We now need to add some inline
PHP to the
HTML code:
- HTML: Select all
<div class="contact">
<h1>Contact Us</h1>
<?php
if(count($invalid_fields)<=0) { // send message / thank user
// mail will get sent here
?>
<p>Your message was successfully delivered.</p>
<?php } else { ?>
<p>Please fill out the form to contact us. Required fields are marked with a star [*].</p>
<?php echo(($error_message!=''?'<div class="error">'.$error_message.'</div>':'')); ?>
<form name="contact" action="form_mail.php" method="post">
<p>Name:* <input class="box" type="text" name="name" value="<?php echo($validated['name']); ?>" /></p>
<p>E-Mail:* <input class="box" type="text" name="email" value="<?php echo($validated['email']); ?>" /></p>
<p>Subject: <input class="box" type="text" name="subject" value="<?php echo($validated['subject']); ?>" /></p>
<p>Message:*</p><textarea name="message"><?php echo($validated['message']); ?></textarea>
<p><input class="button" type="submit" action="submit" value="Send" />
</form>
<?php } ?>
</div>
Explanations:
- PHP: Select all
if(count($invalid_fields)<=0) { // send message / thank user
Here we check if there are any invalid fields. If not, then we can send the email (still coming) and thank the user. Otherwise, we re-output the form. The valid values are outputted to the form, but the invalid entries are not.
- PHP: Select all
<?php echo(($error_message!=''?'<div class="error">'.$error_message.'</div>':'')); ?>
Here we use an inline IF statement to check if the $error_message message variable contains something and if it does, then we output the error message to the user.
Some More Input Validation
Until now we have only checked to see if the required fields contained a value. You can get pretty paranoid about validating user input, but in this tutorial, we are just going to check if the email address has the correct format. To do this we need to modify the FOREACH loop:
- PHP: Select all
foreach($_POST as $key=>$value) { // loop through the $_POST array
if(in_array($key,$required_fields)&&$value=='') { // check if a required field is empty
// add that field to the $invalid_fields array
array_push($invalid_fields,$key);
// and append the error message to the $error_message variable
$error_message.='<p>Please enter a'.(preg_match('/^[aeiouy]/',$key)?'n':'').' '.$key.'.</p>';
} else {
switch($key) {
case 'email': // validate email address format
if(!preg_match('/^([A-Z0-9._%-]+)@([A-Z0-9.-]+)\.([A-Z]{2,6})$/i',$value);) {
array_push($invalid_fields,'email');
$error_message.='<p>Please enter a valid email.</p>';
}
break;
}
}
// field is not in the $invalid_fields array?
if(!in_array($key,$invalid_fields)) {
// copy it to the $validated array
$validated[$key]=htmlspecialchars($value);
}
}
Explanations:
We added an ELSE statement and a SWITCH so that for each index of the $_POST array, we can perform further validation. Here we are only going to validate the 'email' value, but you can perform further validations by adding CASES to the SWITCH.
- PHP: Select all
if(!preg_match('/^([A-Z0-9._%-]+)@([A-Z0-9.-]+)\.([A-Z]{2,6})$/i',$value);) {
There are hundreds of regular expressions that can be used to validate an email format. This is one of the simplest and most effective ones I've come across (from
http://www.regularexpressions.info). If the entered email doesn't match this regex, then we add 'email' to the $invalid_fields array and append an error message.
Sending the EMail
So, now we've validated the user input and once the user has entered all the necessary information correctly, we can send the email:
- PHP: Select all
<?php
if(count($invalid_fields)<=0) { // send message / thank user
$formatted_message='When: '.date('r').'
Who: '.$name.' ('.$email.')
With What: '.$_SERVER['HTTP_USER_AGENT'].'
Message: '.$message;
mail($to_address,$subject,$formatted_message);
?>
Explanations:
First we format the message a bit...: When --> get the date and time that the message was sent. Who --> the name and email supplied by the user. With What --> which browser the user used to contact us (I always find this interesting
). Message --> and the user's message.
- PHP: Select all
mail($to_address,$subject,$formatted_message);
Configuring your server so that the mail() function works is too complicated to explain here. I'm just going to assume that it works.... The required parameters are $to_address (where the email is headed), $subject (the subject of the email) and $formatted_message (the body of the email).
FINISHED!
Good Luck with your project!
Feel free to post any questions....
EDIT: see post below for complete code.