I am coding a newsletter script and having a bit of a problem. I wish to store the information in the database for a later use, but I wish to not have the user to be required to enter their name, right now the script errors out with "Column Name can not be null."
I would like the name to be Anonymous if no name is entered, and when no email is entered, I would like it to give the user an error message stating that the email is required, plus currently it is allowing me to enter anything into the email field. I would like this to not be possible. Here is my current scripting.
newsletter.php
Contact.php
I would like the name to be Anonymous if no name is entered, and when no email is entered, I would like it to give the user an error message stating that the email is required, plus currently it is allowing me to enter anything into the email field. I would like this to not be possible. Here is my current scripting.
newsletter.php
Code:
<html>
<head>
<title>Newsletter</title>
</head>
<body>
<form id="contact" name="contact" action="contact.php" method="post">
<p><label>Name: <input type="text" id="name" name="name" value="" /></label></p>
<p><label>*Email: <input type="text" id="email" name="email" value="" /></label></p>
<input type="hidden" id="action" name="action" value="submitform" />
<p><input type="submit" id="submit" name="submit" value="Submit" /> <input type="reset" id="reset" name="reset" value="Reset" /></p>
</form>
*Required fields
</body>
</html>Code:
<?php
//include the connection file
require_once('connection.php');
//save the data on the DB and send the email
if(isset($_POST['action']) && $_POST['action'] == 'submitform')
{
//recieve the variables
if($_POST['formSubmit'] == "Submit")
{
$varName = $_POST['name'];
$varEmail = $_POST['email'];
$errorMessage = "";
}
if(empty($varName)) {
$errorMessage .= "<li>You forgot to enter a name!</li>";
}
if(empty($varEmail)) {
$errorMessage .= "<li>You forgot to enter a email!</li>";
}
$name = $_POST['name'];
$email = $_POST['email'];
$ip = gethostbyname($_SERVER['REMOTE_ADDR']);
//save the data on the DB
mysql_select_db($database, $connection);
$insert_query = sprintf("INSERT INTO contacts (name, email, date, ip) VALUES (%s, %s, NOW(), %s)",
sanitize($name, "text"),
sanitize($email, "text"),
sanitize($ip, "text"));
$result = mysql_query($insert_query, $connection) or die(mysql_error());
if($result)
{
//send the email
$to = "webmaster@website.com";
$subject = "New contact from the website";
//headers and subject
$headers = "MIME-Version: 1.0rn";
$headers .= "Content-type: text/html; charset=iso-8859-1rn";
$headers .= "From: ".$name." <".$email.">rn";
$body = "New contact
";
$body .= "Name: ".$name."
";
$body .= "Email: ".$email."
";
$body .= "IP: ".$ip."
";
mail($to, $subject, $body, $headers);
//ok message
echo "You have been signed up for our newsletter!";
}
}
function sanitize($value, $type)
{
$value = (!get_magic_quotes_gpc()) ? addslashes($value) : $value;
switch ($type) {
case "text":
$value = ($value != "") ? "'" . $value . "'" : "NULL";
break;
case "long":
case "int":
$value = ($value != "") ? intval($value) : "NULL";
break;
case "double":
$value = ($value != "") ? "'" . doubleval($value) . "'" : "NULL";
break;
case "date":
$value = ($value != "") ? "'" . $value . "'" : "NULL";
break;
}
return $value;
}
?>
No comments:
Post a Comment