-1

I am working on adding security onto my contact form and I can't seem to find the reason as to why I get errors. Currently, when I test the php form, I get this error: Parse error: syntax error, unexpected T_IF in /home/content/86/5284386/html/websitenamewashere/contact.php on line 16

PHP:

    <?php
 
if(isset($_POST['email'])) {
 
     
 
    // EDIT THE 2 LINES BELOW AS REQUIRED
 
    $to = "yahoo@gmail.com";
 
    $subject = "Contact Form Submission";
 

 
    function died($error) {
 
        // your error code can go here
 
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
 
        echo "These errors appear below.<br /><br />";
 
        echo $error."<br /><br />";
 
        echo "Please go back and fix these errors.<br /><br />";
 
        die();
 
    }
 
     
 
    // validation expected data exists
 
    if(!isset($_POST['contact-name']) ||
  
        !isset($_POST['contact-email']) ||
 
        !isset($_POST['contact-phone']) ||
 
        !isset($_POST['child_info'])) {
 
        died('We are sorry, but there appears to be a problem with the form you submitted.');       
 
    }
 
     


        $contactname = $_POST["contact-name"]; //required

        $contactemail = $_POST["contact-email"]; //required

        $contactphone = $_POST["contact-phone"]; //required

        $child_info = $_POST["child_info"]; //required

 
     
 
    $error_message = "";
 
    $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
 
  if(!preg_match($email_exp,$contactemail)) {
 
    $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
 
  }
 
    $string_exp = "/^[A-Za-z .'-]+$/";
    $numb_exp = '/^[0-9.-]';
 
  if(!preg_match($string_exp,$contactname)) {
 
    $error_message .= 'The First Name you entered does not appear to be valid.<br />';
 
  }
 
  if(!preg_match($numb_exp,$contactphone)) {
 
    $error_message .= 'The Phone Number you entered does not appear to be valid.<br />';
 
  }
 
  if(strlen(child_info) < 2) {
 
    $error_message .= 'The Comments you entered do not appear to be valid.<br />';
 
  }
 
  if(strlen($error_message) > 0) {
 
    died($error_message);
 
  }
 
    $email_message = "Form details below.\n\n";
 
     
 
    function clean_string($string) {
 
      $bad = array("content-type","bcc:","to:","cc:","href");
 
      return str_replace($bad,"",$string);
 
    }
 
     
 
    $email_message .= "First Name: ".clean_string($contactname)."\n";
  
    $email_message .= "Email: ".clean_string($contactemail)."\n";
 
    $email_message .= "Telephone: ".clean_string($contactphone)."\n";
 
    $email_message .= "Child Information: ".clean_string($child_info)."\n";
 
     
 
     
 
// create email headers
 
$headers = 'From: '.$contactemail."\r\n".
 
'Reply-To: '.$contactemail."\r\n" .
 
'X-Mailer: PHP/' . phpversion();
 
@mail($email_to, $email_subject, $email_message, $headers);  
 
?>
 


 
Thank you for contacting us. We will be in touch with you very soon.
 
 
 
<?php
 
}
 
?>

My HTML: 

<form action="contact.php" class="footer-form" method="post">
<p class="title">How can we be of service?</p>

<div class="form-group">
    <strong>
        <input type="text" class="form-control" name="contact-name" id="contact-name" placeholder="Name:">
    </strong>
</div>
<div class="form-group">
    <strong>
        <input type="email" class="form-control" name="contact-email"" id="contact-email" placeholder="E-mail:">
    </strong>
</div>
<div class="form-group">
    <strong>
        <input type="phone" class="form-control" name="contact-phone" id="contact-phone" placeholder="Phone:">
    </strong>
</div>
<div class="form-group">
    <strong> 
        <input type="text" class="form-control" name="child_info" id="child_info" placeholder="Tell us about your child:">
    </strong>
</div>
<button type="submit" class="btn btn-default waves-effect waves-button waves-float waves-classic"><strong>Submit</strong></button>
BeepBoopBoopBop
  • 1
  • 1
  • 3

2 Answers2

1

You've missed closing speech quotations on the following line:

$subject = "Contact Form Submission;

It should be:

$subject = "Contact Form Submission";

In your HTML you also have an extra speech quote (not that it would affect the PHP error)

 name="contact-email""
Jamie Bicknell
  • 2,306
  • 17
  • 35
  • Oh wow, I can't believe i missed that! I made the changes but I still get the same error message as before. Is there something else that is going wrong? – BeepBoopBoopBop Jul 07 '15 at 22:46
  • I'm not seeing any other error in the code other than that missing " – Jamie Bicknell Jul 07 '15 at 22:53
  • Hmm, I am not sure why I get the errors then? Could any of my security snippets be the problem like the one line that it checks if you put in a proper phone number? The errors seem to stay the same while the code improves :/ – BeepBoopBoopBop Jul 07 '15 at 23:00
  • Errors are checked for the entire script when it's run, not just when the IF statements are true so if this were the case then it'll show the errors at that time. – Jamie Bicknell Jul 07 '15 at 23:05
  • Do you know why I am seeing the errors then? Should I clear my cache or something? – BeepBoopBoopBop Jul 07 '15 at 23:17
  • Your browse shouldn't cache POST'd data. Can you update your original message with the current code in contact.php? – Jamie Bicknell Jul 07 '15 at 23:21
  • I'm not getting any errors with the code in the example, is there any other code anywhere that is also being called? – Jamie Bicknell Jul 07 '15 at 23:37
  • No, these are the only codes that make the form. are you able to test it and see if it functions properly on your end? Maybe its my computer or browser that is not updating it properly? – BeepBoopBoopBop Jul 08 '15 at 00:56
  • I ran this php in phpstorm, it shows that i have 109 errors? why is that – BeepBoopBoopBop Jul 08 '15 at 01:55
0
  died('We are sorry, but there appears to be a problem with the form you submitted.');       

    }

Should be die

YesItsMe
  • 1,709
  • 16
  • 32