I need help with form validation using php

I need help with form validation using php
0

#1

Hello all,
I am trying to validate the form using PHP for the first time and having some issues.
When i submit the form, it doesn’t validate it and takes to another page showing access forbidden error.
Don’t understand whether my php code is wrong or file settings on local server(XAMPP).
I would really appreciate if someone could help me. please check below the code of form.php and index.php file:
form.php file-

<?php // define variables and set to empty values $nameErr = $emailErr = $messageErr = ""; $fname = $email = $message = $success = ""; if ($_SERVER["REQUEST_METHOD"] == "POST"){ if (empty($_POST["fname"])) { $nameErr = "Please enter your Name"; } else { $fname = test_input($_POST["name"]); if (!preg_match("/^[a-zA-Z ]*$/",$name)) { $nameErr = "Only letters and white space allowed"; } } if (empty($_POST["email"])) { $emailErr = "Please enter your valid Email address"; } else { $email = test_input($_POST["email"]); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid email format"; } } if (empty($_POST["message"])) { $messageErr = "Please enter your message"; } else { $message = test_input($_POST["message"]); } if($nameErr == '' and $emailErr == '') { $message_body=""; unset($_POST['submit']); foreach($_POST as $key =>$value){ $message_body.="$key:$value\n"; } $to='xyz@gmail.com'; $email_subject = "New message: $fname"; $email_body = "You have received a new message. ". " Here are the details:\n Name: $fname \n ". "Email: $email \n Message \n $message"; $headers = "From: $email"; if(mail($to,$email_subject,$message_body,$email_body,$headers)){ $success= "message sent, Thank you!"; $fname = $email = $message = ""; } } } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } ?>

index.php:

Form <?php include("form-contact.php");?>
<section id="contact" class="text-center padding">
    <div class="container">
        <div class="row">
            <div class="col-md-12">
                <h2>Contact</h2>
            </div>
        </div>
        <!--contact form section-->
        
        <div class="row">
            <div class="col-md-12">
               <form id="contactForm" class="form-horizontal" method="post" action="<?php echo htmlspecialchars ($SERVER['PHP_SELF']); ?>">
                    <div class="form-group has-success">
                        <label for="name"></label>
                        <div class="col-sm-10">
                            <input type="text" name="fname" value="<?= $fname ?>" class="form-control input-lg" id="name" placeholder="Name" required>
                            <span class="form-error" id="name-error"></span>
                            <span class="form-error"> <?= $nameErr ?></span>
                        </div>
                    </div>
                    <div class="form-group has-success">
                        <label for="email"></label>
                        <div class="col-sm-10">
                            <input type="email" name="email"  value="<?= $email ?>"class="form-control input-lg" id="email" placeholder="Email" required>
                            <span class="form-error" id="email-error"></span>
                            <span class="form-error"> <?= $emailErr ?></span>
                        </div>
                    </div>
                    <div class="form-group has-success">
                        <label for="message"></label>
                        <div class="col-sm-10">
                            <textarea id="message" name="message" value="<?= $message ?>" class="form-control input-lg" rows="5" placeholder="Message" required></textarea>
                            <span class="form-error" id="message-error"></span>
                            <span class="form-error"> <?= $messageErr ?></span>

                        </div>
                    </div>
                    <div class="form-group ">
                        <div class="col-sm-10">
                            <button type="submit"  name="submit" id="button_submit" class="btn btn-primary pull-right">Send</button>
                            <button type="reset" id="button_reset" class="btn btn-primary pull-right">Reset</button>
                        </div>
                    </div>
                    <div id="contactResponse"></div>
                 <div>   <?= $success; ?></div>
                </form>
            </div>
        </div>
        <!--contact form section ends here-->
    </div>
</section>