website permissions.

[Love2c0de]

Good evening.

 

Having some problems with a contact form on my page. Not sure if it's a permissions problem and/or a .htaccess problem.

 

Everything works fine on every page that I have apart from when I submit the contact form.

 

I've managed to work out that my code successfully get's to the echo just before require statement which is supposed to insert the data into a database.

 

Here is my form:

 

<form method="post" action="">
    <fieldset>
        <legend>TSPV-Websites</legend>
        
        <p><label for="name">Name:</label><input type="text" id="name" name="name" value="<?php if(isset($_POST['name'])){ echo htmlspecialchars($_POST['name']); } ?>" /> <span>* Required</span></p>
        <p><label for="phone">Phone:</label><input type="text" id="phone" name="phone" value="<?php if(isset($_POST['phone'])){ echo htmlspecialchars($_POST['phone']); } ?>" /> <span>* Required</span></p>
        <p><label for="email">Email:</label><input type="text" id="email" name="email" value="<?php if(isset($_POST['email'])){ echo htmlspecialchars($_POST['email']); } ?>" /></p>
        <p><label for="referrer">Referrer:</label>
            <select name="referrer" id="referral_list">
                <option name="default">Choose an option...</option>
                <option name="search_engine">Search Engine</option>
                <option name="facebook">Facebook</option>
                <option name="twitter">Twitter</option>
                <option name="friend">Friend</option>
                <option name="other">Other</option>
            </select>
        </p>
        <p><label class="last_label" for="comments">Comments:</label><textarea name="comments" rows="7" cols="35"><?php if(isset($_POST['comments'])){ print($_POST['comments']); } ?></textarea></p>
        <p class="form_btns"><input type="submit" value="Send" /><input type="reset" value="Clear" /></p>
    </fieldset>
    
</form>

 

Here is my process code:

//Process the contact form

if(isset($_POST['name']))
{
    foreach($_POST as &$v)
    {
        $v = trim($v);
    }
    
    
    if($_POST['name'] == "" || $_POST['phone'] == "")
    {
        $error = "<span class='error'>Please fill in both required (*) fields.</span>";
    }
    
    //replace non numeric characters with an empty string.
    $_POST['phone'] = preg_replace('/[^0-9]/', '', $_POST['phone']);
    
    //check length of string after replace function.
    $len = strlen($_POST['phone']);
    
    if($len < 10 || $len > 11)
    {
        if(isset($error))
        {
            $error = str_replace("</span>"," ",$error);
            $error .= "<br />Please enter a valid number</span>";
        }
        else
        {
            $error = "<span class='error'>Please enter a valid number.</span>";
        }    
    }
    
    if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
    {
        if(isset($error))
        {
            $error = str_replace("</span>"," ",$error);
            $error .= "<br />Please enter a valid email</span>";
        }
        else
        {
            $error = "<span class='error'>Please enter a valid email.</span>";
        }        
    }
    
    if(!isset($error))
    {
        //no errors, we have required data - continue
        echo "dasdsa";
        //require("core/queries/insert_contact.php");
    
    }
    
}

 

My insert_contact.php script looks like this:

<?php
require("./set_vars.php");

$date = date("Y-m-d", time());
echo $date;
$conn = new mysqli($host,$user,$pass,$db) or die("Error creating connection.");
$stmt = $conn->prepare("INSERT INTO contact ("name","phone","email","referrer","comments","date") VALUES(?,?,?,?,?,?) ") or die("Error preparing.");

$stmt->bind_param("", $POST_['name'], $_POST['phone'], $_POST['email'], $_POST['referrer'], $_POST['comments'], $date);

$stmt->execute();

?>

and my .htaccess looks like this:

RewriteEngine on
RewriteBase /
RewriteRule ^/?([a-zA-Z_]+)$ index.php?page=$1 [L]

When I remove the comment on the require() line, it takes me to a blank white page, the <title> or nothing is loaded and in Firebug's console, it is giving me a 500 internal server error.

 

I've changed permissions around and it's not working so I'm really stuck as to what it could be.

 

Anyone encountered this problem before?

 

Thanks for your time.

 

Kind regards,

 

L2c.

[mac_gyver]

please, for the love of coding, set php's error_reporting to E_ALL and display_errors to ON in your php.ini to get php to help you.

 

you have a fatal php parse error in your insert_contact.php due to using double-quotes within a double-quoted string.

[Love2c0de]

I'm guessing you mean within the query string? I've changed the column names from double to single and it is still doing the same thing.

 

I believe I have all the permissions set correctly now after researching it.

 

I've tried turning error_reporting and display_errors both on but it doesn't seem to be showing me an error.

 

After changing the quotes to single quotes I no longer get the 500 error but it's still not loading.

 

Kind regards,

 

L2c.

[kicken]

Check your server's error log file. Likely you have a setup where errors get sent to a log file rather than displayed on screen. It happens on some CGI setups.

[Love2c0de]

Checked the logs and it was to do with the required statement within the insert_contact.php script.

 

Thanks very much for all the feedback everyone.

 

Kind regards,

 

L2c.