foxclone

I'm getting the following error on a contact form I'm trying to implement: Fatal error: Uncaught Error: Undefined constant "secretcode" in /home/foxclo98/test.foxclone.com/contact.php:33 Stack trace: #0 {main} thrown in /home/foxclo98/test.foxclone.com/contact.php on line 33 Here's the full code of the contact form: <?php $errorlevel=error_reporting(); error_reporting($errorlevel & ~E_WARNING); //...code that generates notices error_reporting($errorlevel); // initialization session_start(); $email_contact = "help@foxclone.com"; $email_website = "webmaster@foxclone.com"; // definition of permitted types/subject/category. use to dynamically build the option list, // pre-selecting any existing choice, and used in the validation logic $permitted_types = ['Questions', 'Report Problem', 'Suggestion', 'Other', 'Website Problem']; $secretcode = ['nospam']; $post = []; // array to hold a trimmed working copy of the form data $errors = []; // array to hold user/validation errors // post method form processing if($_SERVER['REQUEST_METHOD'] == 'POST') { // trim all the data at once $post = array_map('trim',$_POST); // if any of the fields are arrays, use a recursive call-back function here instead of php's trim function // inputs: name, email, type/subject/category, message - all required // validate the inputs $errors = []; //Other validation stuff. if ($post['secretcode'] != 'nospam') { $errors[secretcode] = 'You did not enter the correct secret code.'; } if($post['name'] === '') { $errors['name'] = 'Name is required.'; } if($post['email'] === '') { $errors['email'] = 'Email is required.'; } else { // while it is true that the following email format validation will produce an error // for an empty value, you should specifically tell the visitor what is wrong with what // they submitted if (false === filter_var($post['email'], FILTER_VALIDATE_EMAIL)) { $errors['email'] = 'The Email Address you entered does not appear to be valid.'; } } if($post['type'] === '') { $errors['type'] = 'You must select a Type/Subject/Category.'; } else { // you will only see the following error due to a programming mistake or someone/something submitting their own values if(!in_array($post['type'],$permitted_types)) { $errors['type'] = 'The selected Type is invalid.'; // you would want to log the occurrence of this here... } } if($post['message'] === '') { $errors['message'] = 'Message is required.'; } else { if(strlen($post['message']) < 10) { $errors['message'] = 'The Message must be at least 10 characters.'; } } // if no errors, use the submitted data if(empty($errors)) { // apply htmlentities() to help prevent cross site scripting when viewing the received email in a browser $formcontent = htmlentities("From: {$post['name']}\r\nEmail: {$post['email']}\r\nSubject: {$post['type']}\r\nMessage: {$post['message']}", ENT_QUOTES); if ($post['type'] === "Website Problem") { $recipient=$email_website; } else { $recipient=$email_contact; } $email = $post['email']; // add $post['email'] as a Reply-to: header if desired, it is one, valid email address at this point $mailheader = "From: $email\r\n" ; $mailheader .= "Cc: $email\r\n"; if(!mail($recipient, $post['type'], $formcontent, $mailheader)) { // an error // setup the user error message $errors['mail'] = 'The email could not be sent, the site owner has been notified.'; // system error handling goes here... - datatime, get the last error message, include the mail parameter values... // at this point, all parameters are either an internal value, have been validated they they are just an expected // value/format, or have had htmlentities() applied. } // if no errors at this point, success if(empty($errors)) { $_SESSION['success_message'] = "Mail Sent. Thank you {$post['name']}, we will contact you shortly.."; die(header("Refresh:0")); } } } // html document starts here... ?> <?php // display any success message if(!empty($_SESSION['success_message'])) { // for demo purposes, just output it as a paragraph. add any markup/styling you want echo '<p>'; echo htmlentities($_SESSION['success_message'], ENT_QUOTES); echo " - <a href='index.php#home' style='color:#ff0099;'> Return Home</a>"; echo '</p>'; unset($_SESSION['success_message']); } ?> <?php // display any errors if(!empty($errors)) { // for demo purposes, just output them as a paragraph. add any markup/styling you want echo '<p>'; echo implode('<br>',$errors); echo '</p>'; } ?> <?php // (re)display the form here..., re-populating the fields with any existing values ?> <?php require_once("header.php");?> <style> input, select { width: 20rem; line-height:30px; border:2px solid #2f496e; padding: 0; margin: 0; height: 30px; -moz-box-sizing: border-box; -webkit-box-sizing: border-box; box-sizing: border-box; font: 500 1rem sans-serif; background: #fff; } .input { text-indent: 3px; } </style> </head> <body> <?PHP require_once("navbar.php"); ?> <!--****************** * CONTACT * *******************--> <div class="head__h1"> Need help? Have a suggestion? Why not send us an email?</div> <div class="subtext"> You'll receive a copy of your inquiry for your records </div> <div class ="download"> <div class="cont__row" style="background-color: #d9b44a;"> <div class="cont__column"> <form method="POST"> <label>Secret Code:</label><br> <input type="text" name="secretcode" id="secretcode" placeholder="Type nospam here"> <br> <br> <label>Name</label><br> <input type="text" name="name"><br> <br> <label>Email</label><br> <input type="email" name="email"><br> <br> <label>Select a Category</label> <br> <select name="type" id="category" size="1"> <option value=''> </option> <option value='Questions'>Questions</option> <option value="Report Problem">Report Problem</option> <option value='Suggestion'>Suggestion</option> <option value='Other'>Other</option> <option value="Website Problem"> Website Problem</option> </select> </div> <div class="cont__column"> <label>Message</label><br> <textarea name="message" rows="10" cols="50" style="font: 500 1rem sans-serif"></textarea><br> <br> <div class="button"> <input type="image" id="myimage" src="images/email1.jpg" style="height:40px; width:160px;"/> </form> </div> </div> </div> </div> <?PHP require_once("footer.php"); ?> I'd appreciate ssome help on this.

This almost sounds like a school assignment.

I have everything working now, including updating the database, which is new code. Here's the code: <?php error_reporting(E_ALL); ini_set('display_errors', '1'); function mydloader($l_filename=NULL){ $file=basename($l_filename); $file=__DIR__.'/'.$file; if (file_exists($file)) { // Make database entry require '../../php/PDO_Connection_Select.php'; require '../../php/GetUserIpAddr.php'; $ip = GetUserIpAddr(); if (!$pdo = PDOConnect("foxclone_data")) { exit("unable to connect to database"); } $ext = pathinfo($l_filename, PATHINFO_EXTENSION); $test = $pdo->query("SELECT lookup.id FROM lookup WHERE inet_aton('$ip') >= lookup.ipstart AND inet_aton('$ip') <= lookup.ipend"); $ref = $test->fetchColumn(); $ref = intval($ref); $stmt = $pdo->prepare("INSERT INTO download (`address`, `filename`, `ip_address`, `lookup_id`) VALUES (?, ?, inet_aton('$ip'),?)"); $stmt->execute([$ip, $ext, $ref]) ; } if (!file_exists($file)) { exit("Requested file ($file) does not exist"); } else { header('Content-Description: File Transfer'); header('Content-Type: ' . mime_content_type($file)); header('Content-Disposition: inline; filename="'.basename($file).'"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); readfile($file); exit; } } mydloader($_GET["f"]); I had to put the database update before the file send otherwise the md5sum of the downloaded file was incorrect. Thanks to everyone for their input. I'm currently testing a change for the calling page to pass an integer instead of the filename and doing a lookup for the filename in this script.

@gizmola - I've modified the code using many of the suggestions made in this thread. Here's the code that I have now: <?php error_reporting(E_ALL); ini_set('display_errors', '1'); $file=basename($_GET['f']); $file=__DIR__.'/download/'.$file; function mydloader($file) { if (!file_exists($file)) { die; } else { header('Content-Description: File Transfer'); header('Content-Type: ' . mime_content_type($file)); header('Content-Disposition: inline; filename="'.basename($file).'"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); readfile($file); exit; } } mydloader($_GET["f"]); I thank everyone for their input.

@kicken Thanks for the suggestion. I'll implement it.

@gizmola The filename is passed from a button click on the on the download page. Here's a sample: <a href="download/mydloader.php?f=<?php echo $debname;?>"><center><img src="images/us_download.png" style="height:35px; width:144px; margin-bottom:.5rem;" alt="download deb file"> </center></a> The mydloader.php is located in the folder with the files that are available to download. My intent with the die statement was intended as a failsafe in case the file_exists was false.

It's a .deb file. VScode won't open it because it's binary.

Never mind about web caching, my web host told me how to do it thru cpanel.

What is the correct setting in php.ini to prevent server caching?

@mac_gyver Contents of the partial file follow <br /> <b>Warning</b>: Undefined variable $file_url in <b>/home/foxclo98/public_html/mydloader.php</b> on line <b>21</b><br /> <br /> <b>Fatal error</b>: Uncaught ValueError: Path cannot be empty in /home/foxclo98/public_html/mydloader.php:21 Stack trace: #0 /home/foxclo98/public_html/mydloader.php(21): readfile('') #1 /home/foxclo98/public_html/mydloader.php(44): mydloader('foxclone50_amd6...') #2 {main} thrown in <b>/home/foxclo98/public_html/mydloader.php</b> on line <b>21</b><br />

@mac_gyver The downloaded file is only 495 bytes of a 5 meg .deb file. I'll check for an error file on my web host.

I want to allow users on my hosted website to download files. Most of the following code was copied from php.net but when I run it, I'm only getting 495 bytes of a 5.7M file when testing downloads from my webhost. This code exists in a window that is never seen by the user. $l_filename is passed from another window. I'm not seeing any errors. My code follows: <?php error_reporting(E_ALL); ini_set('display_errors', '1'); function usdloader($l_filename=NULL){ if (file_exists($l_filename)) { $file = preg_replace("/\s+/u", " ", $l_filename); header('Content-Description: File Transfer'); header('Content-Type: ' . mime_content_type($file)); header('Content-Disposition: inline; filename="'.basename($file).'"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); readfile($file); else die; } } usdloader($_GET["f"]); I thank you for your help.

@thesunlover - There's a freshly released version of your system: Discuz! X3.4 official version [2022-04-06]. You can get it at https://www.discuz.net/. The source code is also available from that site. You can pass that information to whoever you hire, if you go that route.

There's a freshly released version of your system: Discuz! X3.4 official version [2022-04-06]. I suggest you install it, it might help you. You can get it at https://www.discuz.net/. The source code is also available from that site.

Is it possible that the host has removed PHP 7.4 and installed PHP 8 in anticipation of the upcoming EOL for 7.4? I'd confirm that PHP 7.4 is still available on your host.