1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 9:00 am Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Multiple Checkboxes only passing "Array"

checkboxes only pass array

         

brainchildcollective

1:34 am on Dec 30, 2010 (gmt 0)

10+ Year Member



Hello all,

This is my first post so I apologize if etiquette is lacking. :)

I have a simple html contact form, a few text fields and an area with multiple checkboxes centering around a question: Where did you hear about us? The form is filled out and will submit -and be delivered to my email. It lists all the text entries but only displays 'Array' in the area which should list all selected checkboxes.

This is the markup:

<form action="contact.php" method="post">
<fieldset>
<div class="form_wrap">
<div><label for="name">Full Name</label><input type="text" name="name" value="" id="name" /></div>
<div><label for="email">Email Address</label><input type="text" name="email" value="" id="email" /></div>
<div><label for="phone">Phone Number</label><input type="text" name="phone" value="" id="phone" /></div>
<div><label for="date">Date of Event</label><input type="text" name="date" value="" id="date" /></div>
<label>How did you hear about us?</label>

<div class="checkbox_container">
<br>
<input type="checkbox" name="source[]" value="facebook" class="checkbox"/>Facebook
<br>
<input type="checkbox" name="source[]" value="family" class="checkbox"/>Family
<br>
<input type="checkbox" name="source[]" value="friend" class="checkbox"/>Friend
<br>
<input type="checkbox" name="source[]" value="premier bride magazine" class="checkbox"/>Premier Bride Magazine
<br>
<input type="checkbox" name="source[]" value="richmond bridal showcase" class="checkbox"/>Richmond Bridal Showcase
<br>
<input type="checkbox" name="source[]" value="richmond wedding expo" class="checkbox"/>Richmond Wedding Expo
<br>
<input type="checkbox" name="source[]" value="richmond weddings magazine" class="checkbox"/>Richmond Weddings Magazine
<br>
<input type="checkbox" name="source[]" value="twitter" class="checkbox"/>Twitter
<br>
<input type="checkbox" name="source[]" value="weddingwire.com" class="checkbox"/>WeddingWire.com
<br>
<input type="checkbox" name="source[]" value="other" class="checkbox"/>Other
<br>
</div>

<div><label for="message">Additional Info</label><textarea name="message" id="message" rows="8" cols="30"></textarea></div>
<div class="submit"><input type="image" src="images/btn_submit.png" alt="Submit" onClick="submit();" /></div>
</div>
</div>
</fieldset>
</form>
</div><!-- end #contact_form -->

And this is the php script as it currently stands:


<?php

header('Location: [dsdesignerevents.com...] ;

?>
<?

$subject="from ".$_POST['name'];
$headers= "From: ".$_POST['email']."\n";
$headers.='Content-type: text/html; charset=iso-8859-1';
mail("joe@brainchildcollective.com", $subject, "
<html>
<head>
<title>Contact Form</title>
</head>
<body>

<br>
<br>".$_POST['name']." <br />
<br>".$_POST['email']." <br />
<br>".$_POST['phone']." <br />
<br>".$_POST['date']." <br />
<br>".$_POST['source']." <br />
<br>".$_POST['message']." <br />
</br>

</body>
</html>" , $headers);
echo ("Your message was successfully sent!");
?>
<script>
resizeTo(300, 300)
//window.close()
</script>


What am I missing...I've tried several fixes and none work...I'm not a php expert by any means so any help is wonderful.

Thanks everyone!

milocold

2:38 am on Dec 30, 2010 (gmt 0)

10+ Year Member



Hi BrainChildColl-Seriously, that's a long name Sir! =)

So, $_POST['source'] is of type array and can't just have it's values be echo'd out like that. But you could try this:



$commaSeparatedValues = implode( "," , $_POST['source'] );

echo $commaSeparatedValues";



If you don't like that format you for extract the values in a foreach loop and format the values to appear any which way you prefer.

Hope that helps!

M. Cold (<= See short! ;) )

brainchildcollective

5:40 am on Dec 30, 2010 (gmt 0)

10+ Year Member



milocold:

Thanks for the quick response, I placed the above bit in and now I'm getting an error.

<?
$commaSeparatedValues = implode( ",", $_POST['source'] );
echo $commaSeparatedValues";
$subject="from ".$_POST['name'];
$headers= "From: ".$_POST['email']."\n";
$headers.='Content-type: text/html; charset=iso-8859-1';
mail("joe@brainchildcollective.com", $subject, "
<html>
<head>
<title>Contact Form</title>
</head>
<body>

<br>
<br>".$_POST['name']." <br />
<br>".$_POST['email']." <br />
<br>".$_POST['phone']." <br />
<br>".$_POST['date']." <br />
<br>".$_POST['source']." <br />
<br>".$_POST['message']." <br />
</br>

</body>
</html>" , $headers);
echo ("Your message was successfully sent!");
?>

Getting this error:
Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING, expecting ',' or ';' on line 8

Any thoughts?

milocold

6:56 am on Dec 30, 2010 (gmt 0)

10+ Year Member



Hi BCC,

Let's see what we can do! First this line:

echo $commaSeparatedValues";

needs to be:

echo $commaSeparatedValues;

But the echo is only used as a test, you don't need it in your mail message. You may want to just delete that line, you'll be fine with the implode into the variable.

Second, this line '<br>".$_POST['source']." <br /> ' should be changed to: '<br>". $commaSeparatedValues ." <br /> '

Hope that helps,

M.Cold

Matthew1980

8:39 am on Dec 30, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hi there brainchildcollective,

Firstly welcome to WebmasterWorld,

Secondly, the only thing I shall add at this point is the way that your declaring your script tags.

<? This is bad practice and WILL stop your script in it's tracks if the server/host/php.ini file isn't set up to handle short style tags.

<?php For the sake of three extra chars, this is compatible with any server set up and tells the parser that your passing the correct language.

I have seen this cause problems so often before.

Thirdly,

As for your issue, this, perhaps is an issue:-

name="source[]"

Each one of these values being passed from the form to your script has been given the same name, and you have attached the array operand to the end of it, so, php is possibly treating it as such.

There are two things that you need to do, first, put this line at the top of the script that your working on:-

error_reporting(E_ALL|E_DEPRECATED);

This will tell you any syntax error's and 'old' functions that you may be un aware that are not supported in later versions of php, for example, eregi_ functions are not supported now, they have been replaced by preg_ functions.

Secondly, check boxes are declared like so:

<input type="checkbox" name="choice_one" value="My_Choice" />

and if the default value needs to be checked you simply do this:-

<input type="checkbox" name="choice_one" value="My_Choice" checked/>

and depending on what standard your coding to, you may need to do this:-

<input type="checkbox" name="choice_one" value="My_Choice" checked="checked"/>

But off hand I can't remember, but either should function.

The way this now works is, IF the check box isn't selected, then the value from the form ISN'T passed to the form as $_POST data as the value in the array isn't set, BUT if you have it checked, this version would be set like thie:-

$_POST['choice_one'] => "My_Choice"


If you do this:-

echo "<pre>";
print_r($_POST);
echo "</pre>";

in your receiving script, then all SET value's will show up in this array, you will then see what happens!

This isn't to say that you CAN'T pass this type of input as an array, you can, but for the sake of this example, and my tiredness, I thought it best to explain the basics first.

Hope that I haven't confused you too much :)

Anyway happy coding, and happy new year!

Cheers,
MRb

brainchildcollective

2:21 pm on Dec 30, 2010 (gmt 0)

10+ Year Member



Milo & Matthew,

Thanks greatly for your help, we are up and running! You two are great!

Regards,
Joe

rocknbil

6:49 pm on Dec 31, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Now all you need to do is cleanse your input, this is highly insecure. What if I could do this?

(subject) = "Joe\nBCC:address1,address2,address3";

You might think it's protected by the form controls, but it is not. Hackers can post directly to your script via command line, and the above would give you

Subject: from Joe
BCC:address1,address2,address3

I've just added a BCC, you get one email, the target gets 1000, you get banned from your ISP for spamming.

(This particular attack is more difficult with PHP because of the way it forms mail headers, but defending against it is good practice anyway.)

Another attack is to insert a multipart header directly in the content, so the second part is a separate entity that does the same thing. You get a single garbled message, spammers can target thousands of emails in one swoop.

The last mistake is usually "this is a small site, none of our users will do any of that." Of course not. It's not them you have to worry about. :-)

Dig around here for cleansing form input, this is an important aspect of any mailer.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 9:00 am Apr 28, 2026