novice needs help with forms

**rickarooni** · Jul 12, 2007, 21:52

I'm using Jack's Formmail.php to process simple forms and the hidden input that is supposed to redirect the user to another page after submission is not working. Instead the php script checks for that and if redirect isn't set up or doesn't work it sends user to a blank page with a simple message at the top. Here's that part of the script:

// if the redirect option is set: redirect them
if ($redirect) {
header("Location: $redirect");
exit;
} else {
echo "Thank you for your submission\n";
echo " \n";
echo "This form is powered by <a href=\"http://www.dtheatre.com/scripts/\">Jack's Formmail.php ".VERSION."!</a>\n\n";
exit;
}

So I always get sent to the page with "Thank you for your submission." at the top.

My question is: since redirect isn't working in the html forms, and I really want to take the user to a particular page in the site, can I just change this script to send the user to a page of my choice? Is there a way to make the script send the user to a particular page?

Any help greatly appreciated.
Rick

**Raju Gautam** · Jul 12, 2007, 22:33

It would be easier to tell if you post the full code here even your form code. Otherwise your code above seems to be fine and working. That means your variable $redirect is always set above.

**rickarooni** · Jul 13, 2007, 06:54

Thanks for your response. Everything about the form seems to be working except the redirect. Below is the html, then the js validation in the html header, then the php. Thanks for taking a look at it.
rick

HTML (HIDDEN FIELDS):
<form method="post" enctype="multipart/form-data" action="formmail/forms2.php">
<input type="hidden" name="MAX_FILE_SIZE" value="1000000">
<input type="hidden" name="redirect" value="http://hbhsystems.com/to/index.html">

AND THE JS FUNCTION TO VALIDATE:
<script type="text/javascript">

</script>

HERE IS THE PHP SCRIPT (the redirect part is at the end of the script):
<?
// for ultimate security, use this instead of using the form
$recipient = "rick@austinwebmedia.com"; // youremail@domain.com

// bcc emails (separate multiples with commas (,))
$bcc = "";

// referers.. domains/ips that you will allow forms to
// reside on.
$referers = array ('www.hbhsystems.com');

// banned emails, these will be email addresses of people
// who are blocked from using the script (requested)
//$banlist = array ('*@somedomain.com', 'user@domain.com', 'etc@domains.com');

// field / value seperator
define("SEPARATOR", ($separator)?$separator:": ");

// content newline
define("NEWLINE", ($newline)?$newline:"\n");

// formmail version (for debugging mostly)
define("VERSION", "5.0");

// our mighty error function..
function print_error($reason,$type = 0) {
build_body($title, $bgcolor, $text_color, $link_color, $vlink_color, $alink_color, $style_sheet);
// for missing required data
if ($type == "missing") {
if ($missing_field_redirect) {
header("Location: $missing_field_redirect?error=$reason");
exit;
} else {
?>
The form was not submitted for the following reasons

p>
<ul><?
echo $reason."\n";
?></ul>
Please use your browser's back button to return to the form and try again.<?
}
} else { // every other error
?>
The form was not submitted because of the following reasons

p>
<?
}
echo " \n";
// echo "T <a href=\"http://www.dtheatre.com/scripts/\"> ""</a>\n\n";
exit;
}

// function to check the banlist
// suggested by a whole lot of people.. Thanks
function check_banlist($banlist, $email) {
if (count($banlist)) {
$allow = true;
foreach($banlist as $banned) {
$temp = explode("@", $banned);
if ($temp[0] == "*") {
$temp2 = explode("@", $email);
if (trim(strtolower($temp2[1])) == trim(strtolower($temp[1])))
$allow = false;
} else {
if (trim(strtolower($email)) == trim(strtolower($banned)))
$allow = false;
}
}
}
if (!$allow) {
print_error("You are using from a banned email address.");
}
}

// function to check the referer for security reasons.
// contributed by some one who's name got lost.. Thanks
// goes out to him any way.
function check_referer($referers) {
if (count($referers)) {
$found = false;

$temp = explode("/",getenv("HTTP_REFERER"));
$referer = $temp[2];

if ($referer=="") {$referer = $_SERVER['HTTP_REFERER'];
list($remove,$stuff)=split('//',$referer,2);
list($home,$stuff)=split('/',$stuff,2);
$referer = $home;
}

for ($x=0; $x < count($referers); $x++) {
if (eregi ($referers[$x], $referer)) {
$found = true;
}
}
if ($referer =="")
$found = false;
if (!$found){
print_error("You are coming from an unauthorized domain.");
error_log("[FormMail.php] Illegal Referer. (".getenv("HTTP_REFERER").")", 0);
}
return $found;
} else {
return true; // not a good idea, if empty, it will allow it.
}
}
if ($referers)
check_referer($referers);

if ($banlist)
check_banlist($banlist, $email);

// This function takes the sorts, excludes certain keys and
// makes a pretty content string.
function parse_form($array, $sort = "") {
// build reserved keyword array
$reserved_keys[] = "MAX_FILE_SIZE";
$reserved_keys[] = "required";
$reserved_keys[] = "redirect";
$reserved_keys[] = "require";
$reserved_keys[] = "path_to_file";
$reserved_keys[] = "recipient";
$reserved_keys[] = "subject";
$reserved_keys[] = "sort";
$reserved_keys[] = "style_sheet";
$reserved_keys[] = "bgcolor";
$reserved_keys[] = "text_color";
$reserved_keys[] = "link_color";
$reserved_keys[] = "vlink_color";
$reserved_keys[] = "alink_color";
$reserved_keys[] = "title";
$reserved_keys[] = "missing_fields_redirect";
$reserved_keys[] = "env_report";
$reserved_keys[] = "submit";
if (count($array)) {
if (is_array($sort)) {
foreach ($sort as $field) {
$reserved_violation = 0;
for ($ri=0; $ri<count($reserved_keys); $ri++)
if ($array[$field] == $reserved_keys[$ri]) $reserved_violation = 1;

if ($reserved_violation != 1) {
if (is_array($array[$field])) {
for ($z=0;$z<count($array[$field]);$z++)
$content .= $field.SEPARATOR.$array[$field][$z].NEWLINE;
} else
$content .= $field.SEPARATOR.$array[$field].NEWLINE;
}
}
}
while (list($key, $val) = each($array)) {
$reserved_violation = 0;
for ($ri=0; $ri<count($reserved_keys); $ri++)
if ($key == $reserved_keys[$ri]) $reserved_violation = 1;

for ($ri=0; $ri<count($sort); $ri++)
if ($key == $sort[$ri]) $reserved_violation = 1;

// prepare content
if ($reserved_violation != 1) {
if (is_array($val)) {
for ($z=0;$z<count($val);$z++)
$content .= $key.SEPARATOR.$val[$z].NEWLINE;
} else
$content .= $key.SEPARATOR.$val.NEWLINE;
}
}
}
return $content;
}

// mail the content we figure out in the following steps
function mail_it($content, $subject, $email, $recipient) {
global $attachment_chunk, $attachment_name, $attachment_type, $attachment_sent, $bcc;

$ob = "----=_OuterBoundary_000";
$ib = "----=_InnerBoundery_001";

$headers = "MIME-Version: 1.0\r\n";
$headers .= "From: ".$email."\n";
$headers .= "To: ".$recipient."\n";
$headers .= "Reply-To: ".$email."\n";
if ($bcc) $headers .= "Bcc: ".$bcc."\n";
//$headers .= "X-Priority: 1\n";
$headers .= "X-Mailer: DT Formmail".VERSION."\n";
$headers .= "Content-Type: multipart/mixed;\n\tboundary=\"".$ob."\"\n";

$message = "This is a multi-part message in MIME format.\n";
$message .= "\n--".$ob."\n";
$message .= "Content-Type: multipart/alternative;\n\tboundary=\"".$ib."\"\n\n";
$message .= "\n--".$ib."\n";
$message .= "Content-Type: text/plain;\n\tcharset=\"iso-8859-1\"\n";
$message .= "Content-Transfer-Encoding: quoted-printable\n\n";
$message .= $content."\n\n";
$message .= "\n--".$ib."--\n";
if ($attachment_name && !$attachment_sent) {
$message .= "\n--".$ob."\n";
$message .= "Content-Type: $attachment_type;\n\tname=\"".$attachment_name."\"\n";
$message .= "Content-Transfer-Encoding: base64\n";
$message .= "Content-Disposition: attachment;\n\tfilename=\"".$attachment_name."\"\n\n";
$message .= $attachment_chunk;
$message .= "\n\n";
$attachment_sent = 1;
}
$message .= "\n--".$ob."--\n";

mail($recipient, $subject, $message, $headers);
}

// take in the body building arguments and build the body tag for page display
function build_body($title, $bgcolor, $text_color, $link_color, $vlink_color, $alink_color, $style_sheet) {
if ($style_sheet)
echo "<LINK rel=STYLESHEET href=\"$style_sheet\" Type=\"text/css\">\n";
if ($title)
echo "<title>$title</title>\n";
if (!$bgcolor)
$bgcolor = "#FFFFFF";
if (!$text_color)
$text_color = "#000000";
if (!$link_color)
$link_color = "#0000FF";
if (!$vlink_color)
$vlink_color = "#FF0000";
if (!$alink_color)
$alink_color = "#000088";
if ($background)
$background = "background=\"$background\"";
echo "<body bgcolor=\"$bgcolor\" text=\"$text_color\" link=\"$link_color\" vlink=\"$vlink_color\" alink=\"$alink_color\" $background>\n\n";
}

// check for a recipient email address and check the validity of it
// Thanks to Bradley miller (bradmiller@accesszone.com) for pointing
// out the need for multiple recipient checking and providing the code.
$recipient_in = split(',',$recipient);
for ($i=0;$i<count($recipient_in);$i++) {
$recipient_to_test = trim($recipient_in[$i]);
if (!eregi("^[_\\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\\.)+[a-z]{2,6}$", $recipient_to_test)) {
print_error("I NEED VALID RECIPIENT EMAIL ADDRESS ($recipient_to_test) TO CONTINUE");
}
}

// This is because I originally had it require but too many people
// were used to Matt's Formmail.pl which used required instead.
//if ($required)
// $require = $required;
// handle the required fields
//if ($require) {
// seperate at the commas
// $require = ereg_replace( " +", "", $require);
// $required = split(",",$require);
// for ($i=0;$i<count($required);$i++) {
// $string = trim($required[$i]);
// check if they exsist
// if((!(${$string})) || (!(${$string}))) {
// if the missing_fields_redirect option is on: redirect them
// if ($missing_fields_redirect) {
// header ("Location: $missing_fields_redirect");
// exit;
// }
// $require;
// $missing_field_list .= "Missing: $required[$i] \n";
// }
// }
// send error to our mighty error function
// if ($missing_field_list)
// print_error($missing_field_list,"missing");
//}

// check the email fields for validity
//if (($email) || ($EMAIL)) {
// $email = trim($email);
// if ($EMAIL) $email = trim($EMAIL);
// if (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,6}$", $email))
// print_error("your email address is invalid");
// $EMAIL = $email;
//}

// check zipcodes for validity
//if (($ZIP_CODE) || ($zip_code)) {
// $zip_code = trim($zip_code);
// if ($ZIP_CODE) $zip_code = trim($ZIP_CODE);
// if (!ereg("(^[0-9]{5})-([0-9]{4}$)", trim($zip_code)) && (!ereg("^[a-zA-Z][0-9][a-zA-Z][[:space:]][0-9][a-zA-Z][0-9]$", trim($zip_code))) && (!ereg("(^[0-9]{5})", trim($zip_code))))
// print_error("your zip/postal code is invalid");
//}

// check phone for validity
//if (($PHONE_NO) || ($phone_no)) {
// $phone_no = trim($phone_no);
// if ($PHONE_NO) $phone_no = trim($PHONE_NO);
// if (!ereg("(^(.*)[0-9]{3})(.*)([0-9]{3})(.*)([0-9]{4}$)", $phone_no))
// print_error("your phone number is invalid");
//}

// check phone for validity
//if (($FAX_NO) || ($fax_no)) {
// $fax_no = trim($fax_no);
// if ($FAX_NO) $fax_no = trim($FAX_NO);
// if (!ereg("(^(.*)[0-9]{3})(.*)([0-9]{3})(.*)([0-9]{4}$)", $fax_no))
// print_error("your fax number is invalid");
//}

// sort alphabetic or prepare an order
if ($sort == "alphabetic") {
uksort($HTTP_POST_VARS, "strnatcasecmp");
} elseif ((ereg('^order:.*,.*', $sort)) && ($list = explode(',', ereg_replace('^order:', '', $sort)))) {
$sort = $list;
}

// prepare the content
$content = parse_form($HTTP_POST_VARS, $sort);

// check for an attachment if there is a file upload it
if ($attachment_name) {
if ($attachment_size > 0) {
if (!$attachment_type) $attachment_type = "application/unknown";
$content .= "Attached File: ".$attachment_name."\n";
$fp = fopen($attachment, "r");
$attachment_chunk = fread($fp, filesize($attachment));
$attachment_chunk = base64_encode($attachment_chunk);
$attachment_chunk = chunk_split($attachment_chunk);
}
}

// check for a file if there is a file upload it
if ($file_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$file_name;
if (file_exists($path_to_file.$file_name))
$location = $path_to_file.rand(1000,3000).".".$file_name;
copy($file,$location);
unlink($file);
$content .= "Uploaded File: ".$location."\n";
}
}

// second file (see manual for instructions on how to add more.)
if ($file2_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$file2_name;
if (file_exists($path_to_file.$file2_name))
$location = $path_to_file.rand(1000,3000).".".$file2_name;
copy($file2,$location);
unlink($file2);
$content .= "Uploaded File: ".$location."\n";
}
}

// if the env_report option is on: get eviromental variables
if ($env_report) {
$env_report = ereg_replace( " +", "", $env_report);
$env_reports = split(",",$env_report);
$content .= "\n------ eviromental variables ------\n";
for ($i=0;$i<count($env_reports);$i++) {
$string = trim($env_reports[$i]);
if ($env_reports[$i] == "REMOTE_HOST")
$content .= "REMOTE HOST: ".$REMOTE_HOST."\n";
if ($env_reports[$i] == "REMOTE_USER")
$content .= "REMOTE USER: ". $REMOTE_USER."\n";
if ($env_reports[$i] == "REMOTE_ADDR")
$content .= "REMOTE ADDR: ". $REMOTE_ADDR."\n";
if ($env_reports[$i] == "HTTP_USER_AGENT")
$content .= "BROWSER: ". $HTTP_USER_AGENT."\n";
}
}

// send it off
mail_it(stripslashes($content), ($subject)?stripslashes($subject):"Form Submission", $email, $recipient);
if (file_exists($ar_file)) {
$fd = fopen($ar_file, "rb");
$ar_message = fread($fd, filesize($ar_file));
fclose($fd);
mail_it($ar_message, ($ar_subject)?stripslashes($ar_subject):"RE: HBH Web Form Submission", ($ar_from)?$ar_from:$recipient, $email);
}

// if the redirect option is set: redirect them
if ($redirect) {
header("Location: $redirect");
exit;
} else {
echo "Thank you for your submission\n";
echo " \n";
echo "This form is powered by <a href=\"http://www.dtheatre.com/scripts/\">Jack's Formmail.php ".VERSION."!</a>\n\n";
exit;
}

// <---------- THE END ----------> //

User Tag List

Thread: novice needs help with forms

Thread Tools

Display

novice needs help with forms

Bookmarks

Bookmarks

Posting Permissions