PHP contact form verification field

StackOverflow https://stackoverflow.com/questions/21734433

Question

Using the script below (taken from a template), I added a simple verification question to prevent spam (What is 2 + 2?). As of now, when the submit button is filled, the error.php page appears but the form is submitted as blank.

How do I ensure the form is only submitted after verifying the security question? 

<?php

$EmailTo = "myemail@email.com";
$Subject = "website";
$name = Trim(stripslashes($_POST['name'])); 
$email = Trim(stripslashes($_POST['email'])); 
$number = Trim(stripslashes($_POST['number'])); 
$message = Trim(stripslashes($_POST['message'])); 

// validation
$validationOK=true;
if (!$validationOK) {
  print "<meta http-equiv=\"refresh\" content=\"0;URL=error.php\">";
  exit;
}

// prepare email body text
$Body = "";
$Body .= "Name: ";
$Body .= $name;
$Body .= "\n";
$Body .= "Tel: ";
$Body .= $number;
$Body .= "\n";
$Body .= "Email: ";
$Body .= $email;
$Body .= "\n";
$Body .= "Message: ";
$Body .= $message;
$Body .= "\n";

// send email 
$submit = mail($EmailTo, $Subject, $Body, "From: <$email>");

// redirect to success page 
if(isset($_POST['submit'])){
if(isset($_POST['answer']) && $_POST['answer'] == 4){
  print "<meta http-equiv=\"refresh\" content=\"0;URL=contactthanks.php\">";
}else{
  print "<meta http-equiv=\"refresh\" content=\"0;URL=error.php\">";
}
}
?>

The form code follows:

<div id="form-holder" class="cont">
                        <h2>Contact form</h2>
                    <form method="post" action="send.php" class="uniform get-in-touch">

                    <div class="i-h">
                    <input type="text" name="name" id="name"/>
                    <div class="i-l"><span>Name</span></div></div>

                    <div class="i-h">
                    <input type="email" name="email" id="email"/>
                    <div class="i-l"><span>E-mail</span></div></div>

                    <div class="i-h">
                    <input type="text" name="number" id="number"/>
                    <div class="i-l"><span>Number</span></div></div>

                    <div class="t-h">
                    <textarea name="message" rows="32" cols="8" id="message" placeholder="Please leave us a message."></textarea>
                    </div>

                    <br><p>What is 2+2?</p><input type="text" name="answer" id="answer" />

                    <input type="submit" name="submit" value="Submit" class="submit-button">
                            <a href="#" class="do-clear">Clear</a>
                </form>
                    </div>
Was it helpful?

Solution

Another alternative is doing it in purely PHP:

if( !empty( $_POST['answer'] ) && $_POST['answer'] == 4) {
     // send email 
     $submit = mail($EmailTo, $Subject, $Body, "From: <$email>");
} else {
     // Set error
     echo "Verification failed.";
}

OTHER TIPS

If you're building for HTML5, you can use the required attribute.

<br><p>What is 2+2?</p><input type="text" name="answer" id="answer" required/>
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top