表單驗證和驗證碼

Question

我對創建的聯繫表單有兩個問題。我之前受到垃圾郵件的嚴重打擊。

1. 我要求所有字段的形式被處理之前填寫，但我已經寫不工作：信息進入數據庫中的人是否填寫所有字段與否。 ***通過使用固定：

   function validateForm（） { var x = document.forms [「validation」] [「firstname」] .value; if（x == null || x ==「」） { alert（「請輸入您的名字」）; 返回false; }

所有字段和一個電子郵件：

var x=document.forms["validation"]["email"].value; 
var atpos=x.indexOf("@"); 
var dotpos=x.lastIndexOf("."); 
if (atpos<1 || dotpos<atpos+2 || dotpos+2>=x.length) 
    { 
    alert("Please enter a valid email address"); 
    return false; 
    } 

現在，我需要驗證碼的工作或如何添加檢查驗證碼是相同的JavaScript是否正確？我認爲錯誤在於這個不知何故？：

session_start(); 
    if($_POST['submitted'] == "contactus") 
    if($_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'])) { 
     header("Location:http://www.berrieswebdesign.com/thankyou.php?message=thanks"); 
       unset($_SESSION['security_code']); 
    } else { 
    // Insert your code for showing an error message here 
    echo "<div id='thankyoubox'>'Security breach! Security Breach! Ehem...Your  security code was incorrect.'</div>"; 
    } 
    ob_flush(); 

     ?> 

最後，這裏是contactfunctions.php

<?php ob_start();//Required for the redirect to work?> 
<?php 
include_once("databasefunctions.php"); 

$contactsdbtable = "contacts"; 

function GetHeaders() 
{ 
    $headers = 'MIME-Version: 1.0' . "\r\n"; 
    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; 
    // Additional headers 
    $headers .= "To: {$firstname} <{$email}>" . "\r\n"; 
    $headers .= 'From: My Website <info@mywebsite.com>' . "\r\n"; 
    return $headers; 
} 
function ContactMessage($firstname, $lastname, $email, $message, $location) 
{ 
global $contactsdbtable; 
openDatabase(); 
$firstname = mysql_real_escape_string($firstname); 
$lastname = mysql_real_escape_string($lastname); 
$email = mysql_real_escape_string($email); 
$message = mysql_real_escape_string($message); 
$location = mysql_real_escape_string($location); 

$result = QuickQuery("INSERT INTO {$contactsdbtable}(firstname, lastname, email, message, location) 
         VALUES('{$firstname}', '{$lastname}', '{$email}', '{$message}', '{$location}')"); 

if($result) 
{ 
    $headers = GetHeaders(); 
    $message = "\"Thank you for contacting us at My Website. We will be answering your website inquiry post haste.\"<br /> 
    <br /> 
    <br /> 
    Best Regards,<br /> 
    <br /> 
    Me 
    "; 
    mail($email, "RE: Design Inquiry", $message, $headers); 
    mail("myemail@blahblah.com", "Website Inquiry", "{$firstname}, {$email}, has sent a web design inquiry", $headers); 

} 
} 


?> 

我感激我得到這個提前任何幫助。另外，由於這是一篇冗長的文章，你們能介紹一下你正在處理的問題，1或2嗎？

謝謝！

Answer 1

好試試這個：

<?php 
    $is_error = false; 
    if($_POST['submitted'] == "contactus") 
    { 
     $firstname = $_POST['firstname']; 
     $lastname = $_POST['lastname']; 

     $email = $_POST['email']; 
     $message = $_POST['message']; 
     $location = $_POST['location']; 
     if(!$firstname || $firstname = ''){ 
     $error = "Please enter your first name."; 
     $is_error = true; 
     } else if(!$lastname || $lastname= ''){ 
     $error = "Please enter your last name."; 
     $is_error = true; 
     } else if(!$email || $email= ''){ 
     $error = "Please enter a valid email."; 
     $is_error = true; 
     }else if(!$message || $message= ''){ 
     $error = "Please enter your message."; 
     $is_error = true; 
     }else if(!$location || $location= ''){ 
     $error = "Please tell us where you're from."; 
     $is_error = true; 
     } 

     if(($is_error === false) && ($_SESSION['security_code'] == $_POST['security_code'])) 
     { 
     ContactMessage($firstname, $lastname, $email, $message, $location); 
     } else { 
     Error($error); 
     } 
    } 
?>