好的,我正在尝试创建一个验证用户输入的联系表单,以防止黑客提交代码并尝试仅需要数字,文本和电子邮件。我已经设置了表单并导入了我的php文件。联系人将把它发送到我的Gmail帐户。但每次我测试php它允许输入任何类型的数据,无论它是否应该是一个数字和字母提交,反之亦然。如果我能帮助告诉我哪里出错了会很棒。我是编程的初学者,只有我从学校收到的知识,但我非常擅长html和css,但有php验证问题。表单发送电子邮件,但我说它允许任何和所有输入。
<?php
$name = $_POST['name'];
$tel = $_POST['tel'];
$email = $_POST['email'];
$message = $_POST['message'];
$from = 'From: www.webdesignheros.com';
$to = 'heenanwrk@gmail.com';
$subject = 'Service Email for HeenanTech';
$tel = filter_input(INPUT_POST, 'tel', FILTER_SANITIZE_INT);
$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING|FILTER_FLAG_NO_ENCODE_QUOTES);
$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$message = filter_input(INPUT_POST, 'message', FILTER_SANITIZE_STRING|FILTER_FLAG_NO_ENCODE_QUOTES);
$body = "From: $name\n Phone: $tel\n Email: $email\n Message: $message\n";
?>
<?php
if ($_POST['submit']){
if(mail($to, $subject, $body, $from)){
echo'<p>Thank you for your email!</p>';
} else {
echo '<p> Oops! Something went wrong, try sending your message again</p>';
}
}
?>
此外,表格可在[http://webdesignheros.com/Contact.html][1]
找到 [1]:http://webdesignheros.com/Contact.html如果有人可以在提交之前告诉我如何拒绝某些输入,那将是非常棒的。就好像输入了一个无效的条目并且它们移动到下一个输入它会拒绝它而不是按下提交按钮。我会在html中使用pattern="a-z",还是需要为此添加javascript?
答案 0 :(得分:2)
<?php
if (isset($_POST["submit")){
$name = $_POST["name"];
$tel = $_POST["tel"];
$email = $_POST["email"];
$message = $_POST["message"];
$from = "From: www.webdesignheros.com";
$to = "heenanwrk@gmail.com";
$subject = "Service Email for HeenanTech";
$body = "From: $name\n Phone: $tel\n Email: $email\n Message: $message\n";
mail($to, $subject, $body, $from);
if(mail($to, $subject, $body, $from)){
echo'<p>Thank you for your email!</p>';
} else {
echo '<p> Oops! Something went wrong, try sending your message again</p>';
}
}
?>