Really new to this PHP validation
So I am trying to submit a contact form, I am able to validate all the other field expect the message(Textarea) input field. I have been trying to input into the field as <h1>Hello</h1> and the HTML tags are able to get through and in the email, the message part is shown/displayed in h1 format.
Input Field
Email that was sent
Is it because I am sending the information from the fields using to the email using the HTML markup?
I have tried using the PHP function that removes the special characters.
if (trim($_POST["message"]) == "") {
$message_error = "Your message should not be empty";
} else {
$message = test_input($_POST["message"]);
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
if ($name_error == '' and $email_error == '' and $phone_error == '' and $message_error ==''){
$message_body = '';
unset($_POST['submit']);
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$to = ' ';
$subject = "Contact";
$body = '<html>
<body>
<h1>Message from Contact Us</h1>
<hr>
<p>Name:<br>'.$name.'</p>
<p>Email:<br>'.$email.'</p>
<p>Phone Number:<br>'.$phone.'</p>
<p>Message:<br>'.$message.'</p>
</body>
</html>';
//header
$headers = "Content-type: text/html; charset-utf8";
$to = '';
$subject = 'Contact Form Submit';
if (mail($to, $subject, $body, $headers)){
$success = "Message sent, Thank you for contacting us!";
$name = $email = $phone = $message = '';
}
}
}
I expect to have the textarea (message) to strip/remove the HTML tags before sending.
Thanks for helping
<h1>Hello</h1>likehellowithout the html tag? - Dean