Form always sends to error page...

Hello,

Any help will be greatly appreciated. I am having trouble getting multiple fields to be required, and with the if multiple errors section. I think that's where the problem is. When I click "Submit", no matter if I fill out every field (try it yourself) it sends me to the error page. The original generated script worked fine with just three fields until I added more required fields. Any suggestions for security enhancements (other than CAPTCHA codes) is appreciated, too.

Thank you!

Here's the Site: http://www.charitableprofitarrangement.org/contact.html

========================================== contactOriginal.php ==========================================

<?php

$mailto = 'test@charitableprofitarrangement.org' ;
$subject = "CPA Contact Form" ;
$formurl = "http://www.charitableprofitarrangement.org/contact.html" ;
$errorurl = "http://www.charitableprofitarrangement.org/error.html" ;
$thankyouurl = "http://www.charitableprofitarrangement.org/thankyou.html" ;
$email_is_required = 1;
$firstname_is_required = 1;
$lastname_is_required = 1;
$city_is_required = 1;
$state_is_required = 1;
$subject_is_required = 1;
$message_is_required = 1;
$uself = 0;
$use_envsender = 0;
$use_sendmailfrom = 0;
$use_webmaster_email_for_from = 0;
$use_utf8 = 1;

$headersep = (!isset( $uself ) || ($uself == 0)) ? "\r\n" : "\n" ;
$content_type = (!isset( $use_utf8 ) || ($use_utf8 == 0)) ? 'Content-Type: text/plain; charset="iso-8859-1"' : 'Content-Type: text/plain; charset="utf-8"' ;
if (!isset( $use_envsender )) { $use_envsender = 0 ; }
if (isset( $use_sendmailfrom ) && $use_sendmailfrom) {
ini_set( 'sendmail_from', $mailto );
}
$envsender = "-f$mailto" ;
$firstname = $_POST['firstname'] ;
$lastname = $_POST['lastname'] ;
$organization = $_POST['organization'] ;
$phone = $_POST['phone'] ;
$email = $_POST['email'] ;
$website = $_POST['website'] ;
$subject = $_POST['subject'] ;
$message = $_POST['message'] ;
$http_referrer = getenv( "HTTP_REFERER" );

if ($email_is_required && empty($email) || $firstname_is_required && empty($firstname) || $lastname_is_required && empty($lastname) || $city_is_required && empty($city) || $state_is_required && empty($state) || $subject_is_required && empty($subject) || $message_is_required && empty($message)) {
header( "Location: $errorurl" );
exit ;
}
if (preg_match( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email ) || preg_match( "/[\r\n]/", $firstname ) || preg_match( "/[\r\n]/", $lastname ) || preg_match( "/[\r\n]/", $city ) || preg_match( "/[\r\n]/", $state ) || preg_match( "/[\r\n]/", $subject ) || preg_match( "/[\r\n]/", $message)) {
header( "Location: $errorurl" );
exit ;
}
if (empty($email)) {
$email = $mailto ;
}

$fromemail = (!isset( $use_webmaster_email_for_from ) || ($use_webmaster_email_for_from == 0)) ? $email : $mailto ;

if (get_magic_quotes_gpc()) {
    $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
    while (list($key, $val) = each($process)) {
        foreach ($val as $k => $v) {
            unset($process[$key][$k]);
            if (is_array($v)) {
                $process[$key][stripslashes($k)] = $v;
                $process[] = &$process[$key][stripslashes($k)];
            } else {
                $process[$key][stripslashes($k)] = stripslashes($v);
            }
        }
    }
    unset($process);
}

$messageproper =
"This message was sent from:\n" .
"$http_referrer\n" .
"------------------------------------------------------------\n" .
"First Name: $firstname\n" .
"Last Name: $lastname\n" .
"Organization: $organization\n" .
"City: $city\n" .
"State: $state\n" .
"Phone: $phone\n" .
"Email: $email\n" .
"Website: $website\n" .
"Subject: $subject\n" .
"------------------------- MESSAGE -------------------------\n\n" .
$message .
"\n\n------------------------------------------------------------\n" ;

$headers =
"From: \"$firstname\" <$fromemail>" . $headersep . "Reply-To: \"$firstname\" <$email>" . $headersep . "X-Mailer: chfeedback.php 2.15.0" . $headersep . 'MIME-Version: 1.0' . $headersep . $content_type ;

if ($use_envsender) {
mail( $mailto, $subject, $messageproper, $headers, $envsender );
}
else {
mail( $mailto, $subject, $messageproper, $headers );
}
header( "Location: $thankyouurl" );
exit ;

?>

Even if I add () to this section:

if (($email_is_required && empty($email)) || ($firstname_is_required && empty($firstname)) || ($lastname_is_required && empty($lastname)) || ($city_is_required && empty($city)) || ($state_is_required && empty($state)) || ($subject_is_required && empty($subject)) || ($message_is_required && empty($message))) {
header( "Location: $errorurl" );
exit ;
}

It still does the same thing.

Extra question... Is this the correct code to check that (123abc@123abc.xyz) is used for email?

^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$

or is this:

^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$

I am currently working on adding a check that the phone number is exactly 10 characters and is numbers only. If anyone has that on hand could you post it? I have this so far:

^[0-9 .-]+$

Thanks.

email preg_match('/^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/im', $str)

phone(10 numbers only) preg_match('/^\\d{10}$/m', $str)

well maybe u could do it smthng like this

$valid_points = 0;

//now check every field and if its ok increase valid_points
if(preg_match(,$email))$valid_points++;
if(!empty($first_name))$valid_points++;
if(!empty($last_name))$valid_points++;


//then if we passed all validations we now should have 3 points
if($valid_points == 3)
{
//send email to admin
}
else
{
//error page
}

OK, let me try that out... does that phone code limit 10 characters from being typed on the form side or does it just record only first 10 char entered? Know what I mean, or do I use both what you suggested and maxlength="10" in contact.html?

This is the new code:

<?php

$mailto = 'joseph@charitableprofitarrangement.org' ;
$subject = "CPA Contact Form" ;
$formurl = "http://www.charitableprofitarrangement.org/contact.html" ;
$errorurl = "http://www.charitableprofitarrangement.org/error.html" ;
$thankyouurl = "http://www.charitableprofitarrangement.org/thankyou.html" ;

$valid_points = 0;
$uself = 0;
$use_envsender = 0;
$use_sendmailfrom = 0;
$use_webmaster_email_for_from = 0;
$use_utf8 = 1;

$headersep = (!isset( $uself ) || ($uself == 0)) ? "\r\n" : "\n" ;
$content_type = (!isset( $use_utf8 ) || ($use_utf8 == 0)) ? 'Content-Type: text/plain; charset="iso-8859-1"' : 'Content-Type: text/plain; charset="utf-8"' ;
if (isset( $use_sendmailfrom ) && $use_sendmailfrom) {
ini_set( 'sendmail_from', $mailto );
}
$envsender = "-f$mailto" ;
$firstname = $_POST['firstname'] ;
$lastname = $_POST['lastname'] ;
$organization = $_POST['organization'] ;
$city = $_POST['city'] ;
$state = $_POST['state'] ;
$phone = $_POST['phone'] ;
$email = $_POST['email'] ;
$website = $_POST['website'] ;
$subject = $_POST['subject'] ;
$message = $_POST['message'] ;
$http_referrer = getenv( "HTTP_REFERER" );

if (!isset($_POST['email'])) {
header( "Location: $formurl" );
exit ;
}

if (preg_match( "/^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/im", $email )) $valid_points++ ;
if (preg_match( "/[\r\n]/", $firstname )) $valid_points++ ;
if (preg_match( "/[\r\n]/", $lastname )) $valid_points++ ;
if (preg_match( "/[\r\n]/", $organization )) $valid_points++ ; 
if (preg_match( "/[\r\n]/", $city )) $valid_points++ ;
if (preg_match( "/[\r\n]/", $state )) $valid_points++ ;
if (preg_match( "/^\\d{10}$/m", $phone )) $valid_points++ ;
if (preg_match( "/[\r\n]/", $website )) $valid_points++ ;
if (preg_match( "/[\r\n]/", $subject )) $valid_points++ ;
if (preg_match( "/[\r\n]/", $message)) $valid_points++ ;
if (!empty($email)) $valid_points++ ;
if (!empty($firstname)) $valid_points++ ;
if (!empty($lastname)) $valid_points++ ;
if (!empty($city)) $valid_points++ ;
if (!empty($state)) $valid_points++ ;
if (!empty($subject)) $valid_points++ ;
if (!empty($message)) $valid_points++ ;

if (empty($email)) {
$email = $mailto ;
}

$fromemail = (!isset( $use_webmaster_email_for_from ) || ($use_webmaster_email_for_from == 0)) ? $email : $mailto ;

if (get_magic_quotes_gpc()) {
    $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
    while (list($key, $val) = each($process)) {
        foreach ($val as $k => $v) {
            unset($process[$key][$k]);
            if (is_array($v)) {
                $process[$key][stripslashes($k)] = $v;
                $process[] = &$process[$key][stripslashes($k)];
            } else {
                $process[$key][stripslashes($k)] = stripslashes($v);
            }
        }
    }
    unset($process);
}

$messageproper =
"This message was sent from:\n" .
"$http_referrer\n" .
"------------------------------------------------------------\n" .
"First Name: $firstname\n" .
"Last Name: $lastname\n" .
"Organization: $organization\n" .
"City: $city\n" .
"State: $state\n" .
"Phone: $phone\n" .
"Email: $email\n" .
"Website: $website\n" .
"Subject: $subject\n" .
"------------------------- MESSAGE -------------------------\n\n" .
$message .
"\n\n------------------------------------------------------------\n" ;

$headers =
"From: \"$firstname\" <$fromemail>" . $headersep . "Reply-To: \"$firstname\" <$email>" . $headersep . "X-Mailer: chfeedback.php 2.15.0" . $headersep . 'MIME-Version: 1.0' . $headersep . $content_type ;

if ($validpoints == 17) && ($use_envsender) {
mail( $mailto, $subject, $messageproper, $headers, $envsender );
}
else {
header( "Location: $errorurl" );
exit ;
}

header( "Location: $thankyouurl" );
exit ;

?>

I tried:

if ($validpoints == 17) && ($use_envsender) {
mail( $mailto, $subject, $messageproper, $headers, $envsender );
else {
header( "Location: $errorurl" );
exit ;
}
}

like you suggested but I got an error so I changed it to what you see as the new code. I am still getting the error page. I'm messing with the envsender and use_envsender strings but I do not know if they are connected and used properly. Please help!

woops sorry, thats:

if (($validpoints == 17) && ($use_envsender)) {
mail( $mailto, $subject, $messageproper, $headers, $envsender );
}
else {
header( "Location: $errorurl" );
exit ;
}

try

if ($validpoints == 17) && ($use_envsender)  change to

if ($validpoints == 17 && $use_envsender)

Still sending to error page, updated code:

<?php

$mailto = 'joseph@charitableprofitarrangement.org' ;
$subject = "CPA Contact Form" ;
$formurl = "http://www.charitableprofitarrangement.org/contact.html" ;
$errorurl = "http://www.charitableprofitarrangement.org/error.html" ;
$thankyouurl = "http://www.charitableprofitarrangement.org/thankyou.html" ;

$valid_points = 0;
$uself = 0;
$use_sendmailfrom = 0;
$use_webmaster_email_for_from = 0;
$use_utf8 = 1;
$headersep = (!isset( $uself ) || ($uself == 0)) ? "\r\n" : "\n" ;
$content_type = (!isset( $use_utf8 ) || ($use_utf8 == 0)) ? 'Content-Type: text/plain; charset="iso-8859-1"' : 'Content-Type: text/plain; charset="utf-8"' ;
if (isset( $use_sendmailfrom ) && $use_sendmailfrom) {
ini_set( 'sendmail_from', $mailto );
}
$firstname = $_POST['firstname'] ;
$lastname = $_POST['lastname'] ;
$organization = $_POST['organization'] ;
$city = $_POST['city'] ;
$state = $_POST['state'] ;
$phone = $_POST['phone'] ;
$email = $_POST['email'] ;
$website = $_POST['website'] ;
$subject = $_POST['subject'] ;
$message = $_POST['message'] ;
$http_referrer = getenv( "HTTP_REFERER" );

if (!isset($_POST['email'])) {
header( "Location: $formurl" );
exit ;
}

if (preg_match( '/^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/im', $email)) $valid_points++ ;
if (preg_match( '/[\r\n]/', $firstname)) $valid_points++ ;
if (preg_match( '/[\r\n]/', $lastname)) $valid_points++ ;
if (preg_match( '/[\r\n]/', $organization)) $valid_points++ ; 
if (preg_match( '/[\r\n]/', $city)) $valid_points++ ;
if (preg_match( '/[\r\n]/', $state)) $valid_points++ ;
if (preg_match( '/^\\d{10}$/m', $phone)) $valid_points++ ;
if (preg_match( '/[\r\n]/', $website)) $valid_points++ ;
if (preg_match( '/[\r\n]/', $subject)) $valid_points++ ;
if (preg_match( '/[\r\n]/', $message)) $valid_points++ ;
if (!empty($email)) $valid_points++ ;
if (!empty($firstname)) $valid_points++ ;
if (!empty($lastname)) $valid_points++ ;
if (!empty($city)) $valid_points++ ;
if (!empty($state)) $valid_points++ ;
if (!empty($subject)) $valid_points++ ;
if (!empty($message)) $valid_points++ ;

if (empty($email)) {
$email = $mailto ;
}

$fromemail = (!isset( $use_webmaster_email_for_from ) || ($use_webmaster_email_for_from == 0)) ? $email : $mailto ;

if (get_magic_quotes_gpc()) {
    $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
    while (list($key, $val) = each($process)) {
        foreach ($val as $k => $v) {
            unset($process[$key][$k]);
            if (is_array($v)) {
                $process[$key][stripslashes($k)] = $v;
                $process[] = &$process[$key][stripslashes($k)];
            } else {
                $process[$key][stripslashes($k)] = stripslashes($v);
            }
        }
    }
    unset($process);
}

$messageproper =
"This message was sent from:\n" .
"$http_referrer\n" .
"------------------------------------------------------------\n" .
"First Name: $firstname\n" .
"Last Name: $lastname\n" .
"Organization: $organization\n" .
"City: $city\n" .
"State: $state\n" .
"Phone: $phone\n" .
"Email: $email\n" .
"Website: $website\n" .
"Subject: $subject\n" .
"------------------------- MESSAGE -------------------------\n\n" .
$message .
"\n\n------------------------------------------------------------\n" ;

$headers =
"From: \"$firstname\" <$fromemail>" . $headersep . "Reply-To: \"$firstname\" <$email>" . $headersep . "X-Mailer: chfeedback.php 2.15.0" . $headersep . 'MIME-Version: 1.0' . $headersep . $content_type ;

if ($validpoints == 17) {
mail( $mailto, $subject, $messageproper, $headers );
}
else {
header( "Location: $errorurl" );
exit ;
}

header( "Location: $thankyouurl" );
exit ;

?>

if ($validpoints == 17) => $valid_points see _ ?

Fixed that (duuuh, heh) but still sends to error page.

This code works just fine but does not have all the fields I want checked and required.

<?php

$mailto = 'joseph@charitableprofitarrangement.org' ;
$subject = "CPA Contact Form" ;
$formurl = "http://www.charitableprofitarrangement.org/contact.html" ;
$errorurl = "http://www.charitableprofitarrangement.org/error.html" ;
$thankyouurl = "http://www.charitableprofitarrangement.org/thankyou.html" ;

$email_is_required = 1;
$name_is_required = 1;
$comments_is_required = 1;
$uself = 0;
$use_envsender = 0;
$use_sendmailfrom = 0;
$use_webmaster_email_for_from = 0;
$use_utf8 = 1;
$my_recaptcha_private_key = '' ;

$headersep = (!isset( $uself ) || ($uself == 0)) ? "\r\n" : "\n" ;
$content_type = (!isset( $use_utf8 ) || ($use_utf8 == 0)) ? 'Content-Type: text/plain; charset="iso-8859-1"' : 'Content-Type: text/plain; charset="utf-8"' ;
if (!isset( $use_envsender )) { $use_envsender = 0 ; }
if (isset( $use_sendmailfrom ) && $use_sendmailfrom) {
ini_set( 'sendmail_from', $mailto );
}
$envsender = "-f$mailto" ;
$fullname = (isset($_POST['fullname']))? $_POST['fullname'] : $_POST['name'] ;
$email = $_POST['email'] ;
$comments = $_POST['comments'] ;
$http_referrer = getenv( "HTTP_REFERER" );

if (!isset($_POST['email'])) {
header( "Location: $formurl" );
exit ;
}
if (($email_is_required && (empty($email) || !preg_match('/@/', $email))) || ($name_is_required && empty($fullname)) || ($comments_is_required && empty($comments))) {
header( "Location: $errorurl" );
exit ;
}
if ( preg_match( "/[\r\n]/", $fullname ) || preg_match( "/[\r\n]/", $email ) ) {
header( "Location: $errorurl" );
exit ;
}
if (strlen( $my_recaptcha_private_key )) {
require_once( 'recaptchalib.php' );
$resp = recaptcha_check_answer ( $my_recaptcha_private_key, $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field'] );
if (!$resp->is_valid) {
	header( "Location: $errorurl" );
	exit ;
}
}
if (empty($email)) {
$email = $mailto ;
}
$fromemail = (!isset( $use_webmaster_email_for_from ) || ($use_webmaster_email_for_from == 0)) ? $email : $mailto ;

if (function_exists( 'get_magic_quotes_gpc' ) && get_magic_quotes_gpc()) {
$comments = stripslashes( $comments );
}

$messageproper =
"This message was sent from:\n" .
"$http_referrer\n" .
"------------------------------------------------------------\n" .
"Name of sender: $fullname\n" .
"Email of sender: $email\n" .
"------------------------- COMMENTS -------------------------\n\n" .
$comments .
"\n\n------------------------------------------------------------\n" ;

$headers =
"From: \"$fullname\" <$fromemail>" . $headersep . "Reply-To: \"$fullname\" <$email>" . $headersep . "X-Mailer: chfeedback.php 2.15.0" .
$headersep . 'MIME-Version: 1.0' . $headersep . $content_type ;

if ($use_envsender) {
mail($mailto, $subject, $messageproper, $headers, $envsender );
}
else {
mail($mailto, $subject, $messageproper, $headers );
}
header( "Location: $thankyouurl" );
exit ;

?>

Well I have looked at your site. I see there 6 red stars so we must pass 6 checks.

For me it looks like u doing simple task too complicated.

Why not do it much simpler?

$email = addslashes($_POST['email']); 
$firstname = addslashes($_POST['firstname']); 
$lastname = addslashes($_POST['lastname']); 
$city = addslashes($_POST['city']); 
$state = addslashes($_POST['state']); 
$subject = addslashes($_POST['subject']); 
$message = addslashes($_POST['message']);

$valid_email = (preg_match('/^[A-Z0-9._%-]+@[A-Z0-9.-]+\\.[A-Z]{2,4}$/im', $email)) ? true : false;
$valid_firstname = (!empty($firstname)) ? true : false;
$valid_lastname = (!empty($lastname)) ? true : false;
$valid_city = (!empty($city)) ? true : false;
$valid_state = (!empty($state)) ? true : false;
$valid_message = (!empty($subject) && !empty($message)) ? true : false;


if($valid_email && $valid_firstname && $valid_lastname && $valid_city && $valid_state && $valid_message)
{
//send mail to admin or whatever
}
else
{
  //error page
}

Anyways ther's a lot mess && unlogical things in your code. Fiew of them:

#1

(empty($email) || !preg_match('/@/', $email))

preg_match('/@/', $email) will not pass for empty string then why check if it's empty?

it would be enought (!preg_match('/@/', $email)). Anyway it's not good email validation and u don't need use preg_match to check if string contains another string use strpos()/strstr()

#2

if (empty($email)) 
{	
$email = $mailto ;
}

u will never reach this 'if' because u allready are in errorpage by this one

if (($email_is_required && (empty($email) || !preg_match('/@/', $email))) || ($name_is_required && empty($fullname)) || ($comments_is_required && empty($comments)))

#3

$email_is_required = 1;
$name_is_required = 1;
$comments_is_required = 1;

why u need these? are u planing to change your mind one day and say "oh what a hell lets make name field not required from now" and set $name_is_required = 0 ? in my opinion it's just waste of code bits and your time.

anyway one idea maybe u are failing on your capcha check? just saying...

I'm going to try that out, thank you for your help.

Finally, it works!!! Thank you so much! Here's the final code for anyone else making a form:

<?php

$mailto = 'your@email.com' ;
$subject = "Your Contact Form" ;
$formurl = "http://www.yoursite.com/contact.html" ;
$errorurl = "http://www.yoursite.com/error.html" ;
$thankyouurl = "http://www.yoursite.com/thankyou.html" ;
$uself = 0;
$use_sendmailfrom = 0;
$use_webmaster_email_for_from = 0;
$use_utf8 = 1;
$headersep = (!isset( $uself ) || ($uself == 0)) ? "\r\n" : "\n" ;
$content_type = (!isset( $use_utf8 ) || ($use_utf8 == 0)) ? 'Content-Type: text/plain; charset="iso-8859-1"' : 'Content-Type: text/plain; charset="utf-8"' ;
if (isset( $use_sendmailfrom ) && $use_sendmailfrom) {
ini_set( 'sendmail_from', $mailto );
}
$firstname = addslashes($_POST['firstname']) ;
$lastname = addslashes($_POST['lastname']) ;
$city = addslashes($_POST['city']) ;
$state = addslashes($_POST['state']) ;
$phone = addslashes($_POST['phone']) ;
$email = addslashes($_POST['email']) ;
$website = addslashes($_POST['website']) ;
$subject = addslashes($_POST['subject']) ;
$message = addslashes($_POST['message']) ;
$http_referrer = getenv( "HTTP_REFERER" );

if (!isset($_POST['email'])) {
header( "Location: $formurl" );
exit ;
}

$valid_email = (preg_match('/^[A-Z0-9._%-]+@[A-Z0-9.-]+\\.[A-Z]{2,4}$/im', $email)) ? true : false;
$valid_firstname = (!empty($firstname)) ? true : false;
$valid_lastname = (!empty($lastname)) ? true : false;
$valid_city = (!empty($city)) ? true : false;
$valid_state = (!empty($state)) ? true : false;
$valid_message = (!empty($subject) && !empty($message)) ? true : false;

$fromemail = (!isset( $use_webmaster_email_for_from ) || ($use_webmaster_email_for_from == 0)) ? $email : $mailto ;

if (get_magic_quotes_gpc()) {
    $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
    while (list($key, $val) = each($process)) {
        foreach ($val as $k => $v) {
            unset($process[$key][$k]);
            if (is_array($v)) {
                $process[$key][stripslashes($k)] = $v;
                $process[] = &$process[$key][stripslashes($k)];
            } else {
                $process[$key][stripslashes($k)] = stripslashes($v);
            }
        }
    }
    unset($process);
}

$messageproper =
"This message was sent from:\n" .
"$http_referrer\n" .
"------------------------------------------------------------\n" .
"First Name: $firstname\n" .
"Last Name: $lastname\n" .
"City: $city\n" .
"State: $state\n" .
"Phone: $phone\n" .
"Email: $email\n" .
"Website: $website\n" .
"Subject: $subject\n" .
"------------------------- MESSAGE -------------------------\n\n" .
$message .
"\n\n------------------------------------------------------------\n" ;

$headers =
"From: \"$firstname\" <$fromemail>" . $headersep . "Reply-To: \"$firstname\" <$email>" . $headersep . "X-Mailer: chfeedback.php 2.15.0" . $headersep . 'MIME-Version: 1.0' . $headersep . $content_type ;

if ($valid_email && $valid_firstname && $valid_lastname && $valid_city && $valid_state && $valid_message) {
mail( $mailto, $subject, $messageproper, $headers );
}
else {
header( "Location: $errorurl" );
exit ;
}

header( "Location: $thankyouurl" );
exit ;

?>