foxclone

Here's my code as it currently exists: <?php ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); // initialization session_start(); $email_contact = "help@foxclone.com"; $email_website = "webmaster@foxclone.com"; // definition of permitted types/subject/category. use to dynamically build the option list, // pre-selecting any existing choice, and used in the validation logic $permitted_types = ['Questions', 'Report Problem', 'Suggestion', 'Other', 'Website Problem']; $post = []; // array to hold a trimmed working copy of the form data $errors = []; // array to hold user/validation errors // post method form processing if($_SERVER['REQUEST_METHOD'] == 'POST') { // trim all the data at once $post = array_map('trim',$_POST); // if any of the fields are arrays, use a recursive call-back function here instead of php's trim function // inputs: name, email, type/subject/category, message - all required // validate the inputs if($post['name'] === '') { $errors['name'] = 'Name is required.'; } if($post['email'] === '') { $errors['email'] = 'Email is required.'; } else { // while it is true that the following email format validation will produce an error // for an empty value, you should specifically tell the visitor what is wrong with what // they submitted if (false === filter_var($post['email'], FILTER_VALIDATE_EMAIL)) { $errors['email'] = 'The Email Address you entered does not appear to be valid.'; } } if($post['type'] === '') { $errors['type'] = 'You must select a Type/Subject/Category.'; } else { // you will only see the following error due to a programming mistake or someone/something submitting their own values if(!in_array($post['type'],$permitted_types)) { $errors['type'] = 'The selected Type is invalid.'; // you would want to log the occurrence of this here... } } if($post['message'] === '') { $errors['message'] = 'Message is required.'; } else { if(strlen($post['message']) < 10) { $errors['message'] = 'The Message must be at least 10 characters.'; } } // if no errors, use the submitted data if(empty($errors)) { // apply htmlentities() to help prevent cross site scripting when viewing the received email in a browser $formcontent = htmlentities("From: {$post['name']}\r\nEmail: {$post['email']}\r\nSubject: {$post['type']}\r\nMessage: {$post['message']}", ENT_QUOTES); if ($post['type'] === "Website Problem") { $recipient=$email_website; } else { $recipient=$email_contact; } // add $post['email'] as a Reply-to: header if desired, it is one, valid email address at this point $mailheader = "From: $recipient\r\n"; if(!mail($recipient, $post['type'], $formcontent, $mailheader)) { // an error // setup the user error message $errors['mail'] = 'The email could not be sent, the site owner has been notified.'; // system error handling goes here... - datatime, get the last error message, include the mail parameter values... // at this point, all parameters are either an internal value, have been validated they they are just an expected value/format, or have had htmlentities() applied. } // if no errors at this point, success if(empty($errors)) { $_SESSION['success_message'] = "Mail Sent. Thank you {$post['name']}, we will contact you shortly.."; die(header("Refresh:0")); } } } // html document starts here... ?> <?php // display any success message if(!empty($_SESSION['success_message'])) { // for demo purposes, just output it as a paragraph. add any markup/styling you want echo '<p>'; echo htmlentities($_SESSION['success_message'], ENT_QUOTES); echo " - <a href='index.php#home' style='color:#ff0099;'> Return Home</a>"; echo '</p>'; unset($_SESSION['success_message']); } ?> <?php // display any errors if(!empty($errors)) { // for demo purposes, just output them as a paragraph. add any markup/styling you want echo '<p>'; echo implode('<br>',$errors); echo '</p>'; } ?> <?php // (re)display the form here..., re-populating the fields with any existing values return; ?> <?php require_once("header.php");?> <style> input, select { width: 20rem; line-height:30px; border:2px solid #2f496e; padding: 0; margin: 0; height: 30px; -moz-box-sizing: border-box; -webkit-box-sizing: border-box; box-sizing: border-box; font: 500 1rem sans-serif; background: #fff; } .input { text-indent: 3px; } </style> </head> <body> <?PHP require_once("navbar.php"); ?> <!--****************** * CONTACT * *******************--> <div class="head__h1"> Need help? Have a suggestion? Why not send us an email?</div> <div class="subtext"> We'll get back to you soon </div> <div class ="download"> <div class="cont__row" style="background-color: #d9b44a;"> <div class="cont__column"> <form method="POST"> <label>Name</label><br> <input type="text" name="name" value="<?php echo $name;?>"><br> <br> <label>Email</label><br> <input type="email" name="email" value="<?php echo $email;?>"><br> <br> <label>Select a Category</label> <br> <select name="type" id="category" size="1" value="<?php echo $type;?>"> <option value=''> </option> <option value='Questions'>Questions</option> <option value="Report Problem">Report Problem</option> <option value='Suggestion'>Suggestion</option> <option value='Other'>Other</option> <option value="Website Problem"> Website Problem</option> </select> </div> <div class="cont__column"> <label>Message</label><br> <textarea name="message" rows="10" cols="50" style="font: 500 1rem sans-serif"><?php echo $message;?></textarea><br> <br> <div class="button"> <input type="image" id="myimage" src="images/email1.jpg" style="height:40px; width:160px;"/> </form> </div> </div> </div> </div> <?PHP require_once("footer.php"); ?> When I try to open the contact page, I get the following error: I tried putting a 'session_destroy();' before the session_start() but it said there was no session to destroy.

@mac_gyver - I fixed that. Do you have any idea where I should change the setting in Cpanel to prevent caching of .php files? Found it and disabled caching.

I need to make a correction. Apparently, the cache isn't clearing on Chrome even when I tell it to. I opened FF and there was no error on opening the contact page. It only appeared after clicking on the send button.

@gizmola - Here are the warnings. It's happening as soon as I open that page, even though the page displays and the email sends when I click the send button. Warning: session_start(): Session cannot be started after headers have already been sent in /home/foxclo98/test.foxclone.com/contact.php on line 7 Warning: Cannot modify header information - headers already sent by (output started at /home/foxclo98/test.foxclone.com/contact.php:1) in /home/foxclo98/test.foxclone.com/contact.php on line 106

@gizmola Thanks for chiming in. Here's the code as it exists at the moment: error_reporting = E_ALL <?php // initialization session_start(); $email_contact = "help@foxclone.com"; $email_website = "webmaster@foxclone.com"; // definition of permitted types/subject/category. use to dynamically build the option list, // pre-selecting any existing choice, and used in the validation logic $permitted_types = ['Questions', 'Report Problem', 'Suggestion', 'Other', 'Website Problem']; $post = []; // array to hold a trimmed working copy of the form data $errors = []; // array to hold user/validation errors // post method form processing if($_SERVER['REQUEST_METHOD'] == 'POST') { // trim all the data at once $post = array_map('trim',$_POST); // if any of the fields are arrays, use a recursive call-back function here instead of php's trim function // inputs: name, email, type/subject/category, message - all required // validate the inputs if($post['name'] === '') { $errors['name'] = 'Name is required.'; } if($post['email'] === '') { $errors['email'] = 'Email is required.'; } else { // while it is true that the following email format validation will produce an error // for an empty value, you should specifically tell the visitor what is wrong with what // they submitted if (false === filter_var($post['email'], FILTER_VALIDATE_EMAIL)) { $errors['email'] = 'The Email Address you entered does not appear to be valid.'; } } if($post['type'] === '') { $errors['type'] = 'You must select a Type/Subject/Category.'; } else { // you will only see the following error due to a programming mistake or someone/something submitting their own values if(!in_array($post['type'],$permitted_types)) { $errors['type'] = 'The selected Type is invalid.'; // you would want to log the occurrence of this here... } } if($post['message'] === '') { $errors['message'] = 'Message is required.'; } else { if(strlen($post['message']) < 10) { $errors['message'] = 'The Message must be at least 10 characters.'; } } // if no errors, use the submitted data if(empty($errors)) { // apply htmlentities() to help prevent cross site scripting when viewing the received email in a browser $formcontent = htmlentities("From: {$post['name']}\r\nEmail: {$post['email']}\r\nSubject: {$post['type']}\r\nMessage: {$post['message']}", ENT_QUOTES); if ($post['type'] === "Website Problem") { $recipient=$email_website; } else { $recipient=$email_contact; } // add $post['email'] as a Reply-to: header if desired, it is one, valid email address at this point $mailheader = "From: $recipient\r\n"; if(!mail($recipient, $post['type'], $formcontent, $mailheader)) { // an error // setup the user error message $errors['mail'] = 'The email could not be sent, the site owner has been notified.'; // system error handling goes here... - datatime, get the last error message, include the mail parameter values... // at this point, all parameters are either an internal value, have been validated they they are just an expected value/format, or have had htmlentities() applied. } // if no errors at this point, success if(empty($errors)) { $_SESSION['success_message'] = "Mail Sent. Thank you {$post['name']}, we will contact you shortly.."; die(header("Refresh:0")); } } } // html document starts here... ?> <?php // display any success message if(!empty($_SESSION['success_message'])) { // for demo purposes, just output it as a paragraph. add any markup/styling you want echo '<p>'; echo htmlentities($_SESSION['success_message'], ENT_QUOTES); echo " - <a href='index.php#home' style='color:#ff0099;'> Return Home</a>"; echo '</p>'; unset($_SESSION['success_message']); } ?> <?php // display any errors if(!empty($errors)) { // for demo purposes, just output them as a paragraph. add any markup/styling you want echo '<p>'; echo implode('<br>',$errors); echo '</p>'; } ?> <?php // (re)display the form here..., re-populating the fields with any existing values ?> <?php require_once("header.php");?> <style> input, select { width: 20rem; line-height:30px; border:2px solid #2f496e; padding: 0; margin: 0; height: 30px; -moz-box-sizing: border-box; -webkit-box-sizing: border-box; box-sizing: border-box; font: 500 1rem sans-serif; background: #fff; } .input { text-indent: 3px; } </style> </head> <body> <?PHP require_once("navbar.php"); ?> <div class="head__h1"> Need help? Have a suggestion? Why not send us an email?</div> <div class="subtext"> We'll get back to you soon </div> <div class ="download"> <div class="cont__row" style="background-color: #d9b44a;"> <div class="cont__column"> <form method="POST"> <label>Name</label><br> <input type="text" name="name"><br> <br> <label>Email</label><br> <input type="email" name="email"><br> <br> <label>Select a Category</label> <br> <select name="type" id="category" size="1"> <option value=''> </option> <option value='Questions'>Questions</option> <option value="Report Problem">Report Problem</option> <option value='Suggestion'>Suggestion</option> <option value='Other'>Other</option> <option value="Website Problem"> Website Problem</option> </select> </div> <div class="cont__column"> <label>Message</label><br> <textarea name="message" rows="10" cols="50" style="font: 500 1rem sans-serif"></textarea><br> <br> <div class="button"> <input type="image" id="myimage" src="images/email1.jpg" style="height:40px; width:160px;"/> </form> </div> </div> </div> </div> <?PHP require_once("footer.php"); ?>

Now I'm not getting the success message at all. I'm getting the following errors on my web host: Warning: session_start(): Session cannot be started after headers have already been sent in /home/foxclo98/test.foxclone.com/contact.php on line 5 Warning: Cannot modify header information - headers already sent by (output started at /home/foxclo98/test.foxclone.com/contact.php:1) in /home/foxclo98/test.foxclone.com/contact.php on line 104 These warnings showed after adding "error_reporting = E_ALL" (without quotes) to the top of the file.

@mac_gyver I just noticed another problem. After sending an email and getting the success message, if I go to any other page, then return to the contact page, the success message is still there. I tried putting a session_destroy() just before going into the contact page's html, but it didn't help. Do you have any ideas?

Duh.... I was on my local server, not my host. Where should I modify the code so that if the error is in one of the fields, they can return to it without having to fill everything in again?

@mac_gyver I've decided that it's not important to send a copy of the message back to the person submitting it. My only remaining problem is that it's not displaying the success message after the message is sent. I'm using your code as provided.

@mac_gyver Thanks once more, the script works perfectly. Is there a way to include a CC instead of a Reply-to in the mailheader so the person sending the message gets a copy of what they sent? Replacing the Reply-to with CC doesn't work. I guess I could put both addresses in an array and process it into the mailheader.

@mac_gyverThanks again. I spent the morning trying to configure phpmailer to work without success. I have a two column layout for the contact form and phpmailer totally ignored all css settings. It also failed to fill the dropdown for the type of message. I'll give your suggestion after I eat lunch.

@mac_gyver - Thanks for your detailed response. The code has been in use for over a year without complaint from our users although I'm open to making the email system more secure. The email page was initially developed when I had little knowledge and was using various internet pages to develop it. I can see that I have a lot of studying to do before I start re-writing it. Thanks again. @kicken - Thanks for pointing out those errors.

@gizmola - Thanks for giving my code a look. I'm having a problem with your second solution. Visual Studio is giving me errors starting with wanting me to put a curly brace in front of the if. Should I delete all the code before that? NOTE: got it fixed. Deleted all code before it. Working beautifully now.

My contact form and this email validation works well. I'd like some input about whether this validation form can be improved. <?php error_reporting(E_ALL); ini_set('display_errors', '1'); if(isset($_POST['email'])) { // EDIT THE 2 LINES BELOW AS REQUIRED $email_to = "help@foxclone.com"; $email_subject = "Your email subject line"; function died($error) { // your error code can go here echo "We are very sorry, but there were error(s) found with the form you submitted. "; echo "These errors appear below.<br /><br />"; echo $error."<br /><br />"; echo "Please press your back key and fix these errors.<br /><br />"; die(); } // validation expected data exists if(!isset($_POST['name']) || !isset($_POST['email']) || !isset($_POST['type']) || !isset($_POST['message'])) { died('We are sorry, but there appears to be a problem with the form you submitted.'); } $name = $_POST['name']; // required $email = $_POST['email']; // required $subject = $_POST['type']; // required $subject2 = "Copy of email sent to foxclone.com"; //fixed $message = $_POST['message']; // required $error_message = ""; $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/'; if(!preg_match($email_exp,$email)) { $error_message .= 'The Email Address you entered does not appear to be valid.<br />'; } $string_exp = "/^[A-Za-z .'-]+$/"; if(!preg_match($string_exp,$name)) { $error_message .= 'The Name you entered does not appear to be valid.<br />'; } if($subject='') { $error_message .= 'You must select a Category.<br />'; } if(($subject)!=('Questions'||'Report Problem'||'Suggestion'||'Other'||'Website Problem')) { $error_message .= 'The Category you entered is invalid.<br />'; } if(strlen($message) < 10) { $error_message .= 'The Comments you entered do not appear to be valid.<br />'; } if(strlen($error_message) > 0) { died($error_message); } $email_message = "Form details below.\n\n"; function clean_string($string) { $bad = array("content-type","bcc:","to:","cc:","href"); return str_replace($bad,"",$string); } $email_message .= "Name: ".clean_string($name)."\n"; $email_message .= "Email: ".clean_string($email)."\n"; $email_message .= "Subject: ".clean_string($subject)."\n"; $email_message .= "Message: ".clean_string($message)."\n"; $formcontent="From: $name\r\nEmail: $email\r\nSubject: $subject\r\nMessage: $message"; if ($subject =="Website Problem") { $recipient="webmaster@foxclone.com" ; } else { $recipient="help@foxclone.com"; } $mailheader = "From: $email\r\n"; mail($recipient, $subject, $formcontent, $mailheader) or die("Error1!"); mail($email, $subject2, $formcontent, $mailheader) or die("Error2!"); echo "Mail Sent. Thank you " . $name . ", we will contact you shortly.. " . " -" . "<a href='index.php#home' style='color:#ff0099;'> Return Home</a>"; } ?> Thanks in advance.

@gizmola - Disregard all previous messages. Got everything working. Some files were owned by me but were in Root group. Thanks for everything.

@gizmola - I just checked the status of Apache2 and got the following error: Could this be part of the problem? Apache is installed in /etc/apache2. I'll set it and see what happens. NOTE: I just found out only the config files are located in /etc/apache2. Don't know where the runtimes are.

@gizmola- I fixed the foxclone problembefore my last message. The problem is that project 2,3, and 4 don't work. That's why I posted project2, hoping you'd see a problem. Here's the result of "ps aux | grep http" : larry@t430:~$ ps aux | grep http larry 2130 0.0 0.0 2420 520 ? S 06:02 0:00 sh -c /usr/lib/x86_64-linux-gnu/libproxy/0.4.17/pxgsettings org.gnome.system.proxy org.gnome.system.proxy.http org.gnome.system.proxy.https org.gnome.system.proxy.ftp org.gnome.system.proxy.socks larry 2131 0.0 0.0 233200 8556 ? Sl 06:02 0:00 /usr/lib/x86_64-linux-gnu/libproxy/0.4.17/pxgsettings org.gnome.system.proxy org.gnome.system.proxy.http org.gnome.system.proxy.https org.gnome.system.proxy.ftp org.gnome.system.proxy.socks larry 2185 0.0 0.0 16798540 3020 ? Sl 06:03 0:00 /opt/google/chrome/chrome_crashpad_handler --monitor-self --monitor-self-annotation=ptype=crashpad-handler --database=/home/larry/.config/google-chrome/Crash Reports --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=lsb-release=LMDE 5 (elsie) --annotation=plat=Linux --annotation=prod=Chrome_Linux --annotation=ver=100.0.4896.75 --initial-client-fd=5 --shared-client-connection larry 2187 0.0 0.0 16790328 1324 ? Sl 06:03 0:00 /opt/google/chrome/chrome_crashpad_handler --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler --database=/home/larry/.config/google-chrome/Crash Reports --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=lsb-release=LMDE 5 (elsie) --annotation=plat=Linux --annotation=prod=Chrome_Linux --annotation=ver=100.0.4896.75 --initial-client-fd=4 --shared-client-connection larry 7522 0.0 0.0 277312 13336 ? Sl 06:58 0:00 /usr/libexec/gvfsd-http --spawner :1.17 /org/gtk/gvfs/exec_spaw/1 larry 32030 0.0 0.0 6180 716 pts/0 S+ 15:43 0:00 grep http Thanks again.

I've split the combined file into individual files and get the same results. I'm totally stumped. Here's my project2.conf file: <VirtualHost *:80> ServerAdmin webmaster@test ServerName www.project2.test DocumentRoot /var/www/blue/public_html <Directory /var/www/blue/public_html> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory> ErrorLog /var/log/apache2/test-error.log LogLevel error CustomLog /var/log/apache2/test-access.log combined </VirtualHost>

@gizmola - I've run into a problem. I tried adding project2 to the file but it's not working. I did add an entry for it in hosts file. Here's what I have: <Directory /> AllowOverride None </Directory> <VirtualHost *:80> ServerAdmin webmaster@test ServerName foxclone DocumentRoot /var/www/foxclone/public_html <Directory /var/www/public_html> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> ErrorLog /var/log/apache2/foxclone-error.log LogLevel error CustomLog /var/log/apache2/foxclone-access.log combined </VirtualHost> <VirtualHost *:80> ServerAdmin webmaster@test ServerName www.project1.test DocumentRoot /var/www/test/public_html <Directory /var/www/test/public_html> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> ErrorLog /var/log/apache2/test-error.log LogLevel error CustomLog /var/log/apache2/test-access.log combined </VirtualHost> <VirtualHost *:80> ServerAdmin webmaster@test ServerName www.project2.test DocumentRoot /var/www/brown/public_html <Directory /var/www/brown/public_html> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> ErrorLog /var/log/apache2/test-error.log LogLevel error CustomLog /var/log/apache2/test-access.log combined </VirtualHost> What I get when I enter http://www.project2.test in my browser is just an "Index of /" and a blank page. There is an index.php in the public_html folder. I appreciate your help.

@gizmola - Got everything fixed - had to better define DocumentRoot path for both. I appreciate your continued support.

@gizmola - Does that get put in as one long file? I did, and both project1 and project2 take me to the test folder. project1 should be taking me to the foxclone folder.

I did some testing. If I enter 127.0.0.1/test/public_html, the new test website appears in the web browser. This tells me the problem isn't in the hosts file. If I enter http://test/public_html in the web browser, I get a Not Found. This tells me that the the problem is with Apache.

My Apache2 local server is working fine for my website. I've added a test.conf to sites-available and added it to my hosts file so I can do some experimentation without messing with my production website. The problem is that when I try to go to it in my web browser, I get a Not Found. This is on a Linux system, and yes, I did restart apache after I added test.conf. There's nothing in either the error log or the access log. My entry from sites-enabled follows: <VirtualHost *:80> ServerAdmin webmaster@test ServerName test ServerAlias test DocumentRoot /var/www/test/public_html <Directory /> AllowOverride All </Directory> <Directory /var/www/test/public_html> Options Indexes FollowSymLinks MultiViews AllowOverride all Require all granted </Directory> ErrorLog /var/log/apache2/test-error.log LogLevel error CustomLog /var/log/apache2/test-access.log combined </VirtualHost> I'm beginning to wonder if test is a reserved word for apache. I'd appreciate some help on this. Thanks in advance.

Thanks, that took care of it. I'll put a sticky on my computer to remind me.

Where is it getting (include_path='.:/usr/share/php') from?