0

When I submit my html form I am only getting the $name value in my email. Also when I click submit instead of redirecting to my thank you html page the content of the thank you page appears underneath the form. Any ideas why? Here is my code...

HTML:

<section class="container content">

<div class="row">
<div class="center title col-sm-12">
<h2>Short Application Form</h2>
</div>
</div> 

<h2>Personal Information</h2>
<form method="post" action="appemail.php" name="contactform" id="contactform" class="row">
<fieldset>
<div class="form-field col-sm-6">
<label for="name">First Name</label>
<span><input type="text" name="name" id="name"/></span>
</div>

<div class="form-field col-sm-6">
<label for="lastname">Last Name</label>
<span><input type="text" name="lastname" id="lastname"/></span>
</div>

<div class="form-field col-sm-6">
<label for="email">Email</label>
<span><input type="text" name="email" id="email"/></span>
</div>

<!--<div class="form-field col-sm-6">
<label for="email">Referral Name</label>
<span><input type="email" name="email" id="email"/></span>
</div>-->

<div class="form-field col-sm-6">
<label for="email">Home/Cell Phone</label>
<span><input type="text" name="phone" id="phone"/></span>
</div>

<div class="form-field col-sm-6">
<label>Martial Satus</label>
<select name="martial">
    <option>Married</option>
    <option>Unmaried</option>
    <option>Seperated</option>
</select>
</div>

<div class="form-field col-sm-6">
<label>Are you a Canadian Permanent Resident</label>
<select name="resident">
    <option>Yes</option>
    <option>No</option>
</select>
</div>

<div class="form-field col-sm-6">
<label for="email">Date of Birth</label>
<span><input type="text" name="birth"/></span>
</div>

<div class="form-field col-sm-6">
<label for="email">Number of Dependents</label>
<span><input type="text" name="dependents"/></span>
</div>

<div class="center title col-sm-12">
 <h2 style="text-align:left">Current Address</h2>
</div>

<div class="form-field col-sm-6">
<label for="name">Street Address</label>
<span><input type="text" name="adress"/></span>
</div>
<div class="form-field col-sm-6">
<label for="name">City</label>
<span><input type="text" name="city"/></span>
</div>
<div class="form-field col-sm-6">
<label for="name">Province</label>
<span><input type="text" name="province"/></span>
</div>
<div class="form-field col-sm-6">
<label for="name">Postal Code</label>
<span><input type="text" name="postal"/></span>
</div>
<div class="form-field col-sm-6">
<label for="name">Years at this Address</label>
<span><input type="text" name="years"/></span>
</div>

<div class="form-field col-sm-6">
<label>Rent or Own</label>
<select name="rent">
    <option>Own</option>
    <option>Rent</option>
</select>
</div>

<div class="center title col-sm-12">
 <h2 style="text-align:left">Subject Property</h2>
 </div>

<div class="form-field col-sm-6">
<label>Property Usage</label>
<select name="property">
    <option>Primary Residence</option>
    <option>Second Home</option>
     <option>Investment</option>
</select>
</div>

<div class="form-field col-sm-6">
<label for="name">Loan Amount $ </label>
<span><input type="text" name="loan"/></span>
</div>
<div class="form-field col-sm-6">
<label for="name">Purchase Price $</label>
<span><input type="text" name="price"/></span>
</div>

<div class="center title col-sm-12">
 <h2 style="text-align:left">Monthly Income</h2>
 </div>

 <div class="form-field col-sm-6">
<label for="name">Yearly Income $ </label>
<span><input type="text" name="yearly"/></span>
</div>
<div class="form-field col-sm-6">
<label for="name">Other Sources of Income (combined) $</label>
<span><input type="text" name="other"/></span>
</div>

<div class="form-field col-sm-12">
<label for="message">Comments</label>
<span><textarea name="message" id="message"></textarea></span>
</div>
</fieldset>
<div class="form-click center col-sm-12">
<span><input type="submit" name="submit" id="submit" value="Send it"/></span>
</div>
<div id="alert" class="col-sm-12"></div>
</form>
</section>

PHP:

<?php

$name = $_POST['name'];
$lastname = $_POST['lastname'];
$visitor_email = $_POST['email'];
$phone = $_POST['phone'];
$martial = $_POST['martial'];
$resident = $_POST['resident'];
$birth = $_POST['birth'];
$dependents = $_POST['dependents'];
$adress = $_POST['adress'];
$city = $_POST['city'];
$province = $_POST['province'];
$postal = $_POST['postal'];
$years = $_POST['years'];
$rent = $_POST['rent'];
$property = $_POST['property'];
$loan = $_POST['loan'];
$price = $_POST['price'];
$other = $_POST['other'];
$message = $_POST['message'];

if(IsInjected($visitor_email))
{
    echo "Bad email value!";
    exit;
}

$email_from = $visitor_email;
$email_subject = "Application Loan";

$email_body = "You have received a new message from $name\n\n".
    "Here is the Application: \n\n".
    "Phone: $phone\n\n".
    "Martial Status: $martial\n\n".
    "Resident: $resident\n\n".
    "Birth: $birth\n\n".
    "Dependents: $dependents\n\n".
    "Address: $address\n\n".
    "City: $city\n\n".
    "Province: $province\n\n".
    "Postal: $postal\n\n".
    "Years at this Address: $years\n\n".
    "Rent or Own: $rent\n\n".
    "Property: $property\n\n".
    "Loan: $loan\n\n".
    "Price: $price\n\n".
    "Other: $other\n\n".
    "Message: $message\n\n";

$to = "email@gmail.com";//<== update the email address
$headers = "From: $visitor_email \r\n";
$headers .= "Reply-To: $visitor_email \r\n";

//Send the email!
mail($to,$email_subject,$email_body,$headers);
//done. redirect to thank-you page.
header('Location:thank-you.html');
// Function to validate against any email injection attempts

function IsInjected($str)
{
  $injections = array('(\n+)','(\r+)','(\t+)','(%0A+)','(%0D+)','(%08+)','(%09+)' );
  $inject = join('|', $injections);
  $inject = "/$inject/i";

  if(preg_match($inject,$str)){return true;}
  else{return false;}
}
?>

Thanks in advance.

hassaad
  • 1
  • 2

3 Answers3

0

The string concatenation doesn't work because of the newline.

Patricia
  • 2,885
  • 2
  • 26
  • 32
0

rewrite your code and use <br> except \n & when submit form check data using isset function, add a hidden field for doing it.

Jobayer
  • 1,221
  • 1
  • 14
  • 22
0

I've copied over your code and it runs fine, except you have a typo with $address. Sometimes you use address (which is the correct), and sometimes adress.

The email I received:

You have received a new message from First Name
Here is the Application:
Phone: 0000000
Martial Status: Married
Resident: Yes
Birth: 2014-10-19
Dependents: 42
Address: Street Address
City: City
Province: Province
Postal: Postal Code
Years at this Address: 42
Rent or Own: Own
Property: Primary Residence
Loan: 42
Price: 42
Other: 42
Message: Comments

The new display of lines will work with most email clients because there are no html tags, so it will be displayed as plain text. Setting the appropriate header also helps.

Otherwise, what is your back-end? OS, host, PHP versions?

Community
  • 1
  • 1
lazos
  • 21
  • 4
  • I have tried changing the header but I still only get the name value. Also I noticed even if I change it to only send 1 variable the only one that works is $name... I will try to get the host information. "You have received a new message from myname Here is the Application: Phone: Martial Status: Resident: Birth: Dependents: Address: City: Province: Postal: Years at this Address: Rent or Own: Property: Loan: Price: Other: Message:" – hassaad Oct 19 '14 at 12:47
  • Setting the header at the receiving php script will not affect the POST data it got as input. Anyhow, that's unlikely the problem. Since the code you provided more-or-less works (martial,address), there's something fishy going around with your environment. Do you use any framework (cake,symfony,fuel,etc...)? What versions does `phpinfo();` show? – lazos Oct 21 '14 at 17:19