)) )
相关问题
最新问题