tripleaaa Posted May 27, 2007 Share Posted May 27, 2007 Hope some can help I'm using a form genretor. I hv 2 service providers. 1 provider it works, but for the other its owned by a non-profit origization: I create the form, link below. Dont fill out the for and hit submit. The provider is valuweb and they dont seem to know hat the problem is. Im not a guru and stubled by this As I was trying to add a Credit Card input field but doens't work. see message I get below. Where it goes to a bin folder where the provider says it not even there and when I look at the 3 files generated does not show it either, can someone try to help pls. This is the link: http://www.poverello.org/test/ccform/ini/20070525-72a6.php and this is the message: "Security Alert! The PHP CGI cannot be accessed directly. This PHP CGI binary was compiled with force-cgi-redirect enabled. This means that a page will only be served up if the REDIRECT_STATUS CGI variable is set, e.g. via an Apache Action directive. For more information as to why this behaviour exists, see the manual page for CGI security. For more information about changing this behaviour or re-enabling this webserver, consult the installation file that came with this distribution, or visit the manual page." Can somone assist me what to do since i'm not a programmer. I hv another form runnig on the web site and maybe I can use this where there are 2 files config.php and contact.php and maybe add the input for Credit Card and put some kind of validation on it. boo hoo on working this all weekened and can't get. hope someone is there knows this. tks Quote Link to comment Share on other sites More sharing options...
dj-kenpo Posted May 27, 2007 Share Posted May 27, 2007 you'll have to post some code I think, as it's hard to see what's happening behind the scenes. php code is not viewable on a website, so perhaps your variable is wrong, or anything. one host may use php4, the other php5, etc.. not enough to go on. and how are you accepting credit card numbers? if you're just sending them to a dataase it could be a HUGE security risk. Quote Link to comment Share on other sites More sharing options...
tripleaaa Posted May 27, 2007 Author Share Posted May 27, 2007 There are 3 fies: 1. 20070525-72a6.ini esh_formmail_domainname esh_formmail_description Poverello Fundraising Web Page esh_formmail_field_nums 20 esh_formmail_recipient email esh_formmail_subject Poverello Fund Raising Web Page esh_formmail_filename esh_formmail_redirect esh_formmail_return_msg Dear Donor,<!--esh_newline-->We have received your contact from Poverello Fundraising Web Page.<!--esh_newline-->We will respond to you asap to the email you provided with your web page link.<!--esh_newline-->Till then, if you have any questions please emaill us back with any changes you might have to webmaster@poverello.org. <!--esh_newline--><!--esh_newline-->We thank you for your contact.<!--esh_newline-->Poverello Fundraising Center<!--esh_newline--> esh_formmail_return_subject Poverello Fundraising Web Page esh_formmail_mail_and_file esh_formmail_save_record_file webpage esh_formmail_charset esh_form_layout First Name First_Name Text Please enter your First Name Required Last Name Last_Name Text Please enter your Last Name Required Business or Organization Name Bus_Name Text Please enter your Business or Organization Name Required Address Address1 Text Please enter your Address Required Address Address2 Text City City Text Please enter your City Required State State Text Please enter your State Required Zip Code Zip_Code Text Please enter your Zip Code Required Home Phone Home_Phone Text Please enter your Home Phone Required Businees Phone Businees_Phone Text Email Email Sender's email Please enter your Email Required Your Web Page name Web_Name Text Please enter your Web Page Name Required Target Fundraising ($) Amount Target Text Please enter your Fundraising Target Required Your Personal Message P_Message TextArea Please enter your Personal Message Required Note to the Web Designer W_Designer TextArea Image Profile Upload P_Upload Attachment Please enter your Image Profile Required 2. 20070525-72a6.lib.php <? define( "ADMIN_MAIL", "s6software@users.sourceforge.net" ); // bug report email define( "HOST_NAME", getEnv( "HTTP_HOST" ) ); define( "PHP_SELF", getEnv( "SCRIPT_NAME" ) ); define( "ERR_MISSING", "Missing required field : " ); define( "ERR_EMAIL", "Please type in a valid e-mail address : " ); define( "ERR_CREDIT_CARD_NUMBER", "Please check the credit card number : " ); define( "ERR_CREDIT_CARD_EXPIRED", "Please check the credit card expiry date : " ); define( "ERR_SELECT_UPLOAD", "Please select upload file : " ); error_reporting( E_ERROR | E_WARNING | E_PARSE ); ?><?php // --- Array of Form Elements --- $form_mail[] = array( "name" => "First_Name", "text" => "First Name", "type" => "text", "required" => "Required" ) ; $form_mail[] = array( "name" => "Last_Name", "text" => "Last Name", "type" => "text", "required" => "Required" ) ; $form_mail[] = array( "name" => "Bus_Name", "text" => "Business or Organization Name", "type" => "text", "required" => "Required" ) ; $form_mail[] = array( "name" => "Address1", "text" => "Address", "type" => "text", "required" => "Required" ) ; $form_mail[] = array( "name" => "Address2", "text" => "Address", "type" => "text", "required" => "" ) ; $form_mail[] = array( "name" => "City", "text" => "City", "type" => "text", "required" => "Required" ) ; $form_mail[] = array( "name" => "State", "text" => "State", "type" => "text", "required" => "Required" ) ; $form_mail[] = array( "name" => "Zip_Code", "text" => "Zip Code", "type" => "text", "required" => "Required" ) ; $form_mail[] = array( "name" => "Home_Phone", "text" => "Home Phone", "type" => "text", "required" => "Required" ) ; $form_mail[] = array( "name" => "Businees_Phone", "text" => "Businees Phone", "type" => "text", "required" => "" ) ; $form_mail[] = array( "name" => "Email", "text" => "Email", "type" => "sender's email", "required" => "Required" ) ; $form_mail[] = array( "name" => "Web_Name", "text" => "Your Web Page name", "type" => "text", "required" => "Required" ) ; $form_mail[] = array( "name" => "Target", "text" => "Target Fundraising ($) Amount", "type" => "text", "required" => "Required" ) ; $form_mail[] = array( "name" => "P_Message", "text" => "Your Personal Message", "type" => "textarea", "required" => "Required" ) ; $form_mail[] = array( "name" => "W_Designer", "text" => "Note to the Web Designer", "type" => "textarea", "required" => "" ) ; $form_mail[] = array( "name" => "P_Upload", "text" => "Image Profile Upload", "type" => "attachment", "required" => "Required" ) ; // -- Detech Submit & SendMail -- $isHideForm = false; if( $HTTP_POST_VARS["formmail_submit"] ){ $sErr = checkPass(); if( ! $sErr ){ sendFormMail( $form_mail, "webpage") ; $isHideForm = true; $redirect = ""; if( strlen(trim($redirect)) ): header( "Location:$redirect" ); exit; endif; } } ?> <? // =============================================== function sendFormMail( $form_mail, $sFileName = "" ) { global $HTTP_POST_VARS ; $to = $HTTP_POST_VARS["esh_formmail_recipient"]; // I don't detect spam at this moment. it's to do list. $from = "online.submit@" . HOST_NAME ; $subject = $HTTP_POST_VARS["esh_formmail_subject"]; // first stage keep it simple: $sWhatToDo = $sFileName ? "mailandfile" : "" ; //$HTTP_POST_VARS["esh_formmail_mail_and_file"]; //$sFileName = $HTTP_POST_VARS["esh_formmail_save_record_file"]; $cc = $HTTP_POST_VARS["esh_formmail_cc"]; $bcc = $HTTP_POST_VARS["esh_formmail_bcc"]; $charset = $HTTP_POST_VARS["esh_formmail_charset"]; for( $i = 0; $i < count( $form_mail ); $i ++ ){ $value = trim( $HTTP_POST_VARS[ $form_mail[ $i ][ "name" ] ] ); $content .= $form_mail[ $i ][ "text" ] . " \t : " . $value ."\n"; $line .= remove_newline( $value ) . "\t" ; if( strtolower("Sender's email") == strtolower($form_mail[ $i ][ "type" ]) ) { //print "Type:[" . $form_mail[ $i ][ "type" ] . "] $value <br>\n"; $from = $value ; } }; $content .= "\n\nIP:" . getEnv( "REMOTE_ADDR" ); switch( strtolower($sWhatToDo) ){ case "mailandfile" : mailAttachments( $to , $subject , $content, $from, $charset, $cc , $bcc ) ; if( ! appendToFile( $sFileName, $line ) ) mailReport( $content . "\n\nWrite Form Mail to File Fail." ); break; case "fileonly" : if( ! appendToFile( $sFileName, $line ) ) mailReport( $content . "\n\nWrite Form Mail to File Fail.", $from ); break; default : mailAttachments( $to , $subject , $content, $from, $charset, $cc , $bcc ) ; } mailAutoResponse( $from ) ; } //------------------------------------------------------------------------------------------ function mailAutoResponse( $to ){ global $HTTP_POST_VARS ; $subject = $HTTP_POST_VARS["esh_formmail_return_subject"]; $responseMsg = $HTTP_POST_VARS["esh_formmail_return_msg"]; if( $to && $responseMsg ) mail( $to, $subject, $responseMsg, "From: " . $HTTP_POST_VARS["esh_formmail_recipient"] ); } //------------------------------------------------------------------------------------------ function mailReport( $content = "", $from = "" ){ mail( ADMIN_MAIL, "Error@" . HOST_NAME . PHP_SELF, $content, "From:$from" ); } //------------------------------------------------------------------------------------------ function remove_newline( $str = "" ){ $newliner = "<!--esh_newline-->" ; // replace \r\n with $newliner ; $newtaber = "<!--esh_newtaber-->" ; // replace \t with $newtaber ; $str = ereg_replace( "\t", $newtaber, $str ); $str = ereg_replace( "\r\n", $newliner, $str ); return ereg_replace( "\n", $newliner, $str ); } //------------------------------------------------------------------------------------------ function checkPass() { global $form_mail ; global $HTTP_POST_VARS ; global $HTTP_POST_FILES ; for( $i = 0; $i < count( $form_mail ); $i ++ ){ $type = strtolower( $form_mail[ $i ][ "type" ] ); $value = trim( $HTTP_POST_VARS[ $form_mail[ $i ][ "name" ] ] ); $required = $form_mail[ $i ][ "required" ] ; $text = stripslashes( $form_mail[ $i ][ "text" ] ); // simple check the field has something keyed in. if( !strlen($value) && ( $required == "Required" ) && $type != "attachment" ) return ERR_MISSING . $text ; // verify the special case if( ( strlen($value) || $type == "attachment" ) && $required == "Required" ): switch( $type ){ case strtolower("Sender's Name") : break; case strtolower("Generic email"): case strtolower("Sender's email"): if( ! formIsEMail($value) ) return ERR_EMAIL . $text ; break; case "text" : break; case "textarea" : break; case "checkbox" : case "radio" : break; case "select" : break; case "attachment" : $upload_file = $HTTP_POST_FILES[ $form_mail[ $i ]["name"] ][ "tmp_name" ] ; if( ! is_uploaded_file($upload_file) ) return ERR_SELECT_UPLOAD . $text; break; case strtolower("Date(MM-DD-YYYY)"): break; case strtolower("Date(MM-YYYY)"): break; case strtolower("CreditCard(MM-YYYY)"): if( $value < date("Y-m") ) return ERR_CREDIT_CARD_EXPIRED . $text; break; case strtolower("CreditCard#"): if( !formIsCreditNumber( $value ) ) return ERR_CREDIT_CARD_NUMBER . $text ; break; case strtolower("Time(HH:MM:SS)"): break; case strtolower("Time(HH:MM)"): break; default : //return $sErrRequired . $form_mail[ $i ][ "text" ]; } // switch endif; } // for return "" ; } //------------------------------------------------------------------------------------------ function formSelected( $var, $val ) { echo ( $var == $val ) ? "selected" : ""; } //------------------------------------------------------------------------------------------ function formChecked( $var, $val ) { echo ( $var == $val ) ? "checked" : ""; } //------------------------------------------------------------------------------------------ function formIsEMail( $email ){ return ereg( "^(.+)@(.+)\\.(.+)$", $email ); } //------------------------------------------------------------------------------------------ function selectList( $name, $selectedValue, $start, $end, $prompt = "-Select-", $style = "" ) { $tab = "\t" ; print "<select name=\"$name\" $style>\n" ; print $tab . "<option value=''>$prompt</option>\n" ; $nLen = strlen( "$end" ) ; $prefix_zero = str_repeat( "0", $nLen ); for( $i = $start; $i <= $end ; $i ++ ){ $stri = substr( $prefix_zero . $i, strlen($prefix_zero . $i)-$nLen, $nLen ); $selected = ( $stri == $selectedValue ) ? " selected " : "" ; print $tab . "<option value=\"$stri\" $selected >$stri</option>\n" ; } print "</select>\n\n" ; } //------------------------------------------------------------------------------------------ // something like CreditCard.pm in perl CPAN function formIsCreditNumber( $number ) { $tmp = $number; $number = preg_replace( "/[^0-9]/", "", $tmp ); if ( preg_match( "/[^\d\s]/", $number ) ) return 0; if ( strlen($number) < 13 && 0+$number ) return 0; for ($i = 0; $i < strlen($number) - 1; $i++) { $weight = substr($number, -1 * ($i + 2), 1) * (2 - ($i % 2)); $sum += (($weight < 10) ? $weight : ($weight - 9)); } if ( substr($number, -1) == (10 - $sum % 10) % 10 ) return $number; return $number; } // -------------------------- Begin Mail Attachment Functions ----------------------------------------------------------------- function mailAttachments( $to = "" , $subject = "" , $message = "" , $from = "support@lynx.net" , $charset = "iso-8859-1", $cc = "" , $bcc = "" ){ global $HTTP_POST_FILES ; if( ! strlen( trim( $to ) ) ) return "Missing \"To\" Field." ; $boundary = "====_My_PHP_Form_Generator_" . md5( uniqid( srand( time() ) ) ) . "===="; // setup mail header infomation $headers = "From: $from\r\n"; if ($cc) $headers .= "CC: $cc\r\n"; if ($bcc) $headers .= "BCC: $bcc\r\n"; $plainHeaders = $headers ; // for no attachments header $headers .= "MIME-Version: 1.0\nContent-type: multipart/mixed;\n\tboundary=\"$boundary\"\n"; $txtMsg = "\nThis is a multi-part message in MIME format.\n" . "\n--$boundary\n" . "Content-Type: text/plain;\n\tcharset=\"$charset\"\n\n" . $message . "\n"; //create mulitipart attachments boundary $sError = "" ; $nFound = 0; foreach( $HTTP_POST_FILES as $aFile ){ $sFileName = $aFile[ "tmp_name" ] ; $sFileRealName = $aFile[ "name" ] ; if( is_file( $sFileName ) ): if( $fp = fopen( $sFileName, "rb" ) ) : $sContent = fread( $fp, filesize( $sFileName ) ); $sFName = basename( $sFileRealName ) ; $sMIME = getMIMEType( $sFName ) ; $bPlainText = ( $sMIME == "text/plain" ) ; if( $bPlainText ) : $encoding = "" ; else: $encoding = "Content-Transfer-Encoding: base64\n"; $sContent = chunk_split( base64_encode( $sContent ) ); endif; $sEncodeBody .= "\n--$boundary\n" . "Content-Type: $sMIME;\n" . "\tname=\"$sFName\"\n" . $encoding . "Content-Disposition: attachment;\n" . "\tfilename=\"$sFName\"\n\n" . $sContent . "\n" ; $nFound ++; else: $sError .= "<br>File $sFileName can not open.\n" ; endif; // if( $fp = fopen( $sFileName, "rb" ) ) : else: $sError .= "<br>File $sFileName doesn't exist.\n" ; endif; //if( file_exists( $sFileName ) ): }; // end foreach $sEncodeBody .= "\n\n--$boundary--" ; $sSource = $txtMsg . $sEncodeBody ; $nFound ? mail( $to, $subject, $sSource, $headers ) : mail( $to, $subject, $message, $plainHeaders ); return $sError ; } /* --------------------------------------------------------------------------------------------------- Parameters: $sFileName Return : 1. "" : no extendsion name, or sFileName is empty 2. string: MIME Type name of array aMimeType's definition. ---------------------------------------------------------------------------------------------------*/ function getMIMEType( $sFileName = "" ) { $sFileName = strtolower( trim( $sFileName ) ); if( ! strlen( $sFileName ) ) return ""; $aMimeType = array( "txt" => "text/plain" , "pdf" => "application/pdf" , "zip" => "application/x-compressed" , "html" => "text/html" , "htm" => "text/html" , "avi" => "video/avi" , "mpg" => "video/mpeg " , "wav" => "audio/wav" , "jpg" => "image/jpeg " , "gif" => "image/gif" , "tif" => "image/tiff " , "png" => "image/x-png" , "bmp" => "image/bmp" ); $aFile = split( "\.", basename( $sFileName ) ) ; $nDiminson = count( $aFile ) ; $sExt = $aFile[ $nDiminson - 1 ] ; // get last part: like ".tar.zip", return "zip" return ( $nDiminson > 1 ) ? $aMimeType[ $sExt ] : ""; } // -------------------------- End Mail Attachment Functions ----------------------------------------------------------------- //------------------------------------------------------------------------------------------ function appendToFile( $sFileName = "", $line = "" ){ if( !$sFileName || !$line ) return 0; $hFile = fopen( "$sFileName", "a+w" ); $nBytes = 0; if( $hFile ){ $nBytes = fputs( $hFile , trim($line)."\r\n" ); fclose( $hFile ); }; return $nBytes ; } ?> 3.20070525-72a6.php <?php include_once( "20070525-72a6.lib.php" ); ?> <html> <head> <title>PHP FormMail Generator - A tool to create ready-to-use web forms in a flash | Demo Template</title> <!-- <meta http-equiv="Content-type" content="text/html; charset=iso-8859-1"> --> <meta name="keywords" content="PHP FormMail Generator, phpFormMailGen, Customize Forms, phpFormMailGenerator,formmail.php, formmail.pl, formMail Generator, PHP, Generator, Backend Tool, phpFormGen, phpFormGenerator, anti-spam, web hosting"> <meta name="description" content="PHP formMail Generator - A tool to ceate ready-to-use web forms in a flash"> <style type='text/css'> .form_title{ color : #000000; font-size: 13px; font-family: verdana, Geneva, Arial, Helvetica, sans-serif; font-weight : bold; } .form_field { font-size : 13px; font-family : Verdana, Arial, Helvetica, sans-serif; color : #474747; font-weight : bold; text-align:left; } .form_text{ font-size : 11px; font-family : Verdana, Arial, Helvetica, sans-serif; color : #000000; } .text_box{ font-size : 11px; font-family : Verdana, Arial, Helvetica, sans-serif; color : #000000; width:200px; } .text_area{ font-size : 11px; font-family : Verdana, Arial, Helvetica, sans-serif; color : #000000; width:200px; height:60px; } .text_select{ font-size : 11px; font-family : Verdana, Arial, Helvetica, sans-serif; color : #000000; } .form_error{ font-size : 11px; font-family : Verdana, Arial, Helvetica, sans-serif; color : #ff0000; font-weight : bold; } .copyright{ font-size : 11px; font-family : Verdana, Arial, Helvetica, sans-serif; color : #000000; } </style> </head> <body marginheight="0" marginwidth="0" leftmargin="0" topmargin="0"> <meta http-equiv="content-type" content="text/html; charset="> <!-- ------------------------ Begin: Your FormMail's Description ------------------------ --> <br><br><br> <table cellspacing='16' cellpadding='0' border='0' align='center' ><tr><td> <font class='form_title'>Poverello Fundraising Web Page</font> </td></tr></table> <!-- ------------------------ End: Your FormMail's Description ------------------------ --> <!-- ======================= Begin: Form Generated By PHP FormMail Generator ======================= --> <?php if( !$isHideForm ): global $sErr ; if( $sErr ) print "<br><a name='error'></a><center><font class='form_error' >$sErr</font></center><br>"; $starColor = $sErr ? "#ff0000" : "#000000"; $style=" class='form_text' "; ?> <form name="frmFormMail" action="<?php print PHP_SELF ?>" method='post' enctype='multipart/form-data'> <input type='hidden' name='formmail_submit' value='Y'> <input type='hidden' name='esh_formmail_recipient' value="EMAIL"> <input type='hidden' name='esh_formmail_subject' value="Poverello Fund Raising Web Page"> <input type='hidden' name='esh_formmail_cc' value=""> <input type='hidden' name='esh_formmail_bcc' value=""> <input type='hidden' name='esh_formmail_return_subject' value="Poverello Fundraising Web Page"> <input type='hidden' name='esh_formmail_return_msg' value="Dear Donor, We have received your contact from Poverello Fundraising Web Page. We will respond to you asap to the email you provided with your web page link. Till then, if you have any questions please emaill us back with any changes you might have to EMAIL. We thank you for your contact. Poverello Fundraising Center "> <input type='hidden' name='esh_formmail_mail_and_file' value=""> <input type='hidden' name='esh_formmail_charset' value=""> <table cellspacing='16' cellpadding='0' border='0' > <tr> <td class="form_field" valign='top' align='right'>First Name </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="text" name="First_Name" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "First_Name" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Last Name </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="text" name="Last_Name" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "Last_Name" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Business or Organization Name </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="text" name="Bus_Name" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "Bus_Name" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Address </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="text" name="Address1" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "Address1" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Address </td><td width='10' aligh='right' valign='top'></td> <td class="form_text"> <input type="text" name="Address2" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "Address2" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>City </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="text" name="City" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "City" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>State </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="text" name="State" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "State" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Zip Code </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="text" name="Zip_Code" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "Zip_Code" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Home Phone </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="text" name="Home_Phone" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "Home_Phone" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Businees Phone </td><td width='10' aligh='right' valign='top'></td> <td class="form_text"> <input type="text" name="Businees_Phone" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "Businees_Phone" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Email </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="sender's email" name="Email" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "Email" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Your Web Page name </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="text" name="Web_Name" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "Web_Name" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Target Fundraising ($) Amount </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="text" name="Target" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "Target" ] ); ?>" class='text_box'> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Your Personal Message </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <textarea name="P_Message" rows=4 cols=25 ><?php print HtmlSpecialChars( $HTTP_POST_VARS[ "P_Message" ] ); ?></textarea> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Note to the Web Designer </td><td width='10' aligh='right' valign='top'></td> <td class="form_text"> <textarea name="W_Designer" rows=4 cols=25 ><?php print HtmlSpecialChars( $HTTP_POST_VARS[ "W_Designer" ] ); ?></textarea> </td> </tr> <tr> <td class="form_field" valign='top' align='right'>Image Profile Upload </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td> <td class="form_text"> <input type="file" name="P_Upload" value="" class='text_box'> </td> </tr> <tr><td colspan=3 align='center'><input type='submit' value='Submit'> <input type='button' value='Cancel' onclick="location.href='/';"></td></tr> </table> </form> <!-- ======================= End: ======================= --> <?php if( $sErr ) print "<script language='javascript' type='text/javascript'>location.href='#error';</script>";;; else: //!$isHideForm print( "<br><br><hr><center><b>Your form has been sent. Thank you.</b><br><br><input type='button' value='Home' onclick=\"location.href='/';\"></center><br><br>" ); endif; //!$isHideForm ?> <!-- -------------------------------------- COPY RIGHT -------------------------------------- --> <br><br><br><br> <div align="right" class='copyright'> <b>Generated by : </b> <a href="http://phpfmg.sourceforge.net" target="_blank">phpFormMail Generator</a> V1.0 - A tool to create ready-to-use web forms in a flash! </div> <br><br><br> </body> </html> hope u can help tks Quote Link to comment Share on other sites More sharing options...
tripleaaa Posted May 27, 2007 Author Share Posted May 27, 2007 by the way no database invloved it gets emailed Quote Link to comment Share on other sites More sharing options...
dj-kenpo Posted May 27, 2007 Share Posted May 27, 2007 you're emailing peoples credit cards? are you serious? do you know how dangerous that is? Quote Link to comment Share on other sites More sharing options...
tripleaaa Posted May 27, 2007 Author Share Posted May 27, 2007 then can you help me and tell me the best way to do this? should I just add a link and hv them send payment through paypal... this is what the organization wanted and I want to explain to them that this is not a safe way of doing it. pls confirm. tks Quote Link to comment Share on other sites More sharing options...
dj-kenpo Posted May 27, 2007 Share Posted May 27, 2007 it's not a safe way, not at all. paypal is a much better solution for small business, it's not seamless, but it has encryption and security. if I was a cusotmer of yours and found you emailing my credit card I'd take you to court. you can always google for answers as to why emailing a credit card number isn't safe and then print them out for the organization. Quote Link to comment Share on other sites More sharing options...
chronister Posted May 27, 2007 Share Posted May 27, 2007 SSL & POST the cc information directly to the CC processor. < still probably not the BEST way, but far more secure than Emailing CC #'s Anytime your dealing with a sensitive piece of information such as this, you really should have SSL (Secure Socket Layer) setup. Yeah, they will have to buy the certificate each year, but a couple hundred bucks or less is better than a LARGE lawsuit because one of these emails were intercepted or the account was hacked. I am building a site that deals with CC information, and I decided that I don't want to have anything to do with that information. Send the customer to another page that is hosted by the CC processor BEFORE they enter the CC info, and let them deal with the security. They specialize in that stuff, I do not. Thats just my 2 cents. Quote Link to comment Share on other sites More sharing options...
tripleaaa Posted May 27, 2007 Author Share Posted May 27, 2007 Guys you are perfectly correct. I will call the org and explain it to them. tks again Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.