Tycoon Talk
Become a Big fish!
The number 1 forum for online business!
Post topics, ask questions, share your knowledge.
Tycoon Talk is part of Freelancer.com - find skilled workers online at a fraction of the cost.

PHP Forum


You are currently viewing our PHP Forum as a guest. Please register to participate.
Login


Tycoon Talk > Web Development and Programming Support > PHP Forum > Form Help ?

Freelance Jobs

Reply
Form Help ?
Old 07-20-2009, 05:00 AM Form Help ?
GaGa's Avatar
Junior Talker

Posts: 2
Trades: 0
Talkupation: GaGa is on a distinguished road
I was trying to implement this Tutorial into my contact form so i tried to change the sendmail.php file but it still gives me an error about the subject even if i entered a subject, i don`t know why ? can anyone help me plz ?

this is my form

Code:
<html>

<div id="wrapper">

<div class="message"><div id="alert"></div></div>

<div class="contact">
<form action="sendmailexample.php" method="post" id="contactForm">
<ul>
<li>
       <label for="cname"><span>name:<em>*</em></span><input type="text" name="name" id="cname" /></label>
</li>
<li>
       <label for="cemail"><span>email:<em>*</em></span><input type="text" name="email" id="cemail" /></label>
</li>
<li>
       <label for="csubject"><span>subject:<em>*</em></span><input type="text" name="subject" id="csubject" /></label>
</li>
<li> <label for="curl"><span>url:</span><input type="text" name="url" value="http://" id="curl" /></label>
</li>
<li class="special">
<label for="last">Don't fill this in:</label>
<input type="text" name="last" value="" id="last" />
</li>
<li>
<label for="cmessage"><span>message:<em>*</em></span> <textarea name="message" id="cmessage" cols="50" rows="12"></textarea></label>
</li>
<li class="submitbutton">
<input type="submit" value="submit" id="csubmit" class="submit right"/>
</li>
</ul>
</form>
<p>Thanks to Mid Mo Design for the <a href="http://midmodesign.com/news/coding/jquery-ajax-contact-form-with-honeypot/">AJAX Contact Form</a>.</p>
</div>

</div>
and this is the sendmail file after i modified it

Code:
<?php

//        Who you want to recieve the emails from the form. (Hint: generally you.)
$sendto = 'youremail@example.com';

//        The subject you'll see in your inbox
$subject = 'Contact from contact form';

//        Message for the user when he/she doesn't fill in the form correctly.
$errormessage = 'Oops! There seems to have been a problem. May we suggest...';

//        Message for the user when he/she fills in the form correctly.
$thanks = "Thanks for the email! We'll get back to you as soon as possible!";

//        Message for the bot when it fills in in at all.
$honeypot = "You filled in the honeypot! If you're human, try again!";

//        Various messages displayed when the fields are empty.
$emptyname =  'Entering your name?';
$emptyemail = 'Entering your email address?';
$emptysubject = 'Entering a subject?';
$emptymessage = 'Entering a message?';

//       Various messages displayed when the fields are incorrectly formatted.
$alertname =  'Entering your name using only the standard alphabet?';
$alertemail = 'Entering your email in this format: <i>name@example.com</i>?';
$alertsubject = 'You must enter a subject';
$alertmessage = "Making sure you aren't using any parenthesis or other escaping characters in the message? Most URLS are fine though!";

// --------------------------- Thats it! don't mess with below unless you are really smart! ---------------------------------

//Setting used variables.
$alert = '';
$pass = 0;

// Sanitizing the data, kind of done via error messages first. Twice is better! ;-)
function clean_var($variable) {
    $variable = strip_tags(stripslashes(trim(rtrim($variable))));
  return $variable;
}

//The first if for honeypot.
if ( empty($_REQUEST['last']) ) {

    // A bunch of if's for all the fields and the error messages.
if ( empty($_REQUEST['name']) ) {
    $pass = 1;
    $alert .= "<li>" . $emptyname . "</li>";
} elseif ( ereg( "[][{}()*+?.\\^$|]", $_REQUEST['name'] ) ) {
    $pass = 1;
    $alert .= "<li>" . $alertname . "</li>";
}
if ( empty($_REQUEST['email']) ) {
    $pass = 1;
    $alert .= "<li>" . $emptyemail . "</li>";
} elseif ( !eregi("^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,3})$", $_REQUEST['email']) ) {
    $pass = 1;
    $alert .= "<li>" . $alertemail . "</li>";
}
if ( empty($_REQUEST['subject']) ) {
    $pass = 1;
    $alert .= "<li>" . $emptysubject . "</li>";
} elseif ( !ereg( "[][{}()*+?.\\^$|]", $_REQUEST['subject'] ) ) {
    $pass = 1;
    $alert .= "<li>" . $alertsubject . "</li>";
}
if ( empty($_REQUEST['message']) ) {
    $pass = 1;
    $alert .= "<li>" . $emptymessage . "</li>";
} elseif ( ereg( "[][{}()*+?\\^$|]", $_REQUEST['message'] ) ) {
    $pass = 1;
    $alert .= "<li>" . $alertmessage . "</li>";
}

    //If the user err'd, print the error messages.
    if ( $pass==1 ) {

        //This first line is for ajax/javascript, comment it or delete it if this isn't your cup o' tea.
    echo "<script>$(\".message\").hide(\"slow\").show(\"slow\"); </script>";
    echo "<b>" . $errormessage . "</b>";
    echo "<ul>";
    echo $alert;
    echo "</ul>";

    // If the user didn't err and there is in fact a message, time to email it.
    } elseif (isset($_REQUEST['message'])) {
        
        //Construct the message.
        $message = "From: " . clean_var($_REQUEST['name']) . "\n";
        $message .= "Email: " . clean_var($_REQUEST['email']) . "\n";
        $message .= "subject: " . clean_var($_REQUEST['subject']) . "\n";
        $message .= "Message: \n" . clean_var($_REQUEST['message']);
        $header = 'From:'. clean_var($_REQUEST['email']);
        
//Mail the message - for production
        //mail($sendto, $subject, $message, $header);
//This is for javascript, 
        echo "<script>$(\".message\").hide(\"slow\").show(\"slow\").animate({opacity: 1.0}, 4000).hide(\"slow\"); $(':input').clearForm() </script>";
        echo $thanks;
        die();

//Echo the email message - for development
        echo "<br/><br/>" . $message;

    }
    
//If honeypot is filled, trigger the message that bot likely won't see.
} else {
    echo "<script>$(\".message\").hide(\"slow\").show(\"slow\"); </script>";
    echo $honeypot;
}
?>
GaGa is offline
Reply With Quote
View Public Profile
 
 
Register now for full access!
Old 07-20-2009, 10:09 AM Re: Form Help ?
Junior Talker

Posts: 4
Name: Dai Williams
Location: Derby, UK
Trades: 0
Talkupation: DaiWelsh is on a distinguished road
Which error does it give (there are two relating to subject)?

I think this line may be wrong

} elseif ( !ereg( "[][{}()*+?.\\^$|]", $_REQUEST['subject'] ) ) {

as I think it might be meant to be

} elseif ( ereg( "[][{}()*+?.\\^$|]", $_REQUEST['subject'] ) ) {

note no ! before ereg. That said I am not quite sure why it is checking for that exact set of chars and I always use preg not ereg so may be wrong.

Also note this script doesn't look terribly secure to me for a production environment, though it does at least try to clean it's inputs.

Regards,

Dai
DaiWelsh is offline
Reply With Quote
View Public Profile Visit DaiWelsh's homepage!
 
Old 07-21-2009, 09:08 AM Re: Form Help ?
GaGa's Avatar
Junior Talker

Posts: 2
Trades: 0
Talkupation: GaGa is on a distinguished road
Thanks it worked but whay do u think it`s not secure ?
GaGa is offline
Reply With Quote
View Public Profile
 
Reply     « Reply to Form Help ?
 
Previous Thread | Next Thread Tycoon Talk > Web Development and Programming Support > PHP Forum > Form Help ?

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




   
RSS Feed  Feeds: RSS   JS   XML
RSS Feed  Feeds for this forum: RSS   JS   XML



Page generated in 0.11615 seconds with 12 queries