0

I have a contact form which is an HTML-PHP hybrid.

The PHP script is meant to send the form data to an email address but it's sending the element id alone and not appending the submitted value.

Here's the code I'm using:

<?php 
$ToEmail = '[email protected]'; 
$EmailSubject = 'Site contact form'; 
$mailheader = "From: ".$_POST["email"]."\r\n"; 
$mailheader .= "Reply-To: ".$_POST["email"]."\r\n"; 
$mailheader .= "Content-type: text/html; charset=iso-8859-1\r\n"; 
$MESSAGE_BODY = "Name: ".$_POST["name"].""; 
$MESSAGE_BODY .= "Email: ".$_POST["email"].""; 
$MESSAGE_BODY .= "Subject: ".$_POST["subject"]."";
$MESSAGE_BODY .= "Comment: ".nl2br($_POST["comment"]).""; 
mail($ToEmail, $EmailSubject, $MESSAGE_BODY, $mailheader) or die ("Failure"); 
?>

                            <form class="form-horizontal" name="contactform" action="contact.php" method="post">
                                  <div class="control-group">
                                    <label class="control-label" for="name">Name*</label>
                                    <div class="controls">
                                      <input type="text" id="name" placeholder="Name">
                                    </div>
                                  </div>
                                  <div class="control-group">
                                    <label class="control-label" for="email">Email*</label>
                                    <div class="controls">
                                      <input type="text" id="email" placeholder="Email">
                                    </div>
                                  </div>
                                  <div class="control-group">
                                    <label class="control-label" for="subject">Subject*</label>
                                    <div class="controls">
                                      <input type="text" id="subject" placeholder="Subject">
                                    </div>
                                  </div>
                                   <div class="control-group">
                                    <label class="control-label" for="comment">Message*</label>
                                    <div class="controls">

                                      <textarea rows="4" id="comment" placeholder="Type your message here..."></textarea>
                                    </div>
                                  </div>
                                  <div class="control-group">
                                    <div class="controls">
                                      <p> *Required fields</p>
                                      <button type="submit" name="submit" class="btn">Submit</button>
                                    </div>
                                  </div>
                            </form>
Improve this question
2
  • So what's the content of the email received? Commented Aug 5, 2013 at 20:45
  • Hi my name is Bobby Injection and my emailaddress is [email protected]\r\nHeader: injection Commented Aug 5, 2013 at 20:45

4 Answers 4

Reset to default
4

Your inputs are all missing the name attribute, which is what is sent via post to the server.

<input type="text" id="email" placeholder="Email" name="email">

You will access the variable with $_POST['email']

I suggest your grab an off-the-shelf library to handle this like http://swiftmailer.org/

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

You can test your form variables as well using:

print_r($_POST);

Obviously you would want to put this into some sort of post check such as:

if($_POST)
{
    print_r($_POST);
}
Improve this answer

Comments

0

As user2023... already said, your input forms are missing the name attribute.

Change your lines to:

<input type="text" id="name" name="name" placeholder="Name">
<input type="text" id="email" name="email" placeholder="Email">
<input type="text" id="subject" name="subject" placeholder="Subject">
<textarea rows="4" id="comment" name="comment" placeholder="Type your message here..."></textarea>

And then in your form processing script, you can do:

if( isset($_POST['submit']) ) { //checking if the form was submitted

print_r($_POST); //this would give you all the submitted fields

$name = $_POST["name"];
$email = $_POST["email"];
//and so on...

}
Improve this answer

Comments

0

Input given through POST or GET from forms is identified by the name attribute given in HTML and not the id. So you should give

<input type="text" name="name" placeholder="Name" />

in your html, and use $_POST["name"] to access the value in the processing code.

Also, I think you are using the same file, contact.php, for both the code for displaying the form and the PHP code for processing the form input. This is OK, but in such cases, you need to have a check like

if (isset ($_POST ["submit"]) {
    /* code to process input from user */
}

in your PHP code (otherwise it will not work properly while first displaying the form).

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.