|
PHP - Die On Direct Access To A Php Form Sent By Ajax
I want to perform a php process initiated by AJAX according to the method described in http://www.w3schools.com/PHP/php_ajax_database.asp
with this line Code: [Select] xmlhttp.open("GET","getuser.php?q="+str,true); the php process in getuser.php is initiated. But how I can restrict direct access to getuser.php? If someone visit getuser.php?q=something; the process will be started for "something". I want to run the getuser.php process only and only when it is initiated from my main page. Similar TutorialsI use jQuery when adding messages. However, the file can be called directly. For example: includes/add_comment.php?id=2 So, I can make a form and call this file directly to add a message. ID is user id and form can be submited with HTML form wherever are located. How to prevent direct access to the file when called through a Ajax? I have a php form for uploading file as the action sends to upload.php. How I can avoid any kind of direct access to upload.php? I want to kill the php process at the first line without performing the remaining code (it is very critical for me as I have a counter), except calls coming from form.php. I have solved this now. Hello everyone, What is the best method of blocking direct access to certain files like functions, modules, and etc? I was trying the if ( ! defined('BASEPATH')) exit('No direct script access allowed');method but I feel like there must be a more convenient/better way. Any suggestions are appreciated, thank you. A shipping vendor (like Stamps.Com) provides me a Printable Shipping Label to display on my website for Visitors to print.
When Visitors come to my page, my PHP code:
$Shipping_Label_Data = $LabelVendor->data[0]->contents; // vendor's API echo '<img src="/Label-Directory/'.$Order_Number.'.png" />'; Later I realized the security flaw: any snooper can fish for other Visitor's labels in my Label directory. What is the best way to prevent the display of other people's labels? Thank you!! I've got a question, I thought I'd be able to do this fairly easily. I don't want to do an .htaccess solution also. I tried this, define('ACCESS', TRUE); // then on other page if(!defined('ACCESS'){die('Direct access not allowed.');} Need some assistance, appreciated. Hi, I am struggling to find an answer here.. If for example my iframe source, file.php has a initcheck/direct access block, how can i still have access to it in an iframe? <center><iframe name="frame1" id="frame1" style="width: 100%; height: 120px; z-index: 0; " scrolling="0" src="file.php" frameborder="0"></iframe></center> //then the file.php has an initcheck and itself includes multiple other files so i cant remove the initcheck.. //header of file.php // ################################################################ defined( '_MYAPP_INITCHECK' ) or die( '' ); // ################################################################ I am using the debug_backtrace() php function to prevent direct access to admin files.
i simply place the code below at the top of a page eg config.php and direct access via the browser is prevented.
Is it a safe practice or is there a better way of doing it?
<?php
debug_backtrace() || die ("Direct access to this resource is forbidden");
?>
Thanks
please it is very important!! I have a script (main file is index.php) that is called into an iframe src via an url reference... http://www.xxxx.com/folder/userfolder/folderwithemailname/index.php works perfectly!!.. How can i prevent someone getting direct url access to the file? if someone were to take the url: http://www.xxxx.com/folder/userfolder/folderwithemailname/index.php and place it into the address bar, they have access to the file... points to note: -i have no database for this script, -the iframe is called directly into a html file, - i dont know the userfolder or the emailfolder names, - and the index.php is linked to several other .php and .js and .html files in different folders.... // i can add something like this to these file:(i found this on the net). Add this to the page that you want to only be included <?php if(!defined('MyConst'){die('Direct access not premitted');} ?> then on the pages that include it add <?php define('MyConst', TRUE); ?> this will prevent the files being accessed, but then i cant access the file via the iframe url.. please any ideas??? best regards Tony Hi all, I have been working on this and maybe you guys can help. All I need to do is be able to open a access form with php. I have tried a couple of diffrent things but nothing is working. What I have right now is $app = new COM("Access.Application"); $app->OpenCurrentDatabase("C:\Documents and Settings\Ian\Desktop\TestData.accdb"); $app->Application->Run("OpenAccForm"); //$app->DoCmd->OpenForm("Test Data"); //$app->Visible = "Yes"; print "Loaded Access, version {$app->Visible}\n"; Any help is appreciated. Right now It opens access but is not viable. I know it is opening access because it is in the processes tab in task manager. I have an index.php file which includes my form and code to move the user's uploaded file to s3. My HTML form calls a js function sendEmails() which makes an AJAX request to another php script dbSystem() to validate the emails input and add it to a database. Everything is working except that the php code in my index.php file (at the very bottom) does not execute. It's supposed to execute when the user uploads a file and presses submit but it doesn't go into the if statement. I tried putting the $fileName = basename($_FILES["fileName"]["name"]) statement before the if statement but I get an undefined index error. I put my a comment in my code to show which if statement I am talking about. This is my HTML code in index.php:
<form action="javascript:void(0)" method="POST" id="files" enctype="multipart/form-data">
<label class="col-md-4 col-form-label text-md-right">Select File: <span class="text-danger">*</span></label>
<input type="file" id="userFile" name="fileName" style="cursor: pointer; max-width: 170px;" onchange="enableBtn()">
<label class="col-md-4 col-form-label text-md-right">Authorized Users: <span class="text-danger">*</span></label>
<input placeholder="Enter e-mail(s) here..." id="req" autocomplete="off"/>
<button id="submitBtn" name="submitBtn" class="<?php echo SUBMIT_BUTTON_STYLE; ?>" onclick="return sendEmails()" disabled>Submit</button>
</form>
This is my php code in index.php:
<?php
$conn = new mysqli($servername, $username, $password, $db);
$sql = "SELECT sender_id, sender_email, receiver_emails, receiver_ids, file_name from filedrop_logs";
$result = mysqli_query($conn, $sql);
if ($result) {
echo "<div class='outputDiv'>";
echo "<table id='sharedOthers'>";
echo "<thead><tr class='headings'>";
echo "<th class='files'>Files</th>";
echo "<th class='users'>Users</th>";
echo "</tr></thead>";
while ($row = mysqli_fetch_assoc($result)) {
$receiverEmails = $row['receiver_emails'];
$fileName = $row['file_name'];
echo "<tbody id='bodyOthers'>";
echo "<tr id='rowOthers'>";
echo "<td>$fileName<br>";
$objects = getListofObjects('FileDrop');
foreach ($objects as $object) {
$file = $object['Key'];
$splits = explode('/', $file);
if (end($splits) !== '') {
$presignedUrl = getPresignedUrlForPrivateFile($object['Key'], '+20 minutes');
$link = '<a href="'.$presignedUrl.'">Download</a>';
echo $link;
}
}
echo " <a href=''>Delete</a></td>";
echo "<td>$receiverEmails</td>";
echo "</tr></tbody>";
}
echo "</table></div>";
}
?>
<?php
//the if statement below doesn't execute
if(isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES["fileName"])) {
$fileName = basename($_FILES["fileName"]["name"]);
$error = $_FILES["fileName"]["error"];
$tmpName = $_FILES["fileName"]["tmp_name"];
if (isset(fileName) && $fileName != '' && $tmpName != '' && sys_get_temp_dir()) {
$separator = DIRECTORY_SEPARATOR;
$newDir = sys_get_temp_dir() . $separator . "FileDrop" . microtime(true);
if (!file_exists($newDir)) {
mkdir($newDir, 0777, true); // creates temp FileDrop directory
$tempFilePath = $newDir . $separator . $fileName; // creates temp file inside FileDrop directory
if (move_uploaded_file($tmpName, $tempFilePath)) { // moves file to tmp folder
$s3FileName = "FileDrop" . substr($newDir, 4) . $separator . $fileName;
$result = putFileToS3($s3FileName, $tempFilePath, 'public-read');
deleteDir($newDir);
}
}
}
}
?>
This is my js code in case you want to see it:
function sendEmails() {
var fileData = $('#userFile').prop('files')[0];
var formData = new FormData();
formData.append('tags', JSON.stringify(tags));
formData.append('fileName', fileData);
$.ajax({
type: "POST",
url: "../FileDrop/dbSystem.php",
processData: false,
contentType: false,
data: formData,
success: function(result) {
result = JSON.parse(result);
if (result.validity === "valid emails") {
location.reload();
resetInputs(); //IMPORTANT
$(".outputDiv").show();
}
else {
var tagsBrackets = result.emails.toString().replace(/[\[\]']+/g,'');
var tagsQuotes = tagsBrackets.replace(/['"]+/g, '');
var tagsInvalid = tagsQuotes.replace(/,/g, ", ");
$('#alertModal').modal({show:true});
document.getElementById('invalid').textContent = tagsInvalid;
}
}
});
return false;
}
I've been stuck on this for so long, so I'd really appreciate the help!! I have a sign up form to send the activation code to the new user via email.My question is how to restrict the user who is not a member using activation form page in PHP unless their use a sign up form first?
here is my sign up form and activation form:
sign up form
<style type="text/css"> <!-- .style1 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12; } .style5 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 16px; font-weight: bold; } .style7 {font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; } --> </style> <form name="form1" method="post" action="email-activation-script.php"> <div align="center"> <p class="style5"> Form Registration </p> <table width="35%" border="0"> <tr> <td class="style7">Username</td> <td class="style7">:</td> <td class="style1"><span class="style7"> <label> <input name="username" type="text" id="username"> </label> </span></td> </tr> <tr> <td class="style7"> Email </td> <td class="style7">:</td> <td class="style1"><span class="style7"> <label> <input name="email" type="text" id="email"> </label> </span></td> </tr> <tr> <td class="style7">Password</td> <td class="style7">:</td> <td class="style1"><span class="style7"> <label> <input name="password" type="password" id="password"> </label> </span></td> </tr> <tr> <td class="style7"> </td> <td class="style7"> </td> <td class="style1"><span class="style7"> <label> <input type="submit" name="Submit" value="Register"> <input type="reset" name="Submit2" value="Cancel"> </label> </span></td> </tr> </table> </div> </form> activation form: <form name="form1" method="post" action="check-activation-script.php"> <div align="center"> <table width="35%" border="0"> <tr> <td>Username</td> <td>:</td> <td><label> <input name="username" type="text" id="username"> </label></td> </tr> <tr> <td>Activation Code </td> <td><label>:</label></td> <td><input name="activation_code" type="text" id="activation_code"></td> </tr> <tr> <td> </td> <td> </td> <td><label> <input type="submit" name="Submit" value="Submit"> <input type="reset" name="Submit2" value="Cancel"> </label></td> </tr> </table> </div> </form> Hello, A named field in an html form e.g. <input type="text" name="time"> is accessed as $_GET['time'] or $_POST['time'] by the processing script. What about an unnamed field like the one below: <input type="text" value="" id="1" /> How do I harvest this field's input as a variable from my php processing script? Thanks in advance So I'm doing a project and I need to make a successful login form, where it checks in MS Access if the username and password are correct, and if they are the user is taken to a new page. If they are wrong, a message comes up and they stay on the same page. The user should first just see a blank form, but after submit is pressed, it should check if the username and password are correct. IF they are should be taken to a new page. It's been a while since I used php last, so I wasn't quite sure how to tackle this issue. I was wondering if someone could please help me? here is my code. Code: [Select] <html> <head> <style type="text/css"> </style> </head> <body style="text-align:center"> <div id='title'> </div> <?php print_r ($_POST) ; if (isset($_POST['submit'])) { if(isset($_POST['username'])){ $username= $_POST['username'] ; } if(isset($_POST['password'])){ $TABLE= $_POST['password'] ; } $username = null ; $password = null ; $connection = odbc_connect('Olympics', '', ''); if (!$connection) {exit("Conection Failed: " . $connection);} $username = stripslashes($username); $password = stripslashes($password); $sql = "select * from users where users = '$username' and passwords = '$password'"; $rs=odbc_exec($connection,$sql); $count=odbc_num_rows($rs); if ($count == 1) { $_SESSION['loggedIn'] = "true"; header("Location: searchpage.php"); } else { $_SESSION['loggedIn'] = "false"; header("Location: index.php"); echo "Login failed" ; } } echo "<form action='index.php' method='post'> \n" ; echo" Please enter your username and password if you wish. <br/> \n" ; echo "Username: <input type='text' name='username' > \n " ; echo "Password: <input type='password' name='password' > \n" ; echo "<input type='submit' value='Login' name='submit'> <br/> \n" ; echo "<input type='submit' value='You may also continue you as a guest.'> \n" ; ?> </body> </html> So basically my project is one where the user can log onto my website, and the page then checks if the ID and password are in my table in my microsoft access file. If the username and password are the same, the user continues, if it isnt, then it stays on the same page and says something like "username and/or password are incorrect" or something along the lines of that. the problem is right now im not sure how to make it say "ERROR username and/or password is incorrect" if the username and password dont match. Can someone help me with this? and also make sure if the username and password are correct that it goes to the next page, entitled searchpage.php here is the code Code: [Select] <html> <head> <style type="text/css"> </style> </head> <body style="text-align:center"> <div id='title'> </div> <?php print_r ($_POST) ; if if (isset($_POST['Login'])) { if(isset($_POST['username'])){ $username= $_POST['username'] ; } if(isset($_POST['password'])){ $TABLE= $_POST['password'] ; } $username = null ; $password = null ; $connection = odbc_connect('Olympics', '', ''); if (!$connection) {exit("Conection Failed: " . $connection);} $username = stripslashes($username); $password = stripslashes($password); $sql = "select * from users where users = '$username' and passwords = '$password'"; $rs=odbc_exec($connection,$sql); $count=odbc_num_rows($rs); if ($count == 1) { $_SESSION['loggedIn'] = "true"; header("Location: searchpage.php"); } else { $_SESSION['loggedIn'] = "false"; header("Location: index.php"); echo "Login failed" ; } } echo "<form action='index.php' method='post'> \n" ; echo" Please enter your username and password if you wish. <br/> \n" ; echo "Username: <input type='text' name='username' > \n " ; echo "Password: <input type='password' name='password' > \n" ; echo "<input type='submit' value='Login' name='Login'> <br/> \n" ; echo "<input type='submit' value='You may also continue you as a guest.'> \n" ; echo "</form>" ; ?> </body> </html> Hi All, I am trying to get this contact form to work correctly. The problem I have right now is that the e-mail sends only the Name, Email Address, and Phone Number, and it will not send anything for the body or "message" portion. The first code is contact.php Code: [Select] <?php /* Credits: Bit Repository URL: http://www.bitrepository.com/ */ include 'contact_config.php'; session_start(); error_reporting (E_ALL ^ E_NOTICE); $post = (!empty($_POST)) ? true : false; if($post) { include 'functions.php'; $name = stripslashes($_POST['name']); $email = trim($_POST['email']); $phone = stripslashes($_POST['phone']); $subject = stripslashes($_POST['subject']); $message = "Site visitor information: Name: ".$_POST['name'] ." E-mail Address: ".$_POST['email'] ." Phone: ".$_POST['phone'] ." Message: ".$_POST['message']; $error = ''; // Check name if(!$name) { $error .= 'Please enter your First name.<br />'; } // Check email if(!$email) { $error .= 'Please enter an e-mail address.<br />'; } if($email && !ValidateEmail($email)) { $error .= 'Please enter a valid e-mail address.<br />'; } if(isset($_SESSION['captcha_keystring']) && strtolower($_SESSION['captcha_keystring']) != strtolower($_POST['capthca'])) { $error .= "Incorect captcha.<br />"; } if(!$error) { $mail = mail(WEBMASTER_EMAIL, $subject, $message, "From: ".$name." <".$email.">\r\n" ."Reply-To: ".$email."\r\n" ."X-Mailer: PHP/" . phpversion()); if($mail) { echo 'OK'; } } else { echo '<div class="notification_error">'.$error.'</div>'; } } ?> and contact_config.php only contain the webmaster's email address. Thank you for your help. So basically I am attempting to make my code work with AJAX also to get rid of the page refreshing to the user. It does physically submit the data to the file and write it how it is supposed to be. However the notifications are not working at all. I am not the best at bug shooting JS stuff as I don't use it a lot - but would be grateful if someone can point out where I am going wrong.
<!DOCTYPE html>
<html>
<head>
<meta charset=utf-8 />
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
<meta name="HandheldFriendly" content="true" />
<link rel="stylesheet" type="text/css" href="css/default.css" />
<script src="scripts/jquery-1.11.1.min.js"></script>
<script>
$(document).ready(function() {
$('#formContainer').submit(function() {
var formData = $(this).serialize();
$.post('index.php', formData, processData);
function processData(data) {
if (data=='1') {
$('.form').html('<p>success</p>');
} else if (data=='2') {
$('#form').prepend('<p>already exists</p>');
} else if (data=='3') {
$('#form').prepend('<p>fail</p>');
}
}
return false;
});
});
</script>
<title>WyTraining</title>
</head>
<body class="background">
<header>
<div class="logo"><a href="index.php"><img src="images/logo.png" alt="wyTraining"></a></div>
</header>
<div class="form">
<div class="title">coming soon</div>
<?php
/* email entered = 1 */
/* email exists = 2 */
/* email incorrect = 3 */
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$trimmed = array_map('trim', $_POST);
if(filter_var($trimmed['email'], FILTER_VALIDATE_EMAIL)) {
$file = 'data\emails.txt';
if( strpos(file_get_contents($file),$trimmed['email']) == false) {
$email = $trimmed['email'];
echo '1';
$current = file_get_contents($file);
$current .= "$email,\n";
file_put_contents($file, $current);
} else {
echo '2';
}
} else {
echo '3';
}
}
?>
<center><form action="index.php" method="POST" id="formContainer">
<input type="text" name="email" value="" placeholder="enter email to stay updated" autocomplete="off"/>
<input type="submit" name="submit" value=" " class="button"/>
</form></center>
</div>
</body>
</html>
Ok I have been trying to get learn ajax and php contact forms for a few days now and I can't seem to get my head around why mine refuses to work. I know the form and the php does what it is suppost to do but I can't understand why when i link the whole thing together it doesn't work. As it sits at the moment its just sticking on the loading part of the ajax and refuses to execute the validate in the php file. Can anyone please point me in the right direction? index.php (the form) Code: [Select] <div id="contact_wrapper"> <div id="contact_form"> <script src="js/ajax.form.js" language="javascript"></script> <form action="javascript:contact_form()" method="post"> <h1 class='contact_form_h' id='contact-loading'>Contact Us</h1> <div id="login_response"></div> <input type='text' name='name' id='name' class='contact_form_input' value='Name' onfocus="if(!this._haschanged){this.value=''};this._haschanged=true;" /> <input type='text' name='email' id='email' class='contact_form_input' value='Email' onfocus="if(!this._haschanged){this.value=''};this._haschanged=true;" /> <textarea name='enquiry' id='enquiry' class='contact_form_textarea' rows='10' cols='10' onfocus="if(!this._haschanged){this.value=''};this._haschanged=true;">Enquiry</textarea> <input type='submit' name='contact' id='contact' class='contact_form_submit' value='Contact Us' /> </form> </div> </div> ajax.form.js (Ajax) Code: [Select] /* ---------------------------- */ /* XMLHTTPRequest Enable */ /* ---------------------------- */ function createObject() { var request_type; var browser = navigator.appName; if(browser == "Microsoft Internet Explorer"){ request_type = new ActiveXObject("Microsoft.XMLHTTP"); }else{ request_type = new XMLHttpRequest(); } return request_type; } var http = createObject(); /* -------------------------- */ /* Contact */ /* -------------------------- */ /* Required: var nocache is a random number to add to request. This value solve an Internet Explorer cache issue */ var nocache = 0; function contact_form() { // Optional: Show a waiting message in the layer with ID ajax_response document.getElementById('contact_wrapper').innerHTML = "<div id='contact_error'><img src='img/loader.gif' alt='loading' /> Loading...</div>" // Required: verify that all fileds are not empty. Use encodeURI() to solve some issues about character encoding. var name = encodeURI(document.getElementById('name').value); var email = encodeURI(document.getElementById('email').value); var enquiry = encodeURI(document.getElementById('enquiry').value); // Set the random number to add to URL request nocache = Math.random(); // Pass the form variables like URL variable http.open('get', 'send_email.php?name='+name+'&email='+email+'&enquiry='+enquiry+'&nocache = '+nocache); http.onreadystatechange = Reply; http.send(null); } function Reply() { if(http.readyState == 4){ var response = http.responseText; if(response == 1){ // if fields are empty document.getElementById('login_response').innerHTML = 'Please fill in all the fields.'; } else if(response == 2){ // if email isnt valid document.getElementById('login_response').innerHTML = 'Please enter a valid email address.'; } else if(response == 3){ // if email has been sent document.getElementById('login_response').innerHTML = 'Your email has been sent.'; } else if(response == 10){ // if email hasnt been sent document.getElementById('login_response').innerHTML = 'Your email has not been sent.'; } } } send_email.php (php) Code: [Select] <?php //Require check email function require "check_email.php"; //Variables $err_name=stripslashes($_GET['name']); $err_email=stripslashes($_GET['email']); $err_enquiry=stripslashes($_GET['enquiry']); $to="xxx@xxxxxxxxxx.com"; $subject="Website Contact Form"; $from = stripslashes($_GET['name'])."<".stripslashes($_GET['email']).">"; $message = $err_enquiry; $headers = "From: $from\r\n" . "MIME-Version: 1.0\r\n" . "Content-Type: multipart/mixed;\r\n" . " boundary=\"{$mime_boundary}\""; //Check all form fields are filled in if ($_GET["name"]!='' && $_GET["name"]!='Name' && $_GET["email"]!='' && $_GET["email"]!='Email' && $_GET["enquiry"]!='' && $_GET["enquiry"]!='Enquiry') { //Check email address is valid if (isValidEmail($_GET['email'])){ //Send Mail if (@mail($to, $subject, $message, $headers)) { echo "3"; } else{ echo "10"; } } //Email isnt valid else{ echo"2"; } } else { echo"1"; } ?> I have a form on my website and when the user submits it I want all the server processing to be done using AJAX so the page doesn't refresh. I was wondering what the best way to do this is because if your form has a submit button doesn't that automatically refresh the page? Thanks for any help. Hey Guys, I've got a section of code that generates a date and time. This is currently standalone however I'm looking to integrate it with a standard page. This is the code page: <?php error_reporting(0); include("options.php"); include("include/functions.php"); include("include/class.php"); list($year,$month,$day) = explode("-",date("Y-n-j",strtotime($_REQUEST["date"]))); $bookFrom = formatDateByCalendarId($day,$month,$year,$_REQUEST["cid"]); $sql = "SELECT * FROM ".$TABLES["Calendars"]." WHERE id=".$_REQUEST["cid"]; $sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql); $Calendar = mysql_fetch_assoc($sql_result); $CalendarOptions = unserialize($Calendar["options"]); $fontFamily = $Fonts[$CalendarOptions["fonts"]]; $daysFontSize = $FontSize[$CalendarOptions["daysFontSize"]]; $daysFontStyle = $Styles[$CalendarOptions["daysFontStyle"]]; $availableDaysFontSize = $FontSize[$CalendarOptions["availableDaysFontSize"]]; $availableDaysFontStyle = $Styles[$CalendarOptions["availableDaysFontStyle"]]; $timeSlot=new Timeslot($_REQUEST["cid"]); $reservations=$timeSlot->getFreeFilter($CalendarOptions["startTime"],$CalendarOptions["endTime"],$year,$month,$day,$CalendarOptions["timeSlot"]); if (!isset($_REQUEST["view"])) { $view = '1'; } else { $view = $_REQUEST["view"]; }; if ($_REQUEST["ac"]=='book') { $message =''; $format = GetCalendarDateFormat($_REQUEST["cid"]); $sYear = GetYear($format,$_REQUEST["startDate"]); $sMonth = GetMonth($format,$_REQUEST["startDate"]); $sDay = GetDay($format,$_REQUEST["startDate"]); $reservations=$timeSlot->getFreeFilter($CalendarOptions["startTime"],$CalendarOptions["endTime"],$sYear,$sMonth,$sDay,$CalendarOptions["timeSlot"]); $sDateLong = strtotime($CalendarOptions["startTime"],mktime(0,0,0,$sMonth,$sDay,$sYear)); $first=-1; $last=-1; for ($i=0;$i<count($reservations);$i++) { if (($_REQUEST[$i]=="on")&&((($reservations[$i]>0)&&($reservations[$i]==$_REQUEST["rid"]))||(!$reservations[$i]))) { if ($first<0) $first=$i; $last=$i; } } $eDateLong = strtotime("+".($CalendarOptions["timeSlot"]*($last+1))." minutes",$sDateLong); $sDateLong= strtotime("+".($CalendarOptions["timeSlot"]*$first)." minutes",$sDateLong); if($_REQUEST["rid"]>0) { $updateRange = $_REQUEST["rid"]; } else $updateRange = NULL; if(! $timeSlot->checkInterval($sDateLong,$eDateLong,$updateRange)){ $message = "Some of the timeslots on the selected date are already booked."; } else { $settings["status"]=$CalendarOptions["reservationStatus"]; $settings["notes"]=mysql_escape_string(utf8_encode($_REQUEST["notes"])); $settings["customerName"]=mysql_escape_string(utf8_encode($_REQUEST["customerName"])); $settings["phone"]=mysql_escape_string(utf8_encode($_REQUEST["phone"])); $settings["email"]=mysql_escape_string(utf8_encode($_REQUEST["email"])); $settings["price"]=$_REQUEST["price"]; if (! isset($updateRange)) $settings["dt"]=date("Y-m-d H:i:s"); if (! $timeSlot->addReservation($sDateLong,$eDateLong,$settings,$updateRange)) $message = 'Failed saving'; else { if($_REQUEST["findReservation"]=="1") $_REQUEST["ac"]='findReservation'; else $_REQUEST["ac"]='view'; $_REQUEST["month"] = $sMonth*1; $_REQUEST["year"] = $sYear; $search_tokens=array("<Name>","<Email>","<Phone>","<Notes>","<Date>","<StartTime>","<EndTime>","<Price>"); $replace_tokens=array($_REQUEST["customerName"],$_REQUEST["email"],$_REQUEST["phone"],stripslashes($_REQUEST["notes"]),$_REQUEST["startDate"],formatTime($sDateLong,$_REQUEST["cid"]),formatTime($eDateLong,$_REQUEST["cid"]),$_REQUEST["price"]); $MESSAGE_BODY=$CalendarOptions["emailMessage"]; $MESSAGE_BODY=nl2br(str_replace($search_tokens,$replace_tokens,$MESSAGE_BODY)); $mailheader = "From: ".$CalendarOptions["NotificationEmail"]."\r\n"; $mailheader .= "Reply-To: ".$CalendarOptions["NotificationEmail"]."\r\n"; $mailheader .= "Content-type: text/html; charset=iso-8859-1\r\n"; if ($CalendarOptions["NotificationEmail"]<>'') { if(!mail($CalendarOptions["NotificationEmail"], 'Reservation Confirmation', $MESSAGE_BODY, $mailheader)) $message="Failure sending e-mails.<br />"; }; if ($_REQUEST["email"]<>'') { if (!mail($_REQUEST["email"], 'Reservation Confirmation', $MESSAGE_BODY, $mailheader)) $message="Failure sending e-mails.<br />"; }; if($CalendarOptions["allowPaypal"]=="true" and $CalendarOptions["paypalAddress"]<>"" and $CalendarOptions["depositPayment"]>0 and isset($_REQUEST["price"]) and $_REQUEST["price"]>0){ $price = $_REQUEST["price"]; $deposit = $price * ($CalendarOptions["depositPayment"] / 100); $_REQUEST["ac"] = "redirectToPaypal"; } else { unset($_REQUEST["ac"]); } $message.='Reservation saved.'; } } } echo '<div style="font-family:'.$fontFamily.'; color:#'.$CalendarOptions["availableDaysFontColor"].'; font-size:'.$availableDaysFontSize.'px; font-weight:bold">'.$message.'</div>'; if($_REQUEST["ac"]=="redirectToPaypal"){ } else { ?> <?php if(isset($_REQUEST["date"])){ ?> <form action="load-bookingform.php" method="post" name="frm" style="margin:0px; padding:0px" onsubmit="return false"> <table width="<?php echo $CalendarOptions["width"]; ?>" border="0" cellspacing="0" cellpadding="2" style='font-family:"<?php echo $fontFamily; ?>"; color:#<?php echo $CalendarOptions["availableDaysFontColor"]; ?>; font-size:<?php echo $availableDaysFontSize; ?>px; <?php echo $availableDaysFontStyle; ?>'> <tr> <td width="16%" align="left">Date:</td> <td width="85%" align="left" name="startDate" id="startDate"><strong><?php echo $bookFrom; ?></strong></td> </tr> <?php $price = 0; ?> <tr> <td colspan="2"> <table width="100%" border="0" cellspacing="2" cellpadding="2"> <tr> <td width="33%" valign="top" bgcolor="#DDDDDD">Start time</td> <td width="33%" valign="top" bgcolor="#DDDDDD">End time</td> <td colspan="2" valign="top" bgcolor="#DDDDDD">Book </td> </tr> <?php for ($i=0;$i<count($reservations);$i++) { ?> <tr> <td align="left" style="border-bottom:1px solid #DFE4E8"><?php if ($CalendarOptions["timeFormat"]=='12') echo date("h:i A",strtotime("+".($CalendarOptions["timeSlot"]*$i)." minutes",strtotime($CalendarOptions["startTime"]))); else echo date("H:i",strtotime("+".($CalendarOptions["timeSlot"]*$i)." minutes",strtotime($CalendarOptions["startTime"]))); ?></td> <td align="left" style="border-bottom:1px solid #DFE4E8"><?php if ($CalendarOptions["timeFormat"]=='12') echo date("h:i A",strtotime("+".($CalendarOptions["timeSlot"]*($i+1))." minutes",strtotime($CalendarOptions["startTime"]))); else echo date("H:i",strtotime("+".($CalendarOptions["timeSlot"]*($i+1))." minutes",strtotime($CalendarOptions["startTime"]))); ?></td> <td width="34%" align="left" valign="top" style="border-bottom:1px solid #DFE4E8"><input type="checkbox" id="<?php echo $i; ?>" name="<?php echo $i; ?>" <?php if ($reservations[$i]) { echo "checked"; echo ' disabled="disabled"'; } ?> onclick="selectTimeSlot()" /></td> </tr> <?php }; ?> </table> </td> </tr> <tr> <td align="left"> </td> <td align="left"> <input type="button" name="Button" value="Book" onclick="pass=checkForm(); if (pass) submitBooking('<?php echo $bookFrom; ?>','<?php echo date("n",strtotime($_REQUEST["date"])); ?>','<?php echo date("Y",strtotime($_REQUEST["date"])); ?>')" /> <input type="button" name="Button" value="Cancel" onclick="javascript: ajaxpage('<?php echo $SETTINGS["installFolder"]; ?>load-bookingform.php?cid=<?php echo $_REQUEST["cid"]; ?>','DateBookings<?php echo $_REQUEST["cid"]; ?>','get'); " /> </td> </tr> <?php } ?> </table> </form> <?php }; ?> I already have a checkout page, that this info needs to be parsed to. Any ideas how I can integrate it? |
|||||||