#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Posts
    5
    Rep Power
    0

    How to insert php form in html !!!


    hello

    when I want to put php form in to html page , when page opens all the conditional code like ;

    $name = $_posT['name'];
    lablablab....

    if (empty($name) || .....)

    echo "this filed is required ";

    cos that box is empty,

    when page opens it will appear this filed is required,

    on the page ?????
  2. #2
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,918
    Rep Power
    1045
    Hi,

    I can barely understand you, but I guess you want something like this:

    PHP Code:
    if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST['some_field']))
            ... 
    This will only complain about empty fields if the user has actually submitted the form.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Posts
    5
    Rep Power
    0

    thanks


    Originally Posted by Jacques1
    Hi,

    I can barely understand you, but I guess you want something like this:

    PHP Code:
    if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST['some_field']))
            ... 
    This will only complain about empty fields if the user has actually submitted the form.

    well when I open the page my echo..... will appear immediately on the page ?
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,918
    Rep Power
    1045
    Please post your complete code.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Posts
    5
    Rep Power
    0

    thanks for your help


    [QUOTE=Jacques1]Please post your complete code.



    $to = "......."; //
    $name = $_POST['name'];
    $email = $_POST['email'];
    $subject = $_POST['subject'];
    $msg = $_POST['msg'];
    $d = date('l dS \of F Y h:i:s A');
    $sub = "form to mail";

    $headers = "From: $name <$email>\n";
    //$headers .= "Content-Type: text/plain; charset=iso-8859-1\n";
    $mes = "Subject: ".$subject."\n";
    $mes .= "Message: ".$msg."\n";
    $mes .= "Name: ".$name."\n";
    $mes .= 'Email: '.$email."\n";
    $mes .= 'Date & Time: '.$d;

    if (empty($name) || empty($email) || empty($subject) || empty($msg))
    {
    echo " <h3>Sorry all fields are required.</h3>";
    }
    if(!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
    {
    print("<h3>Sorry the email address you entered it's invalid.</h3>");
    }
    else
    {
    mail($to, $sub, $mes, $headers);
    print " <h3><center>Thank you ".$name." for contacting us.<br>We will get back to you as soon as possiable</center></h3>";
    }

    </body>
    </html>


    thanks
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Oct 2009
    Location
    Nebraska, USA
    Posts
    829
    Rep Power
    275
    you need to check whether the form was submitted (using "isset()") before checking for empty fields.
  12. #7
  13. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,918
    Rep Power
    1045
    No. Check the request method as explained above:

    PHP Code:
    <?php

    if ( $_SERVER['REQUEST_METHOD'] == 'POST' && (empty($name) || empty($email) || ...) ) {
        ...
    }
    Apart from that, your code has the usual security issues and bad practices:

    • Your mail function is completely unprotected, allowing anybody to manipulate the headers or message. I suggest you use a professional library like PHPMailer for secure mails.
    • Your email regex doesn't even remotely cover all valid addresses, which means it will reject many legitimate addresses. Don't try to reinvent the wheel, use the built-in filter of PHP.
    • The email message is invalid according to the standards, because it uses \n instead of \r\n for line endings.
    • The ereg_*() functions are long obsolete and have been replaced with the preg_*() functions.
    • Visual HTML elements like center are also long obsolete. Nowadays, you use CSS (Cascading Style Sheets) to define the looks of a page. HTML is only used to describe the content.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  14. #8
  15. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Posts
    4
    Rep Power
    0
    Yes you can check with isset() to determine if the form is submitted and further do with the validations.
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2004
    Posts
    2,868
    Rep Power
    368
    looks like an OLD code copied from a crappy site that was written in 1990s and never updated
    Last edited by paulh1983; September 2nd, 2013 at 03:47 AM.
  18. #10
  19. Mad Scientist
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Oct 2007
    Location
    North Yorkshire, UK
    Posts
    3,660
    Rep Power
    4123
    The PHP code does not look like it is between <?php and ?>

    so it is not interpretted as PHP (hence why you see all the code on the page)

    So you need to put your php code between <?php and ?> (you can have multiple blocks of php within one html document)

    Then you need to make sure that the web server knows to run the file through the PHP interpreter before spitting out the html
    I said I didn't like ORM!!! <?php $this->model->update($this->request->resources[0])->set($this->request->getData())->getData('count'); ?>

    PDO vs mysql_* functions: Find a Migration Guide Here

    [ Xeneco - T'interweb Development ] - [ Are you a Help Vampire? ] - [ Read The manual! ] - [ W3 methods - GET, POST, etc ] - [ Web Design Hell ]

IMN logo majestic logo threadwatch logo seochat tools logo