arwvisions
Members-
Posts
15 -
Joined
-
Last visited
Never
Profile Information
-
Gender
Not Telling
arwvisions's Achievements
Newbie (1/5)
0
Reputation
-
this is the part that process and sends the email. It's just sends me an email of all the input fields. Usually each input name and value on one line. <?php /* YOU DO NOT NEED TO CHANGE ANYTHING IN HERE */ include 'config.php'; // set-up redirect page if($send_back_to_form == "yes") { $redirect_to = $form_page_name."?done=1"; } else { $redirect_to = $success_page; } if(isset($_POST['enc'])) { /* THIS IS THE NEW FORM VALIDATION SECTION */ include 'validation.class.php'; // check for any human hacking attempts class clean { function comments($message) { $this->naughty = false; $this->message = $message; $bad = array("content-type","bcc:","to:","cc:","href"); $for = array( "\r", "\n", "%0a", "%0d"); foreach($bad as $b) { if(eregi($b, $this->message)) { $this->naughty = true; } } $this->message = str_replace($bad,"#removed#", $this->message); $this->message = stripslashes(str_replace($for, ' ', $this->message)); // check for HTML/Scripts $length_was = strlen($this->message); $this->message = strip_tags($this->message); if(strlen($this->message) < $length_was) { $this->naughty = true; } } } // class // function to handle errors function error_found($mes,$failure_accept_message,$failure_page) { if($failure_accept_message == "yes") { $qstring = "?prob=".urlencode(base64_encode($mes)); } else { $qstring = ""; } $error_page_url = $failure_page."".$qstring; header("Location: $error_page_url"); die(); } /* SET REQUIRED */ $reqobj = new required; // ADD ALL REQUIRED FIELDS TO VALIDATE! $out = $reqobj->out(); $val = new validate($out, $_POST); if($val->error) { $er = $val->error_string; error_found($er,$failure_accept_message,$failure_page); die(); } /* validate the encrypted strings */ $dec = false; $valid = false; $dec = valEncStr(trim($_POST['enc']), $mkMine); if($dec == true) { $valid = true; } else { $er = "Field data was incorrect.<br />$dec"; error_found($er,$failure_accept_message,$failure_page); die(); } // check the spam question has the correct answer $ans_one = $_POST['answer_out']; $fa = new encdec; $ans_two = $fa->decrypt($_POST['answer_p']); if($ans_one === $ans_two) { $valid = true; } else { $er ='Your spam prevention answer was wrong.'; error_found($er,$failure_accept_message,$failure_page); die(); } if($valid) { $email_from = $_POST['email']; $email_message = "Please find below a message submitted on ".date("Y-m-d")." at ".date("H:i")."\n\n"; // loop through all form fields submitted // ignore all fields used for security measures foreach($_POST as $field_name => $field_value) { if($field_name == "answer_out" || $field_name == "answer_p" || $field_name == "enc" || $field_value == "") { // do not email these security details } else { // run all submitted content through string checker // removing any dangerous code $ms = new clean; $ms->comments($field_value); $is_naughty = $ms->naughty; $this_val = $ms->message; if($field_name == "fullname" || $field_name == "address" || $field_name == "city" || $field_name == "states" || $field_name == "email" || $field_name == "zip" || $field_name == "comment" || $field_name == "phone" || $field_name == "economist") { $email_message .= $field_name.": ".$this_val."\n\n"; } elseif ($field_name =="start_del/sub" || $field_name =="end_del/sub") { $email_message .="\n\n".$field_name."\n\n"; } elseif ($field_name == "del_code_1" || $field_name == "del_1" || $field_name == "sub_code_1" || $field_name == "sub_1") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_2" || $field_name == "del_2" || $field_name == "sub_code_2" || $field_name == "sub_2") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_3" || $field_name == "del_3" || $field_name == "sub_code_3" || $field_name == "sub_3") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_4" || $field_name == "del_4" || $field_name == "sub_code_4" || $field_name == "sub_4") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_5" || $field_name == "del_5" || $field_name == "sub_code_5" || $field_name == "sub_5") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_6" || $field_name == "del_6" || $field_name == "sub_code_6" || $field_name == "sub_6") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_7" || $field_name == "del_7" || $field_name == "sub_code_7" || $field_name == "sub_7") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_8" || $field_name == "del_8" || $field_name == "sub_code_8" || $field_name == "sub_8") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_9" || $field_name == "del_9" || $field_name == "sub_code_9" || $field_name == "sub_9") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_10" || $field_name == "del_10" || $field_name == "sub_code_10" || $field_name == "sub_10") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_11" || $field_name == "del_11" || $field_name == "sub_code_11" || $field_name == "sub_11") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_12" || $field_name == "del_12" || $field_name == "sub_code_12" || $field_name == "sub_12") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_13" || $field_name == "del_13" || $field_name == "sub_code_13" || $field_name == "sub_13") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_14" || $field_name == "del_14" || $field_name == "sub_code_14" || $field_name == "sub_14") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_15" || $field_name == "del_15" || $field_name == "sub_code_15" || $field_name == "sub_15") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_16" || $field_name == "del_16" || $field_name == "sub_code_16" || $field_name == "sub_16") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_17" || $field_name == "del_17" || $field_name == "sub_code_17" || $field_name == "sub_17") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_18" || $field_name == "del_18" || $field_name == "sub_code_18" || $field_name == "sub_18") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_19" || $field_name == "del_19" || $field_name == "sub_code_19" || $field_name == "sub_19") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "del_code_20" || $field_name == "del_20" || $field_name == "sub_code_20" || $field_name == "sub_20") { $email_message .=$this_val."_"."_"."_"; } elseif ($field_name == "return1" || $field_name == "return2" || $field_name == "return3" || $field_name == "return4" || $field_name == "return5" || $field_name == "return6" || $field_name == "return7" || $field_name == "return8" || $field_name == "return9" || $field_name == "return10" || $field_name == "return11" || $field_name == "return12" || $field_name == "return13" || $field_name == "return14" || $field_name == "return15" || $field_name == "return16" || $field_name == "return17" || $field_name == "return18" || $field_name == "return19" || $field_name == "return20") { $email_message .= "\n\n"; } else { $email_message .= "(".$this_val.") ".$field_name."\n\n"; } } } if($is_naughty) { if($accept_suspected_hack == "yes") { // continue } else { // pretend the email was sent header("Location: $redirect_to"); die(); } $email_subject = $email_suspected_spam; } $newMsg = str_replace("_", " ", $email_message); // create email headers $headers = 'From: '.$email_from."\r\n" . 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); // send the email @mail($email_it_to, $email_subject, $newMsg, $headers); // redirect header("Location: $redirect_to"); die(); } } else { echo "register globals may be on, please switch this setting off (look at php.net for details, specificall ini_set() function )"; } ?> Honestly, I have no idea what this stuff means, but would really like to learn
-
Let me start by saying I am a complete n00b and have no idea what Im doing, so i thank you for your patience in advnace. I am working with a PHP form that my client uses for a order form. It's been very simple and straight forward so far. Ok, so there are 4 input text boxes on the same line. My client would like the email sent to be formatted like the website, but the code I had was placing a line break after each field. I figured out how to get the 4 fileds to be sent on the same line in the PHP email, but in doing so I have 20 or so line breaks. One for each row of input fields. I would like some sort of conditional statement, that said if last field value of the row is "" then don't insert the line break, but if there is a value insert the line break. I used a hidden input field called return1, return2 .. etc ( yes I put 20 of them i there) Anyways I probably didn't explain that corectly, and I knw i'm not doing this the best way. But as a very new beginner at PHP this stuff gets pretty confusing. the site is http://richplanfoodsinc.com/openOrder/form.php Thanks, Ash
-
how long are you having to wait?
-
wouldn't you just use foreach then?
-
2 cents from a php n00b but, I use crimson editor for all my text editing. Just the one I used when I first started. Love it.
-
[SOLVED] Info on one page but not another
arwvisions replied to arwvisions's topic in PHP Coding Help
Perfect!! thanks so much -
I have an include menu that is the same one all pages, but I would like the add some info to the menu only on the about us page. How would I do this?
-
let me start by saying Im pretty much a n00b and any help is greatly appreciated. I am using xcart which allows for the admin to assign dynamic speed bar menu items. I want the menu tab for the current page to be a different color that the other links. similar to the menu on this site. I figured I could use some javascript to store which link was clicked then match that to the code outputted by the smarty below. My question is how do I capture which link was clicked then recall and compare it to the links outputted later. the smarty code is below. {if $speed_bar} <td valign="middle" align="right"> <table cellpadding="0" cellspacing="0" align="right"> <tr> {section name=sb loop=$speed_bar} {if $speed_bar[sb].active eq "Y"} <td valign="middle" height="25px"><div>{include file="customer/tab.tpl" tab_title="<a href=\"`$speed_bar[sb].link`\">`$speed_bar[sb].title`</a>"}</div></td> {/if} {/section} </tr> </table> </td> {/if}
-
I know it was a n00b question but thank you. Worked perfect.
-
When I get the info from my form it includes underscore in the field names. 6_Boneless_Ribeye_Steaks_12_oz Is there a way to have the variable sent like this? 6 Boneless Ribeye Steaks 12 oz with out the underscores? Thx Ash
-
Ok I have a form that asks the question are you a US citizen. The client wants yes or no and wants is mandatory. The form Im using already has an onsubmit call. Can I put more than one onsubmit call on a form?
-
I am using free contact form and want to validate whether a radio button is checked in a group. Here is the validation.js. Any suggestions? function $$(id) { try { var tmp = document.getElementById(id).value; } catch(e) { alert("Field " + id + " does not exist!\nvalidation is configured on a field with no ID"); return false; } if(tmp == "") { alert("Field " + id + " cannot be empty"); return false; } return tmp; } var required = { field : [], add : function(name, type) { this.field[this.field.length] = [name,type]; }, out : function() { return this.field; } } var validate = { check : function() { var tmp; // loop all required fields for(var i=0; i<required.field.length; i++) { // check the form field exists this.tmp = $$(required.field[i][0]); if(this.tmp) { if(this.checkit(required.field[i][0],required.field[i][1])) { // validated okay } else { alert("Field "+required.field[i][0]+" not valid\n"); document.getElementById(required.field[i][0]).focus(); return false; } } else { try { document.getElementById(required.field[i][0]).focus(); } catch(e) { } return false; } } // for return true; }, checkit : function(value,type) { exp : ''; switch(type) { case "NOT_EMPTY": if(this.trim($$(value)).length < 1) { return false; } else { return true; } break; case "ALPHA": exp = /^[A-Za-z]+$/; if($$(value).match(exp)==null) { return false; } else { return true; } break; case "ALPHASPACE": exp = /^[A-Za-z ]+$/; if($$(value).match(exp)==null) { return false; } else { return true; } break; case "NUMERIC": exp = /^[0-9]+$/; if($$(value).match(exp)==null) { return false; } else { return true; } break; case "NUMERICPLUS": exp = /(^-*\d+$)|(^-*\d+\.\d+$)/; if($$(value).match(exp)==null) { return false; } else { return true; } break; case "ALPHANUM": exp = /^[a-zA-Z0-9]+$/; if($$(value).match(exp)==null) { return false; } else { return true; } break; case "ALPHANUMSPACE": exp = /^[a-zA-Z0-9 ]+$/; if($$(value).match(exp)==null) { return false; } else { return true; } break; case "EMAIL": exp = /^[a-zA-Z0-9._%-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/; if($$(value).match(exp)==null) { return false; } else { return true; } break; case "YYYYMMDD": exp = /^(19|20)[0-9][0-9][- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])$/; if($$(value).match(exp)==null) { return false; } else { return true; } break; case "DDMMYYYY": exp = /^(0[1-9]|[12][0-9]|3[01])[- /.](0[1-9]|1[012])[- /.](19|20)[0-9][0-9]$/; if($$(value).match(exp)==null) { return false; } else { return true; } break; case "MMDDYYYY": exp = /^(0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])[- /.](19|20)[0-9][0-9]$/; if($$(value).match(exp)==null) { return false; } else { return true; } break; default: exp = new RegExp(type); if($$(value).match(exp)==null) { return false; } else { return true; } } // switch }, trim : function(s) { return s.replace(/^\s+/, '').replace(/\s+$/, ''); } } function $val(id) { return document.getElementById(id); } function trim(id) { $val(id).value = $val(id).value.replace(/^\s+/, '').replace(/\s+$/, '');
-
[SOLVED] free contact form vs PHP Version 3.0.14
arwvisions replied to arwvisions's topic in Third Party Scripts
Thought so.. Thanks for you help. I will find another alternative. -
[SOLVED] free contact form vs PHP Version 3.0.14
arwvisions replied to arwvisions's topic in Third Party Scripts
It's not my call. I have no control over it. The site is hosted on a very old server with the telephone company and they won't upgrade. I know it ridiculous. Just thought I'd ask -
I installed free contact form on a site using PHP Version 3.0.14 and the script failed. I get the following error. Fatal error: Call to unsupported or undefined function array_search() in config.php on line 121 Here is the contents of the config.php Can this be changed to work with 3.0.14 <?php // error_reporting(E_ALL); // uncomment this to show errors // ini_set('display_errors', '1'); // uncomment this to show errors /* Author: Stuart Cochrane URL: www.freecontactform.com Email: stuartc1@gmail.com Date: 26th July 2007 Version: 3.0 Beta 2 Updates: Additional protection from human compromise License: Free to use and edit, but all comments and must remain intact. Link to author website MUST remain - unless you have purchased the rights to remove it!! - see README file for details. ALSO READ installation.txt for install details and change log */ /* THIS IS YOUR CONFIGURATION FILE PLEASE ONLY EDIT THE PARTS WHICH ARE INDICATED */ // script name of your contact form $form_page_name = "form.php"; /* where to send emails to */ $email_it_to = "blakeb@shibuminet.com"; // email subject line $email_subject = "Contact Us Form"; // email subject line - used on suspected form hack attempts // for example, if someone enters HTML or scripts into the form - it will be removed // if you choose to receive these cleaned up emails, you can set the subject line // this lets you filter them out in your email client or mail server $email_suspected_spam = "*SUSPECT Contact Us Form"; // do you wish to receive emails which had HTML or SCRIPTS (code will be stripped)? $accept_suspected_hack = "no"; // change to "no" to silently reject // success page - the page the user gets when the form is successful $success_page = "thankyou.php"; // OR // if you prefer to have the user sent back to the contact form (with a confirmation message shown) $send_back_to_form = "yes"; // change to "no" to redirect to above $success_page // failure page - can be html or php (use php if you want to show actual error message, see next declaration) $failure_page = "form_error.php"; // do you want to receive an error messaage passed into your failure page $failure_accept_message = "yes"; // if $send_back_to_form is set to "yes", set your confirmation message bellow $confirmation_message = "Thank you, we have received your message and will be in touch if required."; /* your secret unique code used as part of our encryption */ // please edit the values within the double quotes. // only use a-zA-Z0-9, other characters have been found to cause problems // keep the string length to 3,6,9 or 12 characters long $mkMine = "D9ot4yUjgEr3"; /* ONLY EDIT BELOW HERE IF YOU HAVE SOME PHP/PROGRAMMING EXPERIENCE */ if(phpversion() < "5.1") { // date setting should be fine } else { // feel free to edit the value as desired date_default_timezone_set('UTC'); } /* your unique question and answer section */ // if you want to keep the default random maths questions // just leave the next few lines as they are. $rnumA = rand(0,9); $rnumB = rand(0,9); // if you want to create your own custom question and answer // edit the two lines below. $question = "$rnumA plus $rnumB?"; $answer = $rnumA+$rnumB; class encdec { // __construct function encdec() { $this->cseta = $this->charset_a(); $this->csetb = $this->charset_b(); } // public function encrypt($s) { $s = str_replace(" ", "", $s); $s = base64_encode(trim($s)); $a = $this->charset_a(); $b = $this->charset_b(); $len = strlen($s); $new = ""; for($i=0; $i < $len; $i++){ $new .= $b[array_search($s[$i],$a)]; } return $new; } // public function decrypt($s) { $a = $this->charset_a(); $b = $this->charset_b(); $len = strlen($s); $new = ""; for($i=0; $i < $len; $i++){ $new .= $a[array_search($s[$i],$b)]; } return trim(base64_decode($new)); } // protected function charset_a() { return array("a","b","c","j","7","8","9","A","B", "G","H","o","p","q","r","s","t","u","h","i","Q", "R","S","C","k","l","m","n","6","T","D","E","F", "U","V","W","X","Y","Z","v","w","x","y","z","0", "1","2","3","4","5","I","J","K","L","M","N","O", "P","d","e","f","g","=","*"); } // protected function charset_b() { return array("G","H","o","p","z","q","r","s","t", "1","2","3","4","5","I","J","K","L","M","N","O", "u","h","i","Q","R","S","C","k","l","m","n","6", "0","P","d","e","f","g","T","D","E","F","a","b", "c","j","7","8","9","A","B","U","V","W","X","Y", "Z","v","w","x","y","*","="); } } /* // PHP 5 version - comment out the above class and use this one if you have PHP 5 class encdec { private $cseta; private $csetb; function __construct() { $this->cseta = $this->charset_a(); $this->csetb = $this->charset_b(); } public function encrypt($s) { $s = str_replace(" ", "", $s); $s = base64_encode(trim($s)); $a = $this->cseta; $b = $this->csetb; $len = strlen($s); $new = ""; for($i=0; $i < $len; $i++){ $new .= $b[array_search($s[$i],$a)]; } return $new; } public function decrypt($s) { $a = $this->cseta; $b = $this->csetb; $len = strlen($s); $new = ""; for($i=0; $i < $len; $i++){ $new .= $a[array_search($s[$i],$b)]; } return trim(base64_decode($new)); } protected function charset_a() { return array("a","b","c","j","7","8","9","A","B", "G","H","o","p","q","r","s","t","u","h","i","Q", "R","S","C","k","l","m","n","6","T","D","E","F", "U","V","W","X","Y","Z","v","w","x","y","z","0", "1","2","3","4","5","I","J","K","L","M","N","O", "P","d","e","f","g","=","*"); } protected function charset_b() { return array("G","H","o","p","z","q","r","s","t", "1","2","3","4","5","I","J","K","L","M","N","O", "u","h","i","Q","R","S","C","k","l","m","n","6", "0","P","d","e","f","g","T","D","E","F","a","b", "c","j","7","8","9","A","B","U","V","W","X","Y", "Z","v","w","x","y","*","="); } } */ $e = new encdec; // pass the answer into the function below $answer_pass = $e->encrypt($answer); $mkNow = date("YmdHi"); $enc = $e->encrypt($mkNow)."::".$e->encrypt($mkMine); function valEncStr($s,$m) { $sides = explode("::", $s); $f = new encdec; $sides[0] = $f->decrypt($sides[0]); $sides[1] = $f->decrypt($sides[1]); if(!count($sides) == 2) { $error = "String invalid!"; } // compare date/time $plTime = date("YmdHi",mktime(date("H"),date("i")+60)); $msTime = date("YmdHi",mktime(date("H"),date("i")-60)); if($sides[0] > $plTime || $sides[0] < $msTime) { $error = "Date not valid!"; } // compare custom word if(!$m == $sides[1]) { $error = "words do not match!"; } if(isset($error)) { return $error; } else { return true; } } ?>