SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    SitePoint Zealot
    Join Date
    Nov 2002
    Posts
    142
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Form Modification for register_globals OFF

    This script worked fine on my server, but then I realized register_globals was ON. Now, I'm trying it on a different server with globals OFF. It's my fault for not double-checking first.

    Now when I try to run it on the globals OFF server, the form does not get processed at all. No error checking or mailing of the form. What else do I need to change?

    PHP Code:
    <?php
      
    function check_len(&$check$field, &$err_field$err="")
    {
      if (
    strlen($field) == "")
      {
         if (
    $err == "")
         {
           
    $err $msg->err_maxlen($max);
         }
         
    $err_field $err;
         if (
    $check==true$check false;
      }
    }

    function 
    check_mail(&$check$fld, &$error_field$invalidchars=""$blanks="")
    {
       global 
    $msg;
       
    $expr "^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$";
       
    //echo "expr=" . $expr . "<br>";
       
    if ((!$fld) || ($fld=="") || (!eregi($expr,$fld)))
       {
         if (
    $invalidchars "")
         {
          
    $error_field $invalidchars "<br>\n";
         } else {
          
    $error_field "invalid characters<br>\n";
         }
         if (
    $check==true$check =false;
       }
       if (
    strrpos($fld,' ') > 0)
       {
         if (
    $blanks "")
         {
          
    $error_field $blanks "<br>\n";
         } else {
          
    $error_field "blanks in e-mail<br>\n";
         }
         if (
    $check==true$check =false;
       }
    }
    if (empty(
    $_POST['name'])) $_POST['name']="";
    if (empty(
    $err_name)) $err_name="&nbsp;";
    if (empty(
    $_POST['email'])) $_POST['email']="";
    if (empty(
    $err_email)) $err_email="&nbsp;";
    if (empty(
    $_POST['subject'])) $_POST['subject']="";
    if (empty(
    $err_subject)) $err_subject="&nbsp;";
    if (empty(
    $_POST['message'])) $_POST['message']="";
    if (empty(
    $err_message)) $err_message="&nbsp;";
    $checked true;
    if (isset(
    $submit_x))
    {
      
    check_len($checked$_POST['name'],$err_name,"You did not specify your name.");
      
    check_mail($checked$_POST['email'], $err_email,"The e-mail contains invalid characters or is incomplete.""The e-mail contains blank spaces.");
      
    check_len($checked$_POST['subject'],$err_subject,"You did not specify the subject of your message.");
      
    check_len($checked$_POST['message'],$err_message,"You did not write a message.");
    }
    if ( empty(
    $submit_x) or (!$checked) )
    {
    ?>
       Here is the form where you can contact me about whatever you feel like (within reason). Why do I not put my e-mail address? Simple: protection from e-mail harvester bots that can get my e-mail addy and bombard me with spam. Anyways, fields marked with a <span class="boldred">*</span> are required.<br><br>
         <table width="100%" cellpadding="2" cellspacing="0">  
         <form action="/contact.php" method="post">
       <tr>
       <td align="left">&nbsp;</td>
       <td align="left"><span class="boldred"><?php echo $err_name ?></span></td>
       </tr>
       <tr>
          <td align="right"><span class="boldred">*</span>Your Name:</td>
          <td align="left"><input type="text" name="name" class="notbutton" value="<?php echo $_POST['name'?>" /></td>
       </tr>
       <tr>
       <td align="left">&nbsp;</td>
       <td align="left"><span class="boldred"><?php echo $err_email ?></span></td>
       </tr>
       <tr>
          <td align="right"><span class="boldred">*</span>Your E-Mail Address:</td>
          <td align="left"><input type="text" name="email" class="notbutton" value="<?php echo $_POST['email'?>" /></td>
       </tr>
       <tr>
       <td align="left">&nbsp;</td>
       <td align="left"><span class="boldred"><?php echo $err_subject ?></span></td>
       </tr>
       <tr>
          <td align="right"><span class="boldred">*</span>Subject:</td>
          <td align="left"><input type="text" name="subject" class="notbutton" value="<?php echo $_POST['subject'?>" /></td>
       </tr>
       <tr>
       <td align="left">&nbsp;</td>
       <td align="left"><span class="boldred"><?php echo $err_message ?></span></td>
       </tr>
       <tr>
          <td align="right"><span class="boldred">*</span>Message:</td>
          <td align="left"><textarea name="message" class="notbutton" cols="50" rows="10"><?php echo $_POST['message'?></textarea></td>
       </tr>
       <tr>
          <td colspan="2" align="center"><input type="image" name="submit" src="/images/submit.png" alt="Submit" />&nbsp;<a href="javascript:document.forms[0].reset()"><img src="/images/reset.png" border="0" alt="Reset" /></a>
    <br /><br /></td>
       </tr>
      </form> 
      </table>
      Now don't be sad if I don't respond quickly. I'll respond if and when I feel like it. Usually, that'll be about 24-48 hours after I receive your e-mail.
    <?php
      
    }
    if (isset(
    $submit_x) and ($checked) ) {
      
    $sender stripslashes($_POST['name']);
      
    $_POST['subject'] = stripslashes($_POST['subject']);
      
    $_POST['message'] = stripslashes($_POST['message']);
      
    $mailheaders .= "From: $name <$email>\n";
      
    $mailheaders .= "X-Sender: <$email>\n"
      
    $mailheaders .= "X-Mailer: PHP Form from TheBigTymer.Com\n";
      
    $mailheaders .= "Reply-To: $email\n";
      
    $mailheaders .= "Return-Path: <$email>";
      
    mail("EMAIL GOES HERE",$subject,$message,$mailheaders);
    ?>
      <?php
       
    echo "Thank You, $sender!<br />";
          echo 
    "Your message has been sent.<br />";
          echo 
    "Expect a reply from The BigTymer sometime soon.<br>Now go somewhere else!";
         
    ?>
    <?php
    }
    ?>

  2. #2
    La la la la la bronze trophy lieut_data's Avatar
    Join Date
    Jun 2003
    Location
    Waterloo, ON
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I don't see anywhere where $submit_x is actually set to anything, thus resulting in a failed isset($submit_x)
    My name is Steve, and I'm a super-villian.

  3. #3
    SitePoint Zealot
    Join Date
    Nov 2002
    Posts
    142
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    submit_x is a variable that is set when you use an image to submit.

    As I said, this works fine on my server, but not on a server where register_globals are OFF.

  4. #4
    La la la la la bronze trophy lieut_data's Avatar
    Join Date
    Jun 2003
    Location
    Waterloo, ON
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Exactly, this must be set -- you will need to grab it using $_POST['submit_x'] like all the other variables
    My name is Steve, and I'm a super-villian.

  5. #5
    public static void brain Gybbyl's Avatar
    Join Date
    Jun 2002
    Location
    Montana, USA
    Posts
    647
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok -- question. If you have register globals ON, can you still access shizzle with superglobals? I think I remember that you can't, and I remember rememnering that it was the stupidest thing I had ever encountered.

    Confirmation?
    Ryan

  6. #6
    SitePoint Addict Viral's Avatar
    Join Date
    Nov 2001
    Location
    Washington DC
    Posts
    294
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    From my test with register_globals=ON, I found this:

    print $_POST['formfield]; <-- works
    print "this is $_POST['formfield']"; <-- does NOT work
    print_r($_POST['formfield']); <-- works

    So they work, but they're treated like an array(duh) instead of a variable. So as long as your set them back, like $var = $_POST['formfield']; that should work fine, even with globals ON (for testing, I'm assuming, as your migrate code)

    --Viral
    A computer without Windows is like a chocolate cake without mustard.

  7. #7
    SitePoint Enthusiast rev909's Avatar
    Join Date
    Mar 2002
    Location
    Romania
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Viral
    print "this is $_POST['formfield']"; <-- does NOT work
    print "this is {$_POST['formfield']}"; <-- Works!
    Hehe I learned something on the forums today.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •