PHP redirection after post and thank you message

Question

this is my first question here,i'm hoping not to do it wrong.

Im using a simple form in my website, here is the mailer php code:

<?php
    $name = $_POST['name'];
    $email = $_POST['email'];
    $message = $_POST['message'];
    $from = 'xxxxx'; 
    $to = 'xxxx@xxxx.com'; 
    $subject = 'xxxxx';
    $human = $_POST['human'];

    $body = "De: $name\n E-Mail: $email\n Mensaje:\n $message";

    if ($_POST['submit']) {
        if ($name != '' && $email != '') {
            if ($human == '4') {                 
                if (mail ($to, $subject, $body, $from)) { 
                echo '<p>Su mensaje ha sido enviado correctamente!</p>';
            } else { 
                echo '<p>Ocurrió un error, porfavor vuelva e intentlo de nuevo!</p>'; 
            } 
        } else if ($_POST['submit'] && $human != '4') {
            echo '<p>Su respuesta anti-spam es incorrecta!</p>';
        }
        } else {
            echo '<p>Por favor, rellene todos los campos obligatorios!!</p>';
        }
    }
?>

1) I would like to redirect to index after the Thank you message!! i cant find the way to do it though.

2) And if its possible, point me in the right direction to improve the Anti-spam system.

Thanks in advance!! ;)

score 0 · Answer 1 · edited May 23 '17 at 12:05

You can indeed redirect using the php header as stated by SimonEritsch. However, take care to NOT redirect if there is a problem with the form as you will most likely need to show/re-render the form again to allow the user to correct the error. only redirect away on success.

You could also use the header("Location:myResponsePage.php") which is immediate, rather than incorporating a delay.

There are a variety of methods you can employ in an attempt to limit spam/bots from processing the form. These range from captures such as that from Google (again as mentioned below by SimonEritsch) to implementing your own additional checks either side of your form. For example:

Check the referrer is actually the submission page on your own site and that the data does not come from elsewhere.
Perhaps create a session variable at some other stage in the process that must be visited before submitting the form. You can then also pass that as a hidden form variable. If the passed value is incorrect or the session value does not exist then all processes probably haven't been followed.
There is a simple "blank field" trick but I personally wouldn't recommend JUST doing that. Interesting though.

There are lots of things you can employ. Have a good look around such as this post "Stop spam without Captcha" or Practical non-image based CAPTCHA approaches both here on SO.

AStopher · Answer 2 · 2015-01-13T17:33:55.283

In your code you can use a PHP header in order to make the page redirect, but however you're probably going to want to incorporate a delay so the user sees the 'Thank You' message.

For example, you can use this:

<?php
    $name = $_POST['name'];
    $email = $_POST['email'];
    $message = $_POST['message'];
    $from = 'xxxxx'; 
    $to = 'xxxx@xxxx.com'; 
    $subject = 'xxxxx';
    $human = $_POST['human'];

    $body = "De: $name\n E-Mail: $email\n Mensaje:\n $message";

    if ($_POST['submit']) {
        if ($name != '' && $email != '') {
            if ($human == '4') {                 
                if (mail ($to, $subject, $body, $from)) { 
                echo '<p>Su mensaje ha sido enviado correctamente!</p>';

                $redirSec = 3;
                $redirPage = "http://example.com/secretarea";
                header("Refresh: ". $redirSec ."; url=". $redirPage);
            } else { 
                echo '<p>Ocurrió un error, porfavor vuelva e intentlo de nuevo!</p>'; 
            } 
        } else if ($_POST['submit'] && $human != '4') {
            echo '<p>Su respuesta anti-spam es incorrecta!</p>';
        }
        } else {
            echo '<p>Por favor, rellene todos los campos obligatorios!!</p>';
        }
    }
?>

As for your anti-spam human verification, you should try using a Recaptcha solution such as the one offered by Google that requires the user to click the I'm not a robot box in order to proceed:

enter image description here

thank you cybermonkey, can you show me how to adapt it on my code? — Diego, Jan 13 '15 at 12:42
@Diego I do not use any Recaptcha solutions since I don't run any websites (that require it), but however implementation is pretty well documented. — AStopher, Jan 13 '15 at 12:45
its ok, the reCaptcha i will find out, i meant the header code you gave me. — Diego, Jan 13 '15 at 17:28
@Diego It's not clear where your `Thank You` code is because it's not in English and I'm having trouble translating it. Is it this line: `echo '
Su mensaje ha sido enviado correctamente!
';`? Check out my edit and please give feedback. — AStopher, Jan 13 '15 at 17:31
Yes indeed, that is the correct line. Ive tried but its not working thougth my friend. — Diego, Jan 14 '15 at 03:19

score -1 · Answer 3 · answered Jan 12 '15 at 17:17

You can use the php header function:

header('Refresh: 2; url=http://google.com');

2 (after Refresh:) is the number of second and url the url. (which can also be relative to your domain like: "/success.php")

Regarding your Antispam system: I can't say much about it, because I only see that you get the POST value. (but not where it comes from or what it is) But google "Captchas" or Howtos to get an idea on how to make them.

PHP redirection after post and thank you message

3 Answers3