0

我尝试编写一个 PHP 脚本来自动发送带有表单输入的电子邮件,但是在提交时调用它时,如果您尝试直接访问 php,它会显示我输入的错误。

任何帮助将不胜感激,我对此很陌生。

<form action="form-to-email.php" method="post" name="camper_registration" id="camper registration" ">
    <label>Last Name*: </label>
    <input name="lastname" type="text" id="lastname" required="required"/><br />
    <label>First Name*: </label>
    <input name="firstname" type="text" id="firstname" required="required"/><br />
    <label>Middle Initial: </label>
    <input type="text" name="initial" size=1 maxlength=1 /><br /><br />

    <label>Street Address*: </label>
    <input name="streetaddress" type="text" id="streetaddress" required="required"/><br />
    <label>Address Line 2: </label><input type="text" name="addressline2" /><br />
    <label>City*: </label>
    <input name="city" type="text" id="city" required="required"/><br />
    <label>State/Province/Region*: </label>
    <input name="state" type="text" id="state" required="required"/><br />
    <label>Zipcode*: </label>
    <INPUT NAME="zip" input type="tel" SIZE=5 MAXLENGTH=5 onKeyPress="return numbersonly(this, event)" required="required"><br /><br />
    <label>Youth's Email*: </label>
    <input type="email" name="email" required="required"/><br /><br />
    <label>Date of Birth*: </label>
    <INPUT NAME="month" input type="tel" SIZE=2 MAXLENGTH=2 onKeyPress="return numbersonly(this, event)" required="required">/
    <INPUT NAME="day" input type="tel" SIZE=2 MAXLENGTH=2 onKeyPress="return numbersonly(this, event)" required="required">/
    <INPUT NAME="year" input type="tel" SIZE=4 MAXLENGTH=4 onKeyPress="return numbersonly(this, event)" required="required">

    <SCRIPT TYPE="text/javascript">
        autojump("month", "day", 2); autojump("day", "year", 2);
    </SCRIPT>
    <br /><br />
    <label>Grade completed in<br /> Spring 2013*: </label>
    <input type="tel" name="grade" size=2 maxlength=2 required="required"/><br /><br />
    <label>Gender*:</label>
    <input type="radio" name="gender" value="Male" required="required"> Male
    <input type="radio" name="gender" value="Female" required="required"> Female <br /> <br />
    <label>Parent/Guardian(s)*: </label>
    <input name="guardian" type="text" id="guardian" required="required"/> <br /><br />
    <label>Parent Phone*: </label>
    (<INPUT NAME="areacode" input type="tel" SIZE=3 MAXLENGTH=3 onKeyPress="return numbersonly(this, event)" required="required">)
    <INPUT NAME="cellphone" input type="tel" SIZE=7 MAXLENGTH=7 onKeyPress="return numbersonly(this, event)" required="required"><br /><br />

    <SCRIPT TYPE="text/javascript">
        <!--
        autojump("areacode", "cellphone", 3);
        //-->
    </SCRIPT>

    <label>1st Emergency Contact*: </label>
    <input name="emergency_contact_1" type="text" id="emergency_contact_1" required="required"/><br /><br />
    <label>Contact Number*: </label>
    (<INPUT NAME="emergency_contact_1_areacode" input type="tel" SIZE=3 MAXLENGTH=3 onKeyPress="return numbersonly(this, event)" required="required">)
    <INPUT NAME="emergency_contact_1_phone" input type="tel" SIZE=7 MAXLENGTH=7 onKeyPress="return numbersonly(this, event)" required="required"><br /><br />

    <SCRIPT TYPE="text/javascript">
        <!--
        autojump("emergency_contact_1_areacode", "emergency_contact_1_phone", 3);
        //-->
    </SCRIPT>

    <label>2nd Emergency Contact*: </label>
    <input name="emergency_contact_2" type="text" id="emergency_contact_2" required="required"/><br /><br />
    <label>Contact Number*: </label>
    (<INPUT NAME="emergency_contact_2_areacode" input type="tel" SIZE=3 MAXLENGTH=3 onKeyPress="return numbersonly(this, event)" required="required">)
    <INPUT NAME="emergency_contact_2_phone" input type="tel" SIZE=7 MAXLENGTH=7 onKeyPress="return numbersonly(this, event)" required="required"><br /><br />

    <SCRIPT TYPE="text/javascript">
        <!--
        autojump("emergency_contact_2_areacode", "emergency_contact_2_phone", 3);
        //-->
    </SCRIPT>

    <label>Name of Home Church: </label>
    <input type="text" name="home_church" /><br /><br />
    <label>Phone Number: </label>
    (<INPUT NAME="church_areacode" input type="tel" SIZE=3 MAXLENGTH=3 onKeyPress="return numbersonly(this, event)">)
    <INPUT NAME="church_phone" input type="tel" SIZE=7 MAXLENGTH=7 onKeyPress="return numbersonly(this, event)"><br />

    <SCRIPT TYPE="text/javascript">
        autojump("church_areacode", "church_phone", 3);
    </SCRIPT>

    <label>Contact Person: </label>
    <input type="text" name="contact_person" /><br /><br />

    <b>Special Needs</b><br /> Some campers may have needs that might require special attention from our staff; accessibility, health concerns, diet, allergies, etc. <br /><br />
    <label>Please list any special needs: </label>
    <textarea rows="10" cols="20" name="special_needs"> </textarea> <br /><br />
    <label>T-Shirt Size*: </label>
    <input type="radio" name="shirt_size" value="Small" required="required"> Small
    <input type="radio" name="shirt size" value="Medium" required="required"> Medium
    <input type="radio" name="shirt size" value="Large" required="required"> Large
    <input type="radio" name="shirt size" value="XL" required="required"> XL
    <input type="radio" name="shirt size" value="2XL" required="required"> 2XL<br /><br />

    <b>Roommate</b><br /> There are double and many single occupancy dorm rooms at Grinnell college campus - if possible we will honor your request for ONE preferred roommate.<br /><br />
    <label>Roommate Preference: </label>
    <input type="text" name="roommate" /><br /><br />

    <div id="satellites">
        <b>Satellite Choices</b><br /> List your first, second, and third choices.  You will be given your first choice if it is not full.  ALL events have limited capacity. If you do not choose a satellite, one will be assigned for you. (<a href="satellites.htm"target="_blank">Satellite Choices</a>)<br />
        <label>First Choice*: </label>
        <input name="firstchoice" type="text" id="firstchoice" required="required"/><br />
        <label>Second Choice*: </label>
        <input name="secondchoice" type="text" id="secondchoice" required="required"/><br />
        <label>Third Choice*: </label>
        <input name="thirdchoice" type="text" id="thirdchoice" required="required"/><br /><br />
    </div>

    <p>
        <b> Remember! </b><br />Please to fill out and bring the <a href="Camper_Health_History_and_Authorization_Form_2013.pdf">Health Form</a> <i>with you to camp</i>.<br /><br />
        <b>Cost of SGU Camp July 8 - 12, 2013  $275 <br /></b> A $50 <i> non-refundable</i> fee is required to be registered. <br /> Due to the limited capacity of 400 campers, please note full payment is due by June 25th to ensure you have completed the registration process.
    </p><br />

    <input type="submit" value="Submit">
</form>

这是PHP

<?php
if(!isset($_POST['submit'])){
    //This page should not be accessed directly. Need to submit the form.
    echo "error; you need to submit the form!";
    die;
}

$page = "camper.htm";
if (!ereg($page, $_SERVER['HTTP_REFERER'])){
    echo "Invalid referer"; 
    die;
}

$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$initial = $_POST['initial'];
$streetaddress = $_POST['streetaddress'];
$addressline2 = $_POST['addressline2'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$email = $_POST['email'];
$month = $_POST['month'];
$day = $_POST['day'];
$year = $_POST['year'];
$grade = $_POST['grade'];
$gender = $_POST['gender'];
$guardian = $_POST['guardian'];
$areacode = $_POST['areacode'];
$cellphone = $_POST['cellphone'];
$contact1 = $_POST['emergency_contact_1'];
$contact1areacode = $_POST['emergency_contact_1_areacode'];
$contact1phone = $_POST['emergency_contact_1_phone'];
$contact2 = $_POST['emergency_contact_2'];
$contact2areacode = $_POST['emergency_contact_2_areacode'];
$contact2phone = $_POST['emergency_contact_2_phone'];
$homechurch = $_POST['home_church'];
$churchareacode = $_POST['church_areacode'];
$churchphone = $_POST['church_phone'];
$contactperson = $_POST['contact_person'];
$specialneeds = $_POST['special_needs'];
$shirtsize = $_POST['shirt_size'];
$roommate = $_POST['roommate'];
$firstchoice = $_POST['firstchoice'];
$secondchoice = $_POST['secondchoice'];
$thirdchoice = $_POST['thirdchoice'];


//Validate first
if(IsInjected($visitor_email)){
    echo "Bad email address!";
    exit;
}

/*
Simple form validation
check to see if an email and message were entered */
if ($_POST['firstname'] == "" || $_POST['lastname'] == "" || $_POST['streetaddress'] == "" || $_POST['city'] == "" || $_POST['state'] == "" || $_POST['zip'] == "" || $_POST['email'] == "" || $_POST['month'] == "" || $_POST['day'] == "" || $_POST['year'] == "" || $_POST['grade'] == "" || $_POST['gender'] == "" || $_POST['guardian'] == "" || $_POST['areacode'] == "" || $_POST['cellphone'] == "" || $_POST['emergency_contact_1'] == ""  || $_POST['emergency_contact_1_areacode'] == ""  || $_POST['emergency_contact_1_phone'] == ""  || $_POST['emergency_contact_2'] == ""  || $_POST['emergency_contact_2_areacode'] == ""  || $_POST['emergency_contact_2_phone'] == ""  || $_POST['shirt_size'] == ""  || $_POST['firstchoice'] == ""  || $_POST['secondchoice'] == ""  || $_POST['thirdchoice'] == "" ) {
    echo "Please fill in all required boxes.";
}
else {
    $email_from = 'cscholtens@marionmethodist.org';//<== update the email address
    $email_subject = "New Registration";
    $email_body = "You have received a new registration.\n". 
        "Camper: $firstname $initial $lastname \n".
        "Address: $streetaddress \n".
        "$addressline2 \n".
        "$city, $state $zip \n".
        "Email: $email \n".
        "Date of Birth: $month/$day/$year \n".
        "Grade Completed: $grade \n".
        "Gender: $gender \n".
        "Guardian: $guardian \n".
        "Guardian Cell Phone: ($areacode) $cellphone \n".
        "First Emergency Contact: $contact1  Contact Number: ($contact1areacode) $contact1phone \n".
        "Second Emergency Contact: $contact2  Contact Number: ($contact2areacode) $contact2phone \n".
        "Home Church: $homechurch Contact Number: ($churchareacode) $churchphone Contact Person: $contactperson \n".
        "Special Needs: $specialneeds \n".
        "T-Shirt Size: $shirtsize \n".
        "Roommate Preference: $roommate \n".
        "Satellite Preferences: 1.$firstchoice 2.$secondchoice 3.$thirdchoice \n".
        " \n".

    $to = "cscholtens@marionmethodist.org";//<== update the email address
    $headers = "From: $email_from \r\n"; //Send the email!
    mail($to,$email_subject,$email_body,$headers);
    //done. redirect to thank-you page.
    header('Location: thanks2.htm');

    // Function to validate against any email injection attempts
    function IsInjected($str) {
        $injections = array('(\n+)',
            '(\r+)',
            '(\t+)',
            '(%0A+)',
            '(%0D+)',
            '(%08+)',
            '(%09+)'
        );
        $inject = join('|', $injections);
        $inject = "/$inject/i";
        if(preg_match($inject,$str)){
            return true;
        }
        else{
            return false;
        }
    }
}
?>
4

4 回答 4

2

您必须确保您的提交按钮具有name值为 的属性submit。否则$_POST['submit']永远不会被设置。

<input type="submit" name="submit" value="Submit Form">
于 2012-12-21T15:08:34.520 回答
0

'HTTP_REFERER' The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.

http://php.net/manual/en/reserved.variables.server.php

Echo the HTTP_REFERRER variable to see if anything there. Use php_ header function to check URL maybe.

于 2012-12-21T15:22:13.990 回答
0

这是我的标准教学示例。您可能想摆脱 ereg() 函数!

<?php // RAY_form_to_email.php
error_reporting(E_ALL);


// SEND MAIL FROM A FORM


// REQUIRED VALUES ARE PREPOPULATED - CHANGE THESE FOR YOUR WORK
$from  = "NoReply@Your.org";
$subj  = "Contact Form";

// THIS IS AN ARRAY OF RECIPIENTS - CHANGE THESE FOR YOUR WORK
$to[]  = "You@Your.org";
$to[]  = "Her@Your.org";
$to[]  = "Him@Your.org";


// IF THE DATA HAS BEEN POSTED
if (!empty($_POST['email']))
{
    // DISABLED ON THE SERVER SIDE
    var_dump($_POST);
    die(' DISABLED');

    // CLEAN UP THE POTENTIALLY BAD AND DANGEROUS DATA
    $email      = clean_string($_POST["email"]);
    $name       = clean_string($_POST["name"]);
    $telephone  = clean_string($_POST["telephone"]);

    // CONSTRUCT THE MESSAGE THROUGH STRING CONCATENATION
    $content    = NULL;
    $content   .= "You have a New Query From $name" . PHP_EOL . PHP_EOL;
    $content   .= "Tel No: $telephone" . PHP_EOL;
    $content   .= "Email: $email" . PHP_EOL;

    // SEND MAIL TO EACH RECIPIENT
    foreach ($to as $recipient)
    {
        if (!mail( $recipient, $subj, $content, "From: $from\r\n"))
        {
            echo "MAIL FAILED FOR $recipient";
        }
        else
        {
            echo "MAIL WORKED FOR $recipient";
        }
    }

    // PRODUCE THE THANK-YOU PAGE
    echo '<p>THANK YOU</p>' . PHP_EOL;
}


// A FORM TO TAKE CLIENT INPUT FOR THIS SCRIPT
$form = <<<ENDFORM
<form method="post">
Please enter your contact information
<br/>Email: <input name="email" />
<br/>Phone: <input name="telephone" />
<br/>Name:  <input name="name" />
<br/><input type="submit" />
</form>
ENDFORM;

回声$形式;

于 2012-12-21T15:17:26.223 回答
0

您需要一种更好的方法来检测表单已发布..

if($_SERVER['REQUEST_METHOD'] !== 'POST')
{
    //do error here
}

提交表单时,这将返回 POST。您需要进一步验证它是您的表单,但唯一可靠的方法是使用表单键。

于 2012-12-21T15:18:17.517 回答