www.webdeveloper.com
Page 2 of 2 FirstFirst 12
Results 16 to 27 of 27

Thread: [RESOLVED] Send form details to specific recipient dependant on list selection

  1. #16
    Join Date
    Jul 2013
    Location
    Voorheesville NY USA
    Posts
    731
    What page is it trying to display? What is the url in the address bar? Something you expect?
    JG
    PS - If you're posting here you should be using:

    error_reporting(E_ALL | E_NOTICE);
    ini_set('display_errors', '1');


    at the top of ALL php code while you develop it!

  2. #17
    Join Date
    Jun 2014
    Location
    Somerset, UK
    Posts
    14
    It looks as if it trying to run the php. The URL is http:/www.example.com/website_process.php

    That is the name of my php script.

  3. #18
    Join Date
    Jun 2014
    Location
    Somerset, UK
    Posts
    14
    Quote Originally Posted by kimmcms View Post
    It looks as if it trying to run the php. The URL is http:/www.example.com/website_process.php

    That is the name of my php script.
    Obviously not example.com.

  4. #19
    Join Date
    Jul 2013
    Location
    Voorheesville NY USA
    Posts
    731
    And is that script located in the root folder of your domain?
    JG
    PS - If you're posting here you should be using:

    error_reporting(E_ALL | E_NOTICE);
    ini_set('display_errors', '1');


    at the top of ALL php code while you develop it!

  5. #20
    Join Date
    Jun 2014
    Location
    Somerset, UK
    Posts
    14
    No, it is in the same folder as the form page, public_html. However, my original form page and its associated php script are also in the same folder (with different names to my current test obviously) so is it a security matter to have the script in the root rather than public folder ?

  6. #21
    Join Date
    Jul 2013
    Location
    Voorheesville NY USA
    Posts
    731
    public-html is most like your root folder.
    JG
    PS - If you're posting here you should be using:

    error_reporting(E_ALL | E_NOTICE);
    ini_set('display_errors', '1');


    at the top of ALL php code while you develop it!

  7. #22
    this is so difficult , i don't know what are you guys talking about !

  8. #23
    Join Date
    Jun 2014
    Location
    Somerset, UK
    Posts
    14

    [RESOLVED] Send form details to specific recipient dependant on list selection

    Hi folks,

    I have finally had the time to rework the codes, mainly thanks to ginerjm's guidance (many thanks). and the form now does what I want it to do, i.e send the form content to a specific recipient depending on which of the options in the drop down box is selected, but without having the email addresses in the html.

    So, for those who are interested, the code, very inelegant but functional, is below:

    The HTML code:
    HTML Code:
    <html>
    <head>
    <title>Welcome to Example - Contact Us</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <script language="JavaScript" type="text/JavaScript">
    <!--
    function MM_findObj(n, d) { //v4.01
      var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
        d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
      if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
      for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
      if(!x && d.getElementById) x=d.getElementById(n); return x;
    }
    
    function MM_validateForm() { //v4.0
      var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
      for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
        if (val) { nm=val.name; if ((val=val.value)!="") {
          if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
            if (p<1 || p==(val.length-1)) errors+='- '+nm+' - must contain an e-mail address.\n';
          } else if (test!='R') { num = parseFloat(val);
            if (isNaN(val)) errors+='- '+nm+'  - Please enter just a number. Do not enter spaces or dashes etc\n';
            if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
              min=test.substring(8,p); max=test.substring(p+1);
              if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
        } } } else if (test.charAt(0) == 'R') errors += '- '+nm+' - Please provide details.\n'; }
      } if (errors) alert('The following error(s) occurred:\n'+errors);
      document.MM_returnValue = (errors == '');
    }
    //-->
    </script>
    </head>
    
    <body bgcolor="#FFFFFF" background="goldmold.jpg">
    <div id="Layer1" style="position:absolute; width:207px; height:42px; z-index:3; left: 10px; top: 19px;"><font size="6" face="Calligraph421 BT"><strong>Welcome 
      to <font size="7">Example</font></strong></font></div>
    <h1>&nbsp;</h1>
    <p align="center"><font size="+4"><strong>Contact Us</strong></font></p>
    <hr>
    <div align="right"><font size="-1"><strong><a href="index.html" style="text-decoration = None"><font color="#000000" face="Calligraph421 BT">Return 
      to Home Page</font></a></strong></font></div>
    <blockquote> 
      <blockquote> 
        <blockquote> 
          <p align="center"><font size="+1" face="Calligraph421 BT"><strong>For any 
            enquiries relating to the Village Hall, please either telephone the Bookings 
            Secretary between 08:00 and 20:00 Monday to Friday on 0845-643-0000, or 
            <a href="mailto:bookings.secretary@example.com"><img src="emailbutton.jpg" width="70" height="20" border="0"></a> 
            her with any questions.</strong></font></p>
        </blockquote>
      </blockquote>
    </blockquote>
    <p align="center"><strong><font size="+1" face="Calligraph421 BT">Alternatively, 
      or for other village matters, please complete and submit the short form below, 
      and we will respond as soon as possible</font></strong></p>
    <form action="website_process.php" method="post" enctype="multipart/form-data" name="Contactform" id="Contactform">
      <table width="50%" border="1" align="center">
        <tr> 
          <td width="50%" height="64"><div align="center">Full Name:</div></td>
          <td width="50%"><div align="center"> 
              <input name="Name" type="text" id="Name" size="48%">
            </div></td>
        </tr>
        <tr> 
          <td width="50%" height="64"><div align="center">Telephone No.</div></td>
          <td width="50%"><div align="center"> 
              <input name="Telephone" type="text" id="Telephone" size="48%">
            </div></td>
        </tr>
        <tr> 
          <td width="50%" height="67"><div align="center">Email:</div></td>
          <td width="50%"><div align="center"> 
              <input name="Email" type="text" id="Email" size="48%">
            </div></td>
        </tr>
        <tr> 
          <td width="50%" height="56"><div align="center">Nature of your Enquiry ?</div></td>
          <td width="50%"><div align="center"> 
              <select name="Nature" size="1" id="Nature">
    		    <option>Please Select</option>
    <option value="General_Enquiries">General Enquiries</option>		  
    <option value="Hall_Hire">Hall Hire</option>
    <option value="Marquee_Hire">Marquee Hire</option>
    <option value="Parish_Church">Parish Church</option>
    <option value="Parish_Council">Parish Council</option>
    <option value="Recreation_Area">Recreation Area</option>
    <option value="Social_Club">Social Club</option>
    <option value="Other">Other</option>
    </select> 
    	
            </div></td>
        </tr>
        <tr> 
          <td width="50%" height="127"><div align="center">Enquiry Details:</div></td>
          <td width="50%"><div align="center"> 
              <textarea name="Questions" cols="40%" rows="4" id="Questions"></textarea>
            </div></td>
        </tr>
        <tr> 
          <td width="50%"><div align="center"> 
              <input name="contactSubmit" type="submit" id="contactSubmit" onClick="MM_validateForm('Name','','R','Telephone','','RisNum','Email','','NisEmail','Questions','','R');return document.MM_returnValue" value="Submit">
            </div></td>
          <td width="50%"><div align="center"> 
              <input name="ContactReset" type="reset" id="ContactReset" value="Reset">
            </div></td>
        </tr>
      </table>
      <p>&nbsp;</p>
      <p>&nbsp; </p>
      </form>
    <p align="center">&nbsp;</p>
    <p>&nbsp;</p>
    <p>&nbsp;</p>
    <p>&nbsp;</p>
    <p>&nbsp;</p>
    </body>
    </html>
    and the PHP code:
    PHP Code:
    <?php

    /* Error Checking */
    error_reporting(E_ALL E_NOTICE);  
    ini_set('display_errors''1');   
        
     
    /* Email Variables */
    $emailSubject 'Enquiry from Example Website'
    $recipients = array(

    General_Enquiries => 'kim1@example.co.uk'
    Hall_Hire => 'kim2@example.co.uk'
    Marquee_Hire => 'kms3@example.com'
    Parish_Church => 'kim4@example.net',
    Parish_Council => 'kim5@example.com',
    Recreation_Area => 'kim6@example.com',
    Social_Club => 'kim7@example.com',
    Other => 'enquiries@example.com'
    );
    $my_email $recipients[$_POST['Nature']];

    /* Data Variables */
    $Name $_POST['Name'];
    $Telephone $_POST['Telephone'];
    $Email $_POST['Email'];
    $Nature $_POST['Nature'];
    $Questions $_POST['Questions'];

    /* Email Content*/
    $body = <<<EOD
    <br><hr><br>
    You have an enquiry from the Example Website <br>
    <br><hr><br>
    Name: 
    $Name <br>
    Telephone: 
    $Telephone <br>
    Email: 
    $Email <br>
    Nature of Enquiry: 
    $Nature <br>
    Enquiry Details: 
    $Questions <br>
    EOD;
    $headers "From: $Email\r\n";
    $headers .= "Content-type: text/html\r\n";
    $success mail($my_email$emailSubject$body,
    $headers);

    /* Results */
    $theResults = <<<EOD
    <html> 
    <head> 
    <title>sent message</title> 
    <meta http-equiv="refresh" content="5;URL=http://example.com/index.html"> 
    <style type="text/css">
    body { 
    background-color: #444; 
    font-family: Verdana, Arial, Helvetica, sans-serif; 
    font-size: 20px;
    color: #fec001; 
    padding-top: 200px; 
    width: 800px; 
    margin: auto;
    text-align: center;
    }
    </style> 
    </head> 
    <body>
    <div>Thank you for your enquiry. Your message has been sent and we will respond as soon as possible.</div> 
    </body> 
    </html>
    EOD;
    echo 
    "$theResults";
    ?>
    Thanks once again for the guidance.

  9. #24
    Join Date
    Jul 2013
    Location
    Voorheesville NY USA
    Posts
    731
    Jacques1 (and others) will have a field day with your output of unsanitized values coming from the user. You need to learn how to protect yourself from malfeasance by your users. One should never send something to the client that has not been scoured for possible trouble. IE, all of your post vars that you are sending back to the screen should be treated with the following:
    PHP Code:
    function html_ready($value,$options=ENT_QUOTES,$charcode='UTF-8')
    {
          return 
    htmlspecialchars($value,$options,$charcode);

    Use this function on each of the vars that the client provided before you output them.

    Glad you got it working! But - I do wish you had re-written that horrible mess of html with divs embedded inside a table. Are you using a div tag simply to provide a deprecated type of centering? LOL!!!
    JG
    PS - If you're posting here you should be using:

    error_reporting(E_ALL | E_NOTICE);
    ini_set('display_errors', '1');


    at the top of ALL php code while you develop it!

  10. #25
    Join Date
    Jun 2014
    Location
    Somerset, UK
    Posts
    14
    Thanks JG.

    I agree that I need to learn an awful lot - about all of this. To start with, what you mean by sending post vars back to the screen ? The only thing that appears on the screen is the contact form, then the "Thank You etc" when the form is submitted, then it returns to the website home page.

    I have tried to follow all of your posts, but confess to losing the thread of your guidance on occasion. Could I ask you to please explain your last post in the simplest of layman terms to make sure I understand it, and where your protection code should go. If you assume, mostly correctly, that I know next to nothing about html or php or any of it, I would be most grateful.

    With regard to the divs embedded within the table, I did not (knowingly) put them there. I drew the form, inserted a table, put in the labels & text fields and centred them within each table cell - My 14 year old version of Dreamweaver MX wrote the html code based on what I had drawn.

    I fully appreciate that all this is not really something a rank amateur like me should be doing, but, as I have said before, this is for our small village. We simply don't have the budget to have it done professionally, so as a mere 60 year old younger member of our committee (and with no-one in the village with any programming knowledge) I was "volunteered" to do it, and try and make the best of it. Hence my plea for guidance.

  11. #26
    Join Date
    Jun 2014
    Location
    Somerset, UK
    Posts
    14
    Hi JG.

    OK.I have been reading up on the code you kindly wrote above, and think I now understand at least in part the whats and whys thereof. If my understanding is correct, it is to convert single and double inverted commas, and less than/more than arrows to html so that these charcters will send as text rather than code which could be dangerous.

    I do, however, have a couple of question still, if you would indulge me ?

    1. I am still not sure what you mean by sending post vars back to the screen.
    2. Does the code above need to go into the php above each instance of $_POST in the /*data variables*/ individually and above the '$my_email =' ? Please would you clarify.
    3. You have set the character code to UTF-8, which I understand is the current standard. Will this have any effect on the iso-8859-1 character set in the html ?

    Regards

  12. #27
    Join Date
    Jul 2013
    Location
    Voorheesville NY USA
    Posts
    731
    You should add the function to your code preferably at the end of your php block or somewhere NOT in the middle of things. Then you use it by simply calling it in a statement.

    Your code:
    PHP Code:

    /* Data Variables */ 
    $Name $_POST['Name']; 
    $Telephone $_POST['Telephone']; 
    $Email $_POST['Email']; 
    $Nature $_POST['Nature']; 
    $Questions $_POST['Questions']; 

    /* Email Content*/ 
    $body = <<<EOD 
    <br><hr><br
    You have an enquiry from the Example Website <br
    <
    br><hr><br
    Name$Name <br
    Telephone$Telephone <br
    Email$Email <br
    Nature of Enquiry$Nature <br
    Enquiry Details$Questions <br
    EOD
    The first part grabs post vars and assigns them to local vars. You then use them to develop the $body var which is being echoed back to the client to confirm what they have submitted for mailing. Well if they input something malicious as a Name or a Nature and you echo that back to the screen un-filtered, who knows what might happen? Hence the function that you should use thusly:
    PHP Code:
    $Name html_ready($_POST['Name']); 
    Do this for each var that you get from the user before sending it back out.

    ****
    Actually - I see now that you build the $body var but you are only using it for the body of the email and I guess you can ignore what I said in this particular instance. BUT - it is good knowledge to save for a future effort. Don't echo out unpredictable data (ie, user-provided) to the client.
    JG
    PS - If you're posting here you should be using:

    error_reporting(E_ALL | E_NOTICE);
    ini_set('display_errors', '1');


    at the top of ALL php code while you develop it!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles