On the first submit, this returns user to index with the POST data still in the URL. On the second submit with the data in the url now, it then returns the errors or process the mail. I am not sure what exactly is causing this.
<?php
if(!isset($_POST['submit']))
{
//This page should not be accessed directly. Need to submit the form.
echo "error; you need to submit the form!";
}
$name = $_POST['name'];
$company = $_POST['company'];
$project = $_POST['project'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
unset($_POST);
//Validate first
if(empty($name)||empty($email))
{
echo "Name and email are mandatory!";
exit;
}
if(IsInjected($email))
{
echo "Bad email value!";
exit;
}
$email_from = '[email protected]';
$email_subject = "New Contact Request";
$email_body = "You have received a new message from $name.\n
email: $email\n
company: $company\n
project: $project\n
phone: $phone\n
message: $message\n";
$to = '[email protected]';
$headers = "From: $email_from \r\n";
mail($to,$email_subject,$email_body,$headers);
//done. redirect to thank-you page.
header('Location: index.html');
// Function to validate against any email injection attempts
function IsInjected($str)
{
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str))
{
return true;
}
else
{
return false;
}
}
?>
