php - Escaping Validation and sending form Data to email -

php - Escaping Validation and sending form Data to email -

i have online registeration form, have done validation it, if submit form without data,i validation errors , blank email sent mail. any 1 help me out

here form code

<body> <?php // define variables , set empty values $nameerr = $cnameerr = $mobilenoerr = $emailerr = $cityerr= $postalcodeerr = $addresserr = ""; $name = $cname = $mobileno = $email = $city= $postalcode = $address = ""; $name=$_post['name']; $cname=$_post['cname']; $mobileno=$_post['mobileno']; $email=$_post['email']; $city=$_post['city']; $postalcode=$_post['postalcode']; $address=$_post['address']; if ($_server["request_method"] == "post") { if (empty($_post["name"])) { $nameerr = "name required"; } else { $name = test_input($_post["name"]); // check if name contains letters , whitespace if (!preg_match("/^[a-za-z ]*$/",$name)) { $nameerr = "only letters , white space allowed"; } } if (empty($_post["cname"])) { $cnameerr = "company name required"; } else { $cname = test_input($_post["cname"]); } if (empty($_post["mobileno"])) { $mobilenoerr = "mobile number required"; }else { $mobileno = test_input($_post["mobileno"]); // check if name contains letters , whitespace if (!preg_match("/^[789][0-9]{9}$/",$mobileno)) { $mobilenoerr = "not valid number"; } } if (empty($_post["email"])) { $emailerr = "email required"; } else { $email = test_input($_post["email"]); // check if e-mail address well-formed if (!filter_var($email, filter_validate_email)) { $emailerr = "invalid email format"; } } if (empty($_post["city"])) { $cityerr = "city required"; } else { $city = test_input($_post["city"]); // check if name contains letters , whitespace if (!preg_match("/^[a-za-z ]*$/",$city)) { $cityerr = "only letters , white space allowed"; } } if (empty($_post["postalcode"])) { $postalcodeerr = "postal code required"; } else { $postalcode = test_input($_post["city"]); } if (empty($_post["address"])) { $addresserr = "address required"; } else { $address = test_input($_post["address"]); } } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); homecoming $data; } if(!empty($_post['name'])&& !empty($_post['cname'])&&!empty($_post['mobileno'])&& !empty($_post['email'])&&!empty($_post['city'])&&!empty($_post['postalcode'])&&!empty($_post['address'])){ header('location: submission.php?$submit=1'); exit();} $to = 'sskumbar7@gmail.com'; $subject = 'i need show html'; $from ='sandeep.sk@microvillage.in'; ini_set("sendmail_from", $from); $headers = "from: " .$from. "\r\n"; $headers .= "reply-to: ".$from. "\r\n"; $headers .= "mime-version: 1.0\r\n"; $headers .= "content-type: text/html; charset=iso-8859-1\r\n"; $body ='user name:'.$name.'<br>'; $body .= 'company name:'.$cname.'<br>'; $body .= 'mobile numbaer:'.$mobileno.'<br>'; $body .= 'email id:'.$email.'<br>'; $body .= 'city:'.$city.'<br>'; $body .= 'postalcode:'.$postalcode.'<br>'; $body .= 'address:'.$address.'<br>'; $headers = "from: " . $from . "\r\nreply-to: " . $from . ""; $headers .= "content-type: text/html\r\n"; if (mail($to, $subject, $body, $headers)) { echo("<p>sent</p>"); } else { echo("<p>error...</p>"); } ?> <div class="gridcontainer clearfix"> <div id="div1" class="fluid"><!-- header ends here--> <div id="header" class="fluid"> <div class="fluid logo_container zeromargin_tablet"> <div class="fluid logo_mvc"></div> <!-- logo_mvc ends here--> <div class="fluid logo_gsm"></div> <!-- logo_gsm ends here--> </div> <!-- logo_container ends here--> </div> <div class="fluid imageslide zeromargin_desktop"> <div class="fluid imageslide_gs zeromargin_desktop"></div> <!-- imageslide_gs ends here--> <div class="fluid imageslide_content"> <h1>ip product introduction , voip pbx appliance training day @ toronto</h1> </div><!-- imageslide_content ends here--> <div class="fluid imageslide_product"></div> <!-- imageslide_product ends here--> </div><!-- imageslide ends here--> <div class="fluid content"> <div class="fluid content_det"> <h3>event information</h3> <p>please bring together @ fairfield inn & suites toronto airport grandstream offer 4 different sessions during day. </p> <h3>introduction grandstream ip products</h3> <p><b>8:45am - 10:15am</b><br/> introduction grandstream, , basic info on grandstream products including atas, gateways, routers , telephones. </p> <h3>introduction ip cameras ip , surveillance products</h3> <p><b>12:45pm - 2:15pm</b><br/> basic info on ip cameras , surveillance products, , introduction of brand new gvr3550 network video recorder. </p> <h3>advanced technical training ucm voip pbx's</h3> <p><b>2:30pm - 4:30pm</b><br/> session focus on advanced features of ucm series, including new features of upcoming software , brand new ucm6510 voip pbx t1 networks. </p> </div><!-- content_det ends here--><div class="fluid contet_form"> <h2>register now</h2> <form method="post" action="<?php echo htmlspecialchars($_server["php_self"]);?>"> <div class="fluid div_form"><label><b>first name *:</b></label> <input type="text" size="20px" name="name" placeholder="enter name here" value="<?php echo $name; ?>"/><span class="error"><?php echo $nameerr;?></span> </div> <div class="fluid div_form"><label><b>company name *:</b></label> <input type="text" size="20px" name="cname" placeholder="enter company name here" value="<?php echo $cname; ?>"/><span class="error"><?php echo $cnameerr;?></span></div> <div class="fluid div_form"><label><b>mobile number *:</b></label> <input type="text" size="20px" name="mobileno" placeholder="enter mobile number here" value="<?php echo $mobileno; ?>"/><span class="error"><?php echo $mobilenoerr?></span> </div> <div class="fluid div_form"><label><b>email id *:</b></label> <input type="email" size="20px" name="email" placeholder="enter email id here" value="<?php echo $email; ?>"/><span class="error"><?php echo $emailerr?></span></div> <div class="fluid div_form"><label><b>city *:</b></label> <input type="text" size="20px" name="city" placeholder="enter city name here" value="<?php echo $city;?>"/><span class="error"><?php echo $cityerr?></span></div> <div class="fluid div_form"><label><b>postal code *:</b></label> <input type="text" size="20px" name="postalcode" placeholder="enter postal code here" value="<?php echo $postalcode; ?>"/><span class="error"><?php echo $postalcodeerr?></span> </div> <div class="fluid div_form"><label><b>address *:</b></label> <input type="text" size="20px" name="address" placeholder="enter address here" value="<?php echo $address; ?>"/><span class="error"><?php echo $addresserr?></span></div> <button name="submit" >submit</button> </form> </div><!-- contet_form ends here--> </div><!-- content ends here--> </div><!-- div1 ends here--> </div> </body>

remove if

if(!empty($name)&& !empty($cname)&&!empty($mobileno)&& !empty($email)&&!empty($city)&&!empty($postalcode)&&!empty($address)){

and place

if(!empty($_post['name'])&& !empty($_post['cname'])&&!empty($_post['mobileno'])&& !empty($_post['email'])&&!empty($_post['city'])&&!empty($_post['postalcode'])&&!empty($_post['address'])){ $to = 'sskumbar7@gmail.com'; $subject = 'i need show html'; $from ='sandeep.sk@microvillage.in'; ini_set("sendmail_from", $from); $name=$_post['name']; $cname=$_post['cname']; $mobileno=$_post['mobileno']; $email=$_post['email']; $city=$_post['city']; $postalcode=$_post['postalcode']; $address=$_post['address']; $headers = "from: " .$from. "\r\n"; $headers .= "reply-to: ".$from. "\r\n"; $headers .= "mime-version: 1.0\r\n"; $headers .= "content-type: text/html; charset=iso-8859-1\r\n"; $body ='user name:'.$name.'<br>'; $body .= 'company name:'.$cname.'<br>'; $body .= 'mobile numbaer:'.$mobileno.'<br>'; $body .= 'email id:'.$email.'<br>'; $body .= 'city:'.$city.'<br>'; $body .= 'postalcode:'.$postalcode.'<br>'; $body .= 'address:'.$address.'<br>'; $headers = "from: " . $from . "\r\nreply-to: " . $from . ""; $headers .= "content-type: text/html\r\n"; if (mail($to, $subject, $body, $headers)) { echo("<p>sent</p>"); } else { echo("<p>error...</p>"); } header('location: submission.php?submit=1'); }

php html