SteeleyDen Posted April 14, 2008 Share Posted April 14, 2008 Hello, I`m a complete beginner, I`ve created a brochure request page which sends the info to sendmail.php below and in turn sends a thankyou.html file to the requester. The desired Result in the thankyou.php page is : Hello Mr. Brown The Actual Result is : Hello title Mr. surname Brown is the problem the title=$title&surname=$surname shown in the sendmail location part or, the $_GET["title"] shown in the thankyou.php code. Sendmail.php document <?php $title = "title: " . $_REQUEST['title'] . chr(13) ; $christianname = "christian name: " . $_REQUEST['christianname'] . chr(13) ; $surname = "surname: " . $_REQUEST['surname'] . chr(13) ; $company = "company: " . $_REQUEST['company'] . chr(13) ; $street = "street: " . $_REQUEST['street'] . chr(13) ; $town = "town: " . $_REQUEST['town'] . chr(13) ; $county = "county: " . $_REQUEST['county'] . chr(13) ; $postcode = "postcode: " . $_REQUEST['postcode'] . chr(13) ; $tel = "tel: " . $_REQUEST['tel'] . chr(13) ; $fax = "fax: " . $_REQUEST['fax'] . chr(13) ; $select = "select " . $_REQUEST['select'] . chr(13) ; $message = "message: " . $_REQUEST['message'] . chr(13) ; mail( "[email protected]", "Feedback Form Results", $title . $christianname . $surname . $company . $street . $town . $county . $postcode . $tel . $fax . $select . $message, "From: $email" ); header( "Location: http://ccgi.xxxxxxx.xxxxxxxxx.co.uk/cgi-bin/thankyou.php?title=$title&surname=$surname" ); ?> thankyou.php document Hello <?php echo $_GET["title"] . ". " . $_GET["surname"];?> Any help at all would be great Thanks, Chris Link to comment https://forums.phpfreaks.com/topic/101065-solved-query-string-help-for-thankyou-page/ Share on other sites More sharing options...
GingerRobot Posted April 14, 2008 Share Posted April 14, 2008 That would be because $title contains the text 'title'. You need to be passing the original title: header( "Location: http://ccgi.xxxxxxx.xxxxxxxxx.co.uk/cgi-bin/thankyou.php?title=".$_REQUEST['title']."&surname=".$_REQUEST['surname']); You may wish to consider validating your data. At present, a malicious user may be able to use your thank you emailer to send spam from your server. Link to comment https://forums.phpfreaks.com/topic/101065-solved-query-string-help-for-thankyou-page/#findComment-516796 Share on other sites More sharing options...
SteeleyDen Posted April 14, 2008 Author Share Posted April 14, 2008 Thank you very much indeed, I`ll just try that now. And yes I am going to attempt to protect the data next hopefully (!?!?), once i`ve had a flick through the forums to see how to do it. Thanks again. Chris Link to comment https://forums.phpfreaks.com/topic/101065-solved-query-string-help-for-thankyou-page/#findComment-516802 Share on other sites More sharing options...
SteeleyDen Posted April 14, 2008 Author Share Posted April 14, 2008 Forbidden You don't have permission to access /cgi-bin/ on this server. This message appears now. Is this because I haven`t validated my data as you mentioned ?? Link to comment https://forums.phpfreaks.com/topic/101065-solved-query-string-help-for-thankyou-page/#findComment-516832 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.