防止表单提交重定向

Posted 2023-02-24

【中文标题】防止表单提交重定向

【英文标题】：Prevent redirection on form submission

【发布时间】：2011-08-20 06:58:07

【问题描述】：

我最近（在一些帮助下）写了这个简单的表单到电子邮件脚本。它有效，唯一的问题是它在运行时重定向到包含的 php 脚本。是否有人对如何阻止这种情况发生有任何想法，而只是在原始页面上显示感谢信？

index.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Megaform</title>
</head>

<body>
  <?php include 'form.php' ?>
</body>
</html>

form.php

<form name="email" method="post" action="email.php">
  <p>
    <label for="name">Full Name</label>
    <input type="text" name="name" id="name">
  </p>
  <p>
    <label for="email">Email Address</label>
    <input type="text" name="email" id="email">
  </p>
  <p>
    <label for="phone">Phone Number</label>
    <input type="text" name="phone" id="phone">
  </p>
  <p>
    <label for="subject">Subject</label>
    <input type="text" name="subject" id="subject">
  </p>
  <p>
    <label for="message">Message<br>
    </label>
    <textarea name="message" id="message" cols="45" rows="5"></textarea>
  </p>
  <p><input type="submit" name="send" id="send" value="Submit"><input type="reset" name="send" id="send" value="Reset">
  </p>
</form>

电子邮件.php

<?php  

// Get the Variables
  $name = $_POST['name'];
  $visitor_email = $_POST['email'];
  $phone = $_POST['phone'];
  $subject = $_POST['subject'];
  $message = $_POST['message'];


// Validate against spammers
function IsInjected($str)

    $injections = array('(\n+)',
           '(\r+)',
           '(\t+)',
           '(%0A+)',
           '(%0D+)',
           '(%08+)',
           '(%09+)'
           );

    $inject = join('|', $injections);
    $inject = "/$inject/i";

    if(preg_match($inject,$str))
    
      return true;
    
    else
    
      return false;
    


if(IsInjected($visitor_email))

    echo "Bad email value!";
    exit;



// Compose the Email
    $email_from = 'a@b.com';  // Set a valid email address that the form can use

    $email_subject = "New Form submission - $subject";  //  Change the message subject here

    $email_body = "You have received a new message from $name ($phone) .\n Here is the message:\n $message";


// Send The Email
  $to = "c@d.com";  // Set a valid email address to send the form to

  $headers = "From: $email_from \r\n";

  $headers .= "Reply-To: $visitor_email \r\n";

  mail($to,$email_subject,$email_body,$headers);

?>
<p>Thankyou for your email.</p>

【参考方案1】：

将您的表单标签更改为：

<form name="email" method="post" action="index.php">

并将您的索引 php 更改为：

<body>
<?php
    if (isset($_POST['email'])) 
        include 'email.php';
     else 
        include 'form.php';
    
?>
</body>

因此，如果表单已提交，请发送电子邮件，否则，请显示表单。

【参考方案2】：

您可以直接从 form.php 重定向回来

把这个放在form.php的末尾

header("url: index.php");

甚至：

header("url: index.php?sent=true");

在 index.php 中你可以有

if($_GET['sent'])
   echo "Message Sent.";

【参考方案3】：

您需要将表单目标设置为文件本身。

<form name="email" method="post" action="form.php">

并在此处包含来自 email.php 的代码。

if ($_POST['email']) 
  ... code from email.php ...
  ... and success message ...

这部分只有在表单已发送（并设置了电子邮件）时才会执行。