this php code is for controlling spammers, organizing the form field entiers, required field entries, and redirect after all is completed correctly.
Could anyone help me make sure I have done this correctly?
Thank you for your help!
form available at
http://quincysworks.com
<?php
$request_method = $_SERVER["REQUEST_METHOD"];
if($request_method == "GET"){
$query_vars = $_GET;
} elseif ($request_method == "POST"){
$query_vars = $_POST;
}
reset($query_vars);
$t = date("U");
$file = $_SERVER['DOCUMENT_ROOT'] . "/../data/gdform_" . $t;
$fp = fopen($file,"w");{
function checkOK($field)
{
if (eregi("\r",$field) || eregi("\n",$field)){
die("Invalid Input!");
}
}
$firstname=$_POST['firstname'];
checkOK($firstname);
$lastname=$_POST['lastname'];
checkOK($lastname);
$phone_no=$_POST['phone_no'];
checkOK($phone_no);
$email=$_POST['email'];
checkOK($email);
$comments=$_POST['comments'];
checkOK($comments);
} else {
echo "There was a problem sending the email. Please check that you use valid entries for each field";
}
$var=<<<TEXT
<GDFORM_VARIABLE NAME=firstname START>
$query_vars['firstname']
<GDFORM_VARIABLE NAME=firstname END>
fputs($fp,$var);
$var=<<<TEXT
<GDFORM_VARIABLE NAME=lastname START>
$query_vars['lastname']
<GDFORM_VARIABLE NAME=lastname END>
fputs($fp,$var);
$var=<<<TEXT
<GDFORM_VARIABLE NAME=phone_no START>
$query_vars['phone_no']
<GDFORM_VARIABLE NAME=phone_no END>
fputs($fp,$var);
$var=<<<TEXT
<GDFORM_VARIABLE NAME=email START>
$query_vars['email']
<GDFORM_VARIABLE NAME=email END>
fputs($fp,$var);
$var=<<<TEXT
<GDFORM_VARIABLE NAME=comments START>
$query_vars['comments']
<GDFORM_VARIABLE NAME=comments END>
fputs($fp,$var);
if ($firstname == "" |$lastname == "" |$phone_no == "" || $email == "" || $comments == "");
} else {
echo "Use the back button and PLEASE fill in all the fields.";
}
if ($key == "redirect") { $landing_page = $val;}
fclose($fp);
if ($landing_page != ""){
header("Location: http://".$_SERVER["HTTP_HOST"]."/$landing_page");
} else {
header("Location: http://".$_SERVER["HTTP_HOST"]."/");
}
?>
