请帮忙吗?
我是php新手并尝试为简单的联系表单开发验证规则。
如果表单的其他部分无法通过验证,如何停止选择字段重置?
代码如下:
<?php
$error = '';
$title = '';
$firstname = '';
$surname = '';
$email = '';
$phone = '';
$comments = '';
$how = '';
$verify = '';
if(isset($_POST['contactus'])) {
$title = $_POST['title'];
$firstname = $_POST['firstname'];
$surname = $_POST['surname'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$comments = $_POST['comments'];
$how = $_POST['how'];
$verify = $_POST['verify'];
ini_set("sendmail_from", $email_from, "enquiries@blah.com");
// Errors
if(trim($title) == '') {
$error = '<div class="error_message">Please enter your Title.</div>';
}
else if(trim($firstname) == '') {
$error = '<div class="error_message">Please enter your First name.</div>';
}
else if(trim($surname) == '') {
$error = '<div class="error_message">Please enter your Surname.</div>';
}
else if(!validEmail($email)){
$error = '<div class="error_message">Please enter a valid email address.</div>';
$email = '';
}
if($error == '') {
if(get_magic_quotes_gpc()) {
$comments = stripslashes($comments);
}
$address = "enquiries@blah.com";
$e_subject = 'Care at Home Enquiry from ' . $title . $surname . '.';
$e_body = "You have been contacted by $name with regards to an Advantage Nurses general enquiry, contact details and message are as follows.\r\n\n";
$e_content = "Title: " . $title .
"\r\n\nFirst name:" . $firstname .
"\r\n\nSurname: " . $surname .
"\r\n\nEmail: " . $email .
"\r\n\nPhone: " . $phone .
"\r\n\nEnquiry: " . $comments .
"\r\n\nHow Did You Hear About Us: " . $how;
//$e_reply = "\r\n\nYou can contact $name via email, $email or via phone $phone";
$msg = $body . $e_content . $e_reply;
if(mail($address, $e_subject, $msg, "From: $email\r\nReply-To: $email\r\nReturn-Path: $email\r\n"))
{
// Email has sent successfully, echo a success page.
echo "<div id='succsess_page'>";
echo "<h1>Enquiry Submitted.</h1>";
echo "<p>Thank you <strong>$title $surname</strong>, your enquiry has been submitted to us.<br /><br /> A member of our Team will contact you within 48 hours.</p>";
echo "</div>";
} else echo "Error. Mail not sent";
}
}
if(!isset($_POST['contactus']) || $error != '') // Do not edit.
{
&GT;
答案 0 :(得分:0)
在表单上,您需要检查这些变量的值。例如:
<select name="title" class="selectfield" id="title" value="">
<option value="">Please Select...</option>
<option value="Mr" <?php if(isset($title) && $title == 'Mr') echo 'selected'; ?>>Mr</option>
<option value="Mrs" <?php if(isset($title) && $title == 'Mrs') echo 'selected'; ?>>Mrs</option>
<option value="Miss" <?php if(isset($title) && $title == 'Miss') echo 'selected'; ?>>Miss</option>
<option value="Ms" <?php if(isset($title) && $title == 'Ms') echo 'selected'; ?>>Ms</option>
<option value="Dr" <?php if(isset($title) && $title == 'Dr') echo 'selected'; ?>>Dr</option>
<option value="Rev" <?php if(isset($title) && $title == 'Rev') echo 'selected'; ?>>Rev</option>
<option value="Sir" <?php if(isset($title) && $title == 'Sir') echo 'selected'; ?>>Sir</option>
</select>
如果您愿意,也可以使用JQuery选择正确的选项。
答案 1 :(得分:0)
在用于选择选项的html中,尝试以下内容:
<option value="Mr." <? if($title == "Mr.") echo "selected"; ?>>Mr.</option>
如果您的option
值为“先生”,则会自动选择$_POST
答案 2 :(得分:0)
如果在数组中定义选项值,那就更优雅了:
$titles = array('Mr', 'Miss', 'Mrs');
在HTML中:
<select name="title" id="title">
<?php foreach($titles as $title): ?>
<option value="<?php echo $title; ?>" if(isset($_POST['title']) $_POST['title'] == $title) echo 'selected="selected"';><?php echo $title; ?></option>
<?php endforeach; ?>
</select>
警告1:您的代码容易受到XSS的攻击,您不应该将原始用户输入打印回页面,通过htmlspecialchars()
传递。
警告2:它也容易受到邮件标头注入攻击。您应该验证插入标题中的$email
,或者不要将任何用户输入插入标题中。
由于这些原因,我已从问题中删除了您的网站链接。我建议您将页面脱机,直到漏洞得到修复。