/    Sign up×
Community /Pin to ProfileBookmark

Secure PHP email forms

Copy linkTweet thisAlerts:
Apr 24.2005

Hey, I have done a bit of a search to find what kind of email scripts are around and none of them work how I would expect them to work. Most will send you straight to a confimation page and send it from there.

What I would want is one that sends you to the same page that you are on and if it manages to send it from there will direct to confimation page. That way, it would not be possible to refresh the browser and resend the informaion, plus if the form does not validate you would be able to display why not on the page.

I think I can do this myself but I am expecting there to be a flaw in this method seeing that nobody seems to offer that on the web.

to post a comment
PHP

8 Comments(s)

Copy linkTweet thisAlerts:
@grailquester5Apr 24.2005 — I don't know about PHP doing a redirect (think you'd have to work in some JavaScript for that), but you could certainly build the "confirmation page" into the same page using conditionals. Don't see any reason why that shouldn't work...
Copy linkTweet thisAlerts:
@BigMoosieauthorApr 24.2005 — But that would kind of ruin the point, they can still refresh to resend the data. And I dont want to rely on JavaScript to make it work properly.
Copy linkTweet thisAlerts:
@BigMoosieauthorApr 25.2005 — Just found the following code to redirect, it must however appear before any HTML (including whitespace) and before any outputted PHP code using echo or such:
[code=php]<?php
header("Location: http://www.mysite.com/sent.php");
?> [/code]

It must be an absolute URL not relative.
Copy linkTweet thisAlerts:
@SpectreReturnsApr 25.2005 — Try checking for a certain POST variable.
Copy linkTweet thisAlerts:
@grailquester5Apr 25.2005 — You can always use one of the inputs from the form itself, as in:

[code=php]
if (isset($_POST['form_variable_name'])) {
// Do something because the form has been submitted
}
else {
// Do something else because no form was submitted
}
[/code]
Copy linkTweet thisAlerts:
@ephmynusApr 25.2005 — You could also do your validation prior to the submission via Javascript.

[CODE]<FORM ACTION=mail.php METHOD=POST [COLOR=Red]name=formname[/COLOR]>[/CODE]

[CODE]<INPUT TYPE=SUBMIT [COLOR=Red]onclick="validate();"[/COLOR]>[/CODE]

Then you can write the validation function at the top of your html page.

[CODE]
function validate()
{
if (formname.bal.value=="")
{
errorSTR .= "You did not enter the bal field.<BR>";
event.returnValue=false;
}
if (formname.sample.value=="")
{
errorSTR .="You did not enter the sample field.<BR>";
event.returnValue=false;
}
}
[/CODE]
Copy linkTweet thisAlerts:
@BigMoosieauthorApr 25.2005 — Thanks for your help guys, particularly grailquester5, that was what I needed.

@ ephmynus: thanks for the suggestion, I already written a JavaScript validator. As for the method you suggested, I would not put:&lt;INPUT TYPE=SUBMIT onclick="validate();"&gt;But rather:&lt;FORM ACTION=mail.php METHOD=POST name=formname onsubmit="return validate();"&gt;That way, if the user submits the form by other means (i.e pressing enter in some browsers while the form has focus) it will still check validation.
×

Success!

Help @BigMoosie spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.28,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...