I have several php forms on my website and they all email the contents of the form upon submitting the form. I had no issues until two weeks ago, but suddenly I have only started receiving empty emails (only the labels and not the user info) I have tried to fix the issue but no luck. Please help me.
My Form:
<form id="form1" name="form1" method="post" action="../iletisimform.php">
<p><span class="sss_cevap">İletişim Formu</span></p>
<table width="100%" border="0" cellpadding="6">
<tr>
<td width="20%" align="right" bgcolor="#EFF5F8"><label for="ad">Ad: </label></td>
<td width="80%" align="left" bgcolor="#EFF5F8"><input name="ad" type="text" id="ad" size="35" maxlength="50" />
*</td>
</tr>
<tr>
<td align="right" bgcolor="#EFF5F8"><label for="soyad">Soyad:</label></td>
<td align="left" bgcolor="#EFF5F8"><input name="soyad" type="text" id="soyad" size="35" maxlength="50" />
*</td>
</tr>
<tr>
<td align="right" bgcolor="#EFF5F8"><label for="firma">Firma:</label></td>
<td align="left" bgcolor="#EFF5F8"><input name="firma" type="text" id="firma" size="35" maxlength="70" />
*</td>
</tr>
<tr>
<td align="right" bgcolor="#EFF5F8"><label for="telefon">Telefon:</label></td>
<td align="left" bgcolor="#EFF5F8"><input name="telefon" type="text" id="telefon" size="35" maxlength="12" />
*</td>
</tr>
<tr>
<td align="right" bgcolor="#EFF5F8"><label for="email">Email:</label></td>
<td align="left" bgcolor="#EFF5F8"><input name="email" type="text" id="email" size="35" maxlength="70" />
*</td>
</tr>
<tr>
<td align="right" bgcolor="#EFF5F8"><label for="mesaj">Mesaj:</label></td>
<td align="left" bgcolor="#EFF5F8"><textarea name="mesaj" id="mesaj" cols="35" rows="5"></textarea>
*</td>
</tr>
<tr>
<td align="right" bgcolor="#EFF5F8"> </td>
<td align="left" bgcolor="#EFF5F8"><input name="promosyon" type="checkbox" id="promosyon" value="promogonder" />
<label for="promosyon">Insuladd promosyonlarından haberdar olmak istiyorum...</label></td>
</tr>
<tr>
<td align="right" bgcolor="#EFF5F8"><label for="Temizle"></label>
<label for="temizle"></label>
<input type="reset" name="temizle" id="temizle" value="Temizle" /></td>
<td align="left" bgcolor="#EFF5F8"><label for="gönder"></label>
<input type="submit" name="gönder" id="gönder" value="Gönder" /></td>
</tr>
</table>
<p>* Alanları gereklidir<br />
</p>
</form>
My Script:
<?php
/* Subject and Email Variables */
$emailSubject = 'Insuladd Bilgi Talebi!';
$webMaster = 'info@insuladd.com.tr';
/* Gathering Data Variables */
$nameField = $_POST['ad'];
$lastnameField = $_POST['soyad'];
$companyField = $_POST['firma'];
$telephoneField = $_POST['telefon'];
$emailField = $_POST['email'];
$messageField = $_POST['mesaj'];
$promotionField = $_POST['promosyon'];
$body = <<<EOD
<br><hr><br>
Name: $ad <br>
Last Name: $soyad <br>
Company: $firma <br>
Telephone: $telefon <br>
Email: $email <br>
Message: $mesaj <br>
Promotion: $promosyon <br>
EOD;
$headers = "From: $email
";
$headers .= "Content-type: text/html
";
$success = mail($webMaster, $emailSubject, $body, $headers);
/* Results rendered as HTML */
$theResults = <<<EOD
EOD;
echo header ("Location: http://www.insuladd.com.tr/iletisim/tesekkurler.html");
?>
I can see nothing functionally wrong that would prevent you from receiving the contents of the form. The only conclusion I can draw is that you're very likely receiving submissions from someone with empty content. In all likelihood it's from a bot.
That can easily be prevented by validating the user input to ensure that it is not empty. A way to do something along that lines could be...
<?php
if ( empty($_POST['ad']) || empty($_POST['soyad']) || empty($_POST['firma']) || empty($_POST['telefon']) || empty($_POST['email']) || empty($_POST['mesaj']) || empty($_POST['promosyon']) )
{
header('Location: [Replace with url to page with error message]');
}
/* Subject and Email Variables */
$emailSubject = 'Insuladd Bilgi Talebi!';
$webMaster = 'info@insuladd.com.tr';
/* Gathering Data Variables */
$nameField = $_POST['ad'];
$lastnameField = $_POST['soyad'];
$companyField = $_POST['firma'];
$telephoneField = $_POST['telefon'];
$emailField = $_POST['email'];
$messageField = $_POST['mesaj'];
$promotionField = $_POST['promosyon'];
$body = <<<EOD
<br><hr><br>
Name: $nameField <br>
Last Name: $lastnameField <br>
Company: $companyField <br>
Telephone: $telephoneField <br>
Email: $emailField <br>
Message: $messageField <br>
Promotion: $promotionField <br>
EOD;
$headers = "From: $email
";
$headers .= "Content-type: text/html
";
$success = mail($webMaster, $emailSubject, $body, $headers);
/* Results rendered as HTML */
$theResults = <<<EOD
EOD;
header ("Location: http://www.insuladd.com.tr/iletisim/tesekkurler.html");
?>
There are far more elegant ways of preventing the issue and implementing even the most basic of validation, but this gives you an idea of what it is you should attempt.