SteeleyDen Posted April 14, 2008 Share Posted April 14, 2008 Hello, I`m a complete beginner, I`ve created a brochure request page which sends the info to sendmail.php below and in turn sends a thankyou.html file to the requester. The desired Result in the thankyou.php page is : Hello Mr. Brown The Actual Result is : Hello title Mr. surname Brown is the problem the title=$title&surname=$surname shown in the sendmail location part or, the $_GET["title"] shown in the thankyou.php code. Sendmail.php document <?php $title = "title: " . $_REQUEST['title'] . chr(13) ; $christianname = "christian name: " . $_REQUEST['christianname'] . chr(13) ; $surname = "surname: " . $_REQUEST['surname'] . chr(13) ; $company = "company: " . $_REQUEST['company'] . chr(13) ; $street = "street: " . $_REQUEST['street'] . chr(13) ; $town = "town: " . $_REQUEST['town'] . chr(13) ; $county = "county: " . $_REQUEST['county'] . chr(13) ; $postcode = "postcode: " . $_REQUEST['postcode'] . chr(13) ; $tel = "tel: " . $_REQUEST['tel'] . chr(13) ; $fax = "fax: " . $_REQUEST['fax'] . chr(13) ; $select = "select " . $_REQUEST['select'] . chr(13) ; $message = "message: " . $_REQUEST['message'] . chr(13) ; mail( "xxxxxxx@xxxxxxx.co.uk", "Feedback Form Results", $title . $christianname . $surname . $company . $street . $town . $county . $postcode . $tel . $fax . $select . $message, "From: $email" ); header( "Location: http://ccgi.xxxxxxx.xxxxxxxxx.co.uk/cgi-bin/thankyou.php?title=$title&surname=$surname" ); ?> thankyou.php document Hello <?php echo $_GET["title"] . ". " . $_GET["surname"];?> Any help at all would be great Thanks, Chris Quote Link to comment Share on other sites More sharing options...
GingerRobot Posted April 14, 2008 Share Posted April 14, 2008 That would be because $title contains the text 'title'. You need to be passing the original title: header( "Location: http://ccgi.xxxxxxx.xxxxxxxxx.co.uk/cgi-bin/thankyou.php?title=".$_REQUEST['title']."&surname=".$_REQUEST['surname']); You may wish to consider validating your data. At present, a malicious user may be able to use your thank you emailer to send spam from your server. Quote Link to comment Share on other sites More sharing options...
SteeleyDen Posted April 14, 2008 Author Share Posted April 14, 2008 Thank you very much indeed, I`ll just try that now. And yes I am going to attempt to protect the data next hopefully (!?!?), once i`ve had a flick through the forums to see how to do it. Thanks again. Chris Quote Link to comment Share on other sites More sharing options...
SteeleyDen Posted April 14, 2008 Author Share Posted April 14, 2008 Forbidden You don't have permission to access /cgi-bin/ on this server. This message appears now. Is this because I haven`t validated my data as you mentioned ?? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.