0

My form is getting submitted without validation. I have a dropdown box where according to the number selected the text are enabled. The form is getting submitted when I click on submit without validating. You can check the live website http://www.estampdutyrefund.com. I have also attached an screenshot of how the url looks after submitting the form.

My html code

      <?php include("mail/challan.php"); ?>
      <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" id="challan_form" role="POST">
      <p class="text-black mb-4">How many challan do you need refund for?</p>         
      <select class="btn btn-primary btn-lg" id="selection" onchange="showchallan()">
      <option>1</option>
      <option>2</option>
      <option>3</option>
      <option>4</option>
      <option>5</option>
      </select>
      <div id="challanDiv">
      <p class="text-black mb-4 no-bottom">Enter the challan amount:</p>
      <p class="text-black">(STAMP DUTY + REGISTRATION)</p>
      <div class="row text-center">
      <div class="col-md-4 mx-auto">
      <div class="md-form">
          <div id="ch1"><label class="col-form-label">Challan 1</label>
      <input type="text" id="enable1" class="form-control" placeholder="Min Rs.30,000" name="challan1" value="<?= $challan_1;?>" onkeypress="return isNumber()" <?php if(!empty($challan_error)): ?> autofocus <?php endif; ?> />
      <span class="errors"><?php echo $challan_error;?></span>
          </div>
          <div id="ch2"><label class="col-form-label">Challan 2</label>
      <input type="text" id="enable2" class="form-control" placeholder="Min Rs.30,000" name="challan2" value="<?= $challan_2;?>" onkeypress="return isNumber()" <?php if(!empty($challan_error)): ?> autofocus <?php endif; ?> />
      <span class="errors"><?php echo $challan_error;?></span>
          </div>
          <div id="ch3"><label class="col-form-label">Challan 3</label>
      <input type="text" id="enable3" class="form-control" placeholder="Min Rs.30,000" name="challan3" value="<?= $challan_3;?>" onkeypress="return isNumber()" <?php if(!empty($challan_error)): ?> autofocus <?php endif; ?> />
      <span class="errors"><?php echo $challan_error;?></span>
          </div>
          <div id="ch4"><label class="col-form-label">Challan 4</label>
      <input type="text" id="enable4" class="form-control" placeholder="Min [enter image description here][1]Rs.30,000" name="challan4" value="<?= $challan_4;?>" onkeypress="return isNumber()" <?php if(!empty($challan_error)): ?> autofocus <?php endif; ?> />
      <span class="errors"><?php echo $challan_error;?></span>
          </div>
          <label class="col-form-label">Name</label>
      <input type="text" class="form-control" placeholder="Your Name" name="name" value="<?= $name;?>" <?php if(!empty($name_error)): ?> autofocus <?php endif; ?>/>
      <span class="errors"><?php echo $name_error;?></span>
          <label class="col-form-label">Email</label>
      <input type="email" class="form-control" placeholder="Your Email" name="email" value="<?= $email;?>" <?php if(!empty($email_error)): ?> autofocus <?php endif; ?>/>
      <span class="errors"><?php echo $email_error;?></span>
          <label class="col-form-label">Mobile</label>
          <input type="text" minlength="10" maxlength="10" class="form-control" placeholder="Your Number" name="mobile" onkeypress="return isNumber()" value="<?= $phone;?>" <?php if(!empty($phone_error)): ?> autofocus <?php endif; ?>/>
          <span class="errors"><?php echo $phone_error;?></span>
      <button class="btn btn-primary btn-xl m-4" type="submit" name="submit" form="challan_form" value="submit" >Submit</button>
    </div>
          </div>
          </div>
          </div>
    </form>

This is challan.php

<?php
// define variables and set to empty values
$name_error = $email_error = $phone_error = $challan_error = "";
$name = $email = $phone = $challan_1 = $challan_2 = $challan_3 = $challan_4 = $success = "";
$minchallan = 29999;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    if (empty($_POST["challan1"])) {
        $challan_error = "*Enter Challan Amount";
    } else {
        $challan_1 = test_input($_POST["challan1"]);
        // check if Challan Amount more than 30k
        if ($challan_1 <= $minchallan) {
            $challan_error = "*Minimum Amount is 30000";
        }
    }
        if (empty($_POST["challan2"])) {
        $challan_error = "*Enter Challan Amount";
    } else {
        $challan_2 = test_input($_POST["challan2"]);
        // check if Challan Amount more than 30k
        if ($challan_2 <= $minchallan) {
            $challan_error = "*Minimum Amount is 30000";
        }
    }
        if (empty($_POST["challan3"])) {
        $challan_error = "*Enter Challan Amount";
    } else {
        $challan_3 = test_input($_POST["challan3"]);
        // check if Challan Amount more than 30k
        if ($challan_3 <= $minchallan) {
            $challan_error = "*Minimum Amount is 30000";
        }
    }
        if (empty($_POST["challan4"])) {
        $challan_error = "*Enter Challan Amount";
    } else {
        $challan_4 = test_input($_POST["challan4"]);
        // check if Challan Amount more than 30k
        if ($challan_4 <= $minchallan) {
            $challan_error = "*Minimum Amount is 30000";
        }
    }
    if (empty($_POST["name"])) {
        $name_error = "*Name is required";
    } else {
        $name = test_input($_POST["name"]);
        // check if name only contains letters and whitespace
        if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
            $name_error = "*Only letters and white space allowed";
        }
    }
    if (empty($_POST["email"])) {
        $email_error = "*Email is required";
    } else {
        $email = test_input($_POST["email"]);
        // check if e-mail address is well-formed
        if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
            $email_error = "*Invalid email format";
        }
    }
    if (empty($_POST["mobile"])) {
        $phone_error = "*Phone is required";
    } else {
        $phone = test_input($_POST["mobile"]);
        // check if Phone Number is well-formed
        if (!preg_match("/^[789]\d{9}$/i",$phone)) {
            $phone_error = "*Invalid phone number";
        }
    }

    if ($name_error == '' and $email_error == '' and $phone_error =='' and $challan_error ==''){
        $message_body = '';
        unset($_POST['submit']);
        foreach ($_POST as $key => $value){
            $message_body .=  "$key: $value\n";
        }

        $to = '[email protected]';
        $subject = 'Challan Order';
        $body = "\n Challan 1: $challan_1\n Challan 2: $challan_2\n Challan 3: $challan_3\n Challan 4: $challan_4\n Name: $name\n Email: $email\n Phone: $phone\n";
        $challansent= mail($to, $subject, $body);
        if ($challansent){
            $success = "Message sent, thank you for contacting us!";
            echo "<script type='text/javascript'>alert('$success');</script>";
            $name = $email = $phone = $challan_1 = $challan_2 = $challan_3 = $challan_4 = '' ;
        }
            echo "Error";
    }

}
function test_input($data) {
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}
?>
Improve this question

1 Answer 1

Reset to default
1

Check your html form tag, I think you are missing the "method" attribute, it should look something like:

  <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" id="challan_form" method="post">
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

It's working now but the page is getting reloaded for validation can we do something about that?
You could add client-side validation, some browsers provide a basic type of validation to see how it works you may add "required" to the form inputs. Something like <input type="text" placeholder="Your Number" name="mobile" ... required>.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.