您的位置: 首页  >  技术问答  >  选择选项,电子邮件表格

选择选项,电子邮件表格

分类: 技术问答 2022-08-26 10:20:56
问题描述:

我试图让'选择'发布到我的电子邮件,其他输入字段 做后,但不是选择它驱使我坚果。请指教。另外任何 额外的建议,在SQL注入预防方法将不胜感激。选择选项,电子邮件表格

HTML 

<form action="contactform.php" method="post" > 
<input type="text" name="name" placeholder="*Full Name"> 
<input type="text" name="email" placeholder="*Email"> 
<input type="tel" name="telephone"placeholder="*Telephone"> 
<input type="text" name="comments"class="feedback-input"id="comments"placeholder="*How can I help?"> 
<select name="selectoption"> 
    <option value="first">First</option> 
    <option value="second">Second</option> 
    <option value="third">Third</option> 
    </select> 
<input type="text" name="code" placeholder="1+2 =" /> 
<input type="submit"value="Send"class="button"> 
</form> 



PHP 
<?php 

if(isset($_POST['email'])) { 


if (strtolower($_POST['code']) != '3') {die('Wrong access code');} 


    $email_to = ""; 

    $email_subject = "contact form submission"; 

    $name = $_POST['name']; // required 

    $email_from = $_POST['email']; // required 

    $telephone = $_POST['telephone']; // not required 


    $comments = $_POST['comments']; // required 

    $selectoption = $_POST['selectoption']; // required 



    function clean_string($string) { 

     $bad = array("content-type","bcc:","to:","cc:","href"); 

     return str_replace($bad,"",$string); 

    } 

    $email_message .= "Name: ".clean_string($name)."\n"; 

    $email_message .= "Email: ".clean_string($email_from)."\n"; 

    $email_message .= "Telephone: ".clean_string($telephone)."\n"; 


    $email_message .= "Comments: ".clean_string($comments)."\n"; 

    $email_message .= "Selectoption: ".clean_string($selectoption)."\n"; 




// create email headers 

$headers = 'From: '.$email_from."\r\n". 

'Reply-To: '.$email_from."\r\n" . 

'X-Mailer: PHP/' . phpversion(); 

@mail($email_to, $email_subject, $email_message, $headers); 

?> 






Thank you for contacting us. We will be in touch with you very soon. 
<a href="#">return to website</a> 


<?php 

} 

?> 



thanks very much 
Dan
+0

你的第一个'$ email_message'实例是串联的。你应该以'$ email_message =“”;'不是'$ email_message。=“”;' –

+0

也是一个提示。在你干净的字符串函数中。你只是比较数组本身。你应该在该函数中运行一个循环来遍历每个比较。 –

+0

您的$ _POST变量需要更多卫生设施。我给你写了这个快速功能,供将来参考。 '功能保护($ p) { \t $ p = stripslashes($ p); \t $ p = strip_tags($ p); \t $ p = preg_replace(“[^ A-Za-z0-9]”,“”,trim(trim($ p,“'”),''')); \t return $ p; } – 

<select name="selectoption"> 
    <option value="first">First</option> 
    <option value="second">Second</option> 
    <option value="third">Third</option> 
</select>

可以得到选择的valueBy下面的代码: -

$selectOption = $_POST['selectoption'];

使用isset检查值存在与否。

$name = isset($_POST['name']) ? $_POST['name'] : ''; 

$email_from = isset($_POST['email']) ? $_POST['email'] : ''; 

$telephone = isset($_POST['telephone']) ? $_POST['telephone'] : '';  

$comments = isset($_POST['comments']) ? $_POST['comments'] : ''; 

$selectoption = isset($_POST['selectoption']) ? $_POST['selectoption'] : '';

SQL注入防御技术,

转寄此link

希望它能帮助你:)

+0

,没有工作拉维在电子邮件它发布:Selectoption:但不值::( – Dave

+0

感谢亚当和拉维 – Dave

+0

$电话= $ _POST ['电话']; //需要 $评论= $ _ POST [ '意见']; //需要 $ selectOption = $ _ POST [ 'selectoption']; – Dave

相关推荐