I am a beginner in HTML and php (everything).
I got 4 types of fields (comment form):
select one from a list (option tags)
type text (e.g. name)
type comment (textarea)
checkbox (tick all or one or none)
I have Javascript (prevent name and email to be left empty):
<script>
function validateForm1() {
var x = document.forms["form_contact"]["name"].value;
if (x == null || x == "") {
alert("Name must be filled out");
return false;
}
var x = document.forms["form_contact"]["email"].value;
if (x == null || x == "") {
alert("Email must be filled out");
return false;
}
}
</script>
I have a language field and you select a language from it. I also have website in 3 languages, one of them is in english. The ones that arent in english have separate php files.
Language field for thai website:
<option></option>
<option>thai language written in thai and then thai language written in english</option>
<option>english language written in thai and then english language written in english</option>
<option>mandarin language written in thai and then mandarin language written in english</option>
my php for thai form (I have if function to look for the english words and send english words to my email as not everyone can read thai):
$language = $_POST['language'];
if (strpos($language, 'English')){
$language = "English";
}elseif (strpos($language, 'Chinese')){
$language = "Chinese";
}else{
$language = "Thai";
}
As you may have noticed if a person doesn't select a language it will be Thai due to the if function.
I have tested the comment forms in the past and they worked. Recently, I have started to get emails that are almost empty or completely empty. Typically, 2 emails (the type of email I have just mentioned) would come in at the same time.
What these emails have in common:
the checkbox never clicked
where u can type words to fill in always empty
only 2 things u can see are the 2 selection fields being selected at same time within one submission and then the second submission that I received would be an email without even selections being made.
Things I don't understand:
I have java script to prevent having nothing in email and name fields but somehow the emails are still sent to me with empty name and email?
why these emails come in at the same time?
shouldn't one the language due to the if function, but I would assume it's because in my english form's php it doesn't have the if function (I forgot to put it in) and so emails triggered aren't from the same form. Probably one from english form and one from Chinese form at the same time.
Is this some kind of bot ? spam? or google checking up my site?
This specific request was with a browser that had Javascript disabled and all your validations are only client-side Javascript so blank form was submitted just fine. Simple!
Your answer to all 4 questions is to also add server side validation (in PHP in this case)
For example
if(empty($_POST["name"]))
{
die("You did not enter a name, we can not send email");
}
Same for other fields
Once you do that, you will notice that bots can still submit your form sometimes with SPAM/fake information (although the blank information issue will be resolved). At that point please search for something known as CAPTCHA
Think of Server/Client Side validation as a Gaurd at the start of your Street and your main door lock. Just because there is usually a guard on your street's entrance you can't leave your door open all the time thinking its safe. You have to make sure on your door only the right people enter your home regardless of that guard.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With