I'm using PHP, HTML, SMTP server and PHPmailer to create a contact us form with user input validation. But after pressing "Submit" button it gives me an error:
Invalid address: (Sender): Fatal error: Uncaught PHPMailer\PHPMailer\Exception: Invalid address: (from): in C:\xampp\htdocs\RESPONSIVE SITE3_2\Supplier\phpmailer\phpmailer\src\PHPMailer.php:1324 Stack trace: #0 C:\xampp\htdocs\RESPONSIVE SITE3_2\send-email.php(74): PHPMailer\PHPMailer\PHPMailer->setFrom('', '') #1 {main} throws in C:\xampp\htdocs\RESPONSIVE SITE3_2\vendor\phpmailer\phpmailer\src\PHPMailer.php line 1324
PHP code:
<?php
$name = $_POST["name"];
$email = $_POST["email"];
// $email = test_input($_POST["email"]);
$message = $_POST["message"];
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
if (!preg_match("/^[a-zA-Z0-9_]+@[a-zA-Z0-9_]+\.[a-zA-Z0-9_]+$/", $email)) {
$emailErr = "Email should contain only letters, numbers, and underscores";
}
require "vendor/autoload.php";
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\SMTP;
$mail = new PHPMailer(true);
$mail->SMTPDebug = SMTP::DEBUG_SERVER;
$mail->isSMTP();
$mail->SMTPAuth = true;
$mail->Host = "smtp.gmail.com";
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;
$mail->Port = 587;
require_once 'config.php';
$mail->Username = SMTP_USERNAME;
$mail->Password = SMTP_PASSWORD;
$mail->setFrom($email, $name);
$mail->addAddress("myemail@gmail.com", "Ads");
$mail->Subject = $subject;
$mail->Body = "Name: $name\nEmail: $email\n\n$message";
$mail->send();
header("Location: sent.html");
?>
HTML code
<form method="POST" action="send-email.php">
<input type="text" name="name" id="name" placeholder="Name*">
<input type="email" name="email" id="email" placeholder="Email*">
<span class="error" style="color:red"><?php echo $emailErr;?></span>
<textarea name="message" id="message" placeholder="Your Message*"></textarea>
<button type="submit" name="submit" id="submit" class="button">Start</button>
</form>
I tried different tutorials - without success. I need this form
I am very new to this, please explain it in very simple language :)
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
diagnosis
If either validation
ifstatement is true, a string variable$emailErrwill be set.Then the code exits the
ifblock again and the script continues on its merry way and attempts to send the email. There is no logic in the code to prevent this.Finally,
$emailErris never used because the code redirects the user to another HTML page that cannot involve that variable.solution
If any validation fails, you need some additional logic to tell the code to skip the email sending part. A very simple way to do this cleverly is to use a "flag" variable.
For example:
<?php require "vendor/autoload.php"; use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\SMTP; $name = $_POST["name"]; $email = $_POST["email"]; // $email = test_input($_POST["email"]); $message = $_POST["message"]; $valid = true; $emailErr = ""; if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid email format"; $valid = false; } if (!preg_match("/^[a-zA-Z0-9_]+@[a-zA-Z0-9_]+\.[a-zA-Z0-9_]+$/", $email)) { $emailErr = "Email should contain only letters, numbers, and underscores"; $valid = false; } //only send if all validations passed: if ($valid == true) { $mail = new PHPMailer(true); $mail->SMTPDebug = SMTP::DEBUG_SERVER; $mail->isSMTP(); $mail->SMTPAuth = true; $mail->Host = "smtp.gmail.com"; $mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; $mail->Port = 587; require_once 'config.php'; $mail->Username = SMTP_USERNAME; $mail->Password = SMTP_PASSWORD; $mail->setFrom($email, $name); $mail->addAddress("myemail@gmail.com", "Ads"); $mail->Subject = $subject; $mail->Body = "Name: $name\nEmail: $email\n\n$message"; $mail->send(); header("Location: sent.html"); } else { echo $emailErr; }PS BTW, your regex is too restrictive - see What characters are allowed in email addresses? . Since you're already using
FILTER_VALIDATE_EMAIL, you don't need it under any circumstances.