1. 首頁
  2. 問答
  3. 選擇選項,電子郵件表格

選擇選項,電子郵件表格

2016-02-14 85 views
0

我試圖讓'選擇'發佈到我的電子郵件,其他輸入字段 做後,但不是選擇它驅使我堅果。請指教。另外任何 額外的建議,在SQL注入預防方法將不勝感激。選擇選項,電子郵件表格

HTML 

<form action="contactform.php" method="post" > 
<input type="text" name="name" placeholder="*Full Name"> 
<input type="text" name="email" placeholder="*Email"> 
<input type="tel" name="telephone"placeholder="*Telephone"> 
<input type="text" name="comments"class="feedback-input"id="comments"placeholder="*How can I help?"> 
<select name="selectoption"> 
    <option value="first">First</option> 
    <option value="second">Second</option> 
    <option value="third">Third</option> 
    </select> 
<input type="text" name="code" placeholder="1+2 =" /> 
<input type="submit"value="Send"class="button"> 
</form> 



PHP 
<?php 

if(isset($_POST['email'])) { 


if (strtolower($_POST['code']) != '3') {die('Wrong access code');} 


    $email_to = ""; 

    $email_subject = "contact form submission"; 

    $name = $_POST['name']; // required 

    $email_from = $_POST['email']; // required 

    $telephone = $_POST['telephone']; // not required 


    $comments = $_POST['comments']; // required 

    $selectoption = $_POST['selectoption']; // required 



    function clean_string($string) { 

     $bad = array("content-type","bcc:","to:","cc:","href"); 

     return str_replace($bad,"",$string); 

    } 

    $email_message .= "Name: ".clean_string($name)."\n"; 

    $email_message .= "Email: ".clean_string($email_from)."\n"; 

    $email_message .= "Telephone: ".clean_string($telephone)."\n"; 


    $email_message .= "Comments: ".clean_string($comments)."\n"; 

    $email_message .= "Selectoption: ".clean_string($selectoption)."\n"; 




// create email headers 

$headers = 'From: '.$email_from."\r\n". 

'Reply-To: '.$email_from."\r\n" . 

'X-Mailer: PHP/' . phpversion(); 

@mail($email_to, $email_subject, $email_message, $headers); 

?> 






Thank you for contacting us. We will be in touch with you very soon. 
<a href="#">return to website</a> 


<?php 

} 

?> 



thanks very much 
Dan

來源

2016-02-14 Dave

+0

你的第一個'$ email_message'實例是串聯的。你應該以'$ email_message =「」;'不是'$ email_message。=「」;' –

+0

也是一個提示。在你乾淨的字符串函數中。你只是比較數組本身。你應該在該函數中運行一個循環來遍歷每個比較。 –

+0

您的$ _POST變量需要更多衛生設施。我給你寫了這個快速功能,供將來參考。 '功能保護($ p) { \t $ p = stripslashes($ p); \t $ p = strip_tags($ p); \t $ p = preg_replace(「[^ A-Za-z0-9]」,「」,trim(trim($ p,「'」),''')); \t return $ p; } –

回答

0 
<select name="selectoption"> 
    <option value="first">First</option> 
    <option value="second">Second</option> 
    <option value="third">Third</option> 
</select>

可以得到選擇的valueBy下面的代碼: -

$selectOption = $_POST['selectoption'];

使用isset檢查值存在與否。

$name = isset($_POST['name']) ? $_POST['name'] : ''; 

$email_from = isset($_POST['email']) ? $_POST['email'] : ''; 

$telephone = isset($_POST['telephone']) ? $_POST['telephone'] : '';  

$comments = isset($_POST['comments']) ? $_POST['comments'] : ''; 

$selectoption = isset($_POST['selectoption']) ? $_POST['selectoption'] : '';

SQL注入防禦技術,

轉寄此link

希望它能幫助你:)

來源

2016-02-14 05:45:13

+0

,沒有工作拉維在電子郵件它發佈:Selectoption:但不值::( – Dave

+0

感謝亞當和拉維 – Dave

+0

$電話= $ _POST ['電話']; //需要 $評論= $ _ POST [ '意見']; //需要 $ selectOption = $ _ POST [ 'selectoption']; – Dave

相關問題

 相關問題