I do know php form validation is touched on often here, but I'm a complete php newbie and I'm just sort of hacking away at a php form script I found here, so I'm not sure how to proceed here with the two things I require.
I would like my form to require that a Terms & Conditions box is checked before it will submit (and if the box is not checked, to return an error message in the way this script processes error messages).
I would also like the fact that the Terms & Conditions box was checked to be emailed to me with the rest of the form data.
The salient bit of the html that I've tried is:
<td><input type="checkbox" name="terms-and-conditions" value="terms-and-conditions" /><label for="terms-and-conditions">I have read the <a href="terms.html">Terms & Conditions</a> *</label></td>
The php form with the alterations I've tried is:
<?php
if(isset($_POST['email'])) {
// EDIT THE 2 LINES BELOW AS REQUIRED
$email_to = "support@xxxxxxx.com";
$email_subject = "Order Form";
function died($error) {
// your error code can go here
echo "We are very sorry, but there were error(s) found with the form you submitted. ";
echo "These errors appear below.<br /><br />";
echo $error."<br /><br />";
echo "Please go back and fix these errors.<br /><br />";
die();
}
// validation expected data exists
if(!isset($_POST['first_name']) ||
!isset($_POST['last_name']) ||
!isset($_POST['email']) ||
!isset($_POST['URL']) ||
!isset($_POST['date']) ||
!isset($_POST['comments']) ||
!isset($_POST['terms-and-conditions'])) {
died('We are sorry, but there appears to be a problem with the form you submitted.');
}
$first_name = $_POST['first_name']; // required
$last_name = $_POST['last_name']; // required
$email_from = $_POST['email']; // required
$URL = $_POST['URL']; // required
$date = $_POST['date']; // not required
$comments = $_POST['comments']; // not required
$terms-and-conditions = $_POST['terms-and-conditions']; // required
$error_message = "";
$email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
if(!preg_match($email_exp,$email_from)) {
$error_message .= 'The Email Address you entered does not appear to be valid.<br />';
}
$string_exp = "/^[A-Za-z .'-]+$/";
if(!preg_match($string_exp,$first_name)) {
$error_message .= 'The First Name you entered does not appear to be valid.<br />';
}
if(!preg_match($string_exp,$last_name)) {
$error_message .= 'The Last Name you entered does not appear to be valid.<br />';
}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Form details below.\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "First Name: ".clean_string($first_name)."\n";
$email_message .= "Last Name: ".clean_string($last_name)."\n";
$email_message .= "Email: ".clean_string($email_from)."\n";
$email_message .= "URL: ".clean_string($URL)."\n";
$email_message .= "Date: ".clean_string($date)."\n";
$email_message .= "Comments: ".clean_string($comments)."\n";
$email_message .= "Terms And Conditions: ".clean_string($terms-and-conditions)."\n";
// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
?>
<!-- include your own success html here -->
Thank you for submitting the order form.
<?php
}
?>
With what I've added, the form now throws a 500 Internal Server Error. I was able to successfully add and remove input fields to and from this php form, but I have no idea how to require it to have a checkbox filled in before it will submit (plus have it return the error message if it's not filled in) and have it email me, with the rest of the data, that it has been filled in.
