Hello! I’m trying to fix this contact form that someone else built, it sends the email but with no field data. Any help would be appreciated.
Here is the HTML
<script type="text/javascript">
//<![CDATA[
var nReset=0;
function Reset(){
var obj = new Object;
obj = document.getElementById('name');
obj.value = 'Name';
obj = document.getElementById('phone');
obj.value = 'Phone';
obj = document.getElementById('email');
obj.value = 'E-Mail';
obj = document.getElementById('message');
obj.value = 'Type message here';
}
//]]>
</script>
<form name="contact" method="post" action="php/sendemail.php" onSubmit="if(nReset==1) return false; else return formCheck(this,fieldRequired1,selFld1);">
<input type="hidden" name="refpage" value="index.html" />
<input type="hidden" name="form_avar" value="name,email" />
<input type="hidden" name="form_amsg" value="'Your Name','Your Email Address'" />
<input type="hidden" name="form_aval" value="'Name','E-Mail'" />
<input type="hidden" name="form_aftp" value="'','E'" />
<script type="text/javascript">
//<![CDATA[
<!-- // Array = ['field Name', 'field Label', 'field Empty value', 'field Type'] - for field Type = N - numeric, E - email address, P - phone format (XXX) XXX - XXXXX / XXX - XXX.XXXX, D -date
myString = new String()
myString = document.contact.form_avar.value;
aStringA = myString.split(",")
myString = document.contact.form_amsg.value;
aStringB = myString.split(",")
myString = document.contact.form_aval.value;
aStringC = myString.split(",")
myString = document.contact.form_aftp.value;
aStringD = myString.split(",")
for(n=0; n<aStringA.length; n++){
cEval = "fieldRequired1.push(['"+aStringA[n]+"',"+aStringB[n]+","+aStringC[n]+","+aStringD[n]+"]);";
eval(cEval);
}
-->
//]]>
</script>
<table width="176" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="left" valign="top"><img src="images/quick-text.gif" alt="quick contact" width="118" height="12" /></td>
</tr>
<tr>
<td align="center" valign="top" class="body_text"><!-- starterr --> <!-- stoperr --></td>
</tr>
<tr>
<td align="left" valign="top"><label>
<input name="name" id="name" type="text" class="inputArea" onFocus="if(this.value=='Name')this.value='';" onBlur="if(this.value=='')this.value='Name';" value="Name" />
</label></td>
</tr>
<tr>
<td height="12" align="left" valign="top"></td>
</tr>
<tr>
<td align="left" valign="top"><input name="phone" id="phone" type="text" class="inputArea" onFocus="if(this.value=='Phone')this.value='';" onBlur="if(this.value=='')this.value='Phone';" value="Phone" /></td>
</tr>
<tr>
<td height="12" align="left" valign="top"></td>
</tr>
<tr>
<td align="left" valign="top"><input name="email" id="email" type="text" class="inputArea" onFocus="if(this.value=='E-Mail')this.value='';" onBlur="if(this.value=='')this.value='E-Mail';" value="E-Mail" /></td>
</tr>
<tr>
<td height="12" align="left" valign="top"></td>
</tr>
<tr>
<td align="left" valign="top"><label>
<textarea name="message" id="message" wrap="virtual" class="messageArea" onFocus="if(this.value=='Type message here')this.value='';" onBlur="if(this.value=='')this.value='Type message here';" value="Type message here">
Type message here
</textarea>
</label></td>
</tr>
<tr>
<td height="8" align="left" valign="top"></td>
</tr>
<tr>
<td align="left" valign="top"><table border="0" cellspacing="0" cellpadding="2">
<tr>
<td align="left" valign="middle"><input type="image" src="images/send-btn.gif" alt="send" width="44" height="23" border="0" onClick="nReset=0;" /></td>
<td align="left" valign="middle"><script type="text/javascript">
//<![CDATA[
<!--//
document.write('<input type="image" src="images/reset-btn.gif" alt="reset" width="50" height="23" border="0" onClick="nReset=1; Reset();"/>');
//-->
//]]>
</script></td>
</tr>
</table>
</form>
Here is the sendemail.php
<?php
$refpage = $_REQUEST['refpage'];
$baseURL = 'http://www.PharmapexUSA.com';
// E R R O R C H E C K --------------------------------------------------------------------------------------------
if(isset($_POST['form_avar']) && isset($_POST['form_amsg']) && isset($_POST['form_aval']) && isset($_POST['form_aftp'])){
$cErr = '';
$nNr=0;
$aVar=explode(",", $_POST['form_avar']);
$aMsg=explode(",", $_POST['form_amsg']);
$aVal=explode(",", $_POST['form_aval']);
$aFtp=explode(",", $_POST['form_aftp']);
foreach($aVar as $var){
$val = stripslashes($aVal[$nNr]);
if($val=="'".trim($_POST[$var])."'"){
$cErr = '1';
} else {
$ftp = stripslashes($aFtp[$nNr]);
if(strpos(' '.$ftp,'E')>0){
if(!eregi ("^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\\.[a-z]{2,6}$", trim($_POST[$var]))){
$cErr = '2';
$cFld = $var;
}
}
}
$nNr+=1;
}
if($cErr!=''){
$cVal = '';
include_once('cookie.php');
sess_start("../temp/","");
foreach (array("_POST") as $source) {
foreach (${$source} as $idx => $value) {
sess_register($idx);
$idx = $value;
}
}
// Permanent redirection
sess_register('cErr');
sess_register('cFld');
sess_register('baseurl');
$baseurl=$baseURL;
sess_register('refpage');
sess_close();
$eChar = md5(rand(0,32000) . time() . rand(0,32000));
$cVal = "k=".substr($eChar,0,8).$MYSID;
header("HTTP/1.1 301 Moved Permanently");
header("Location: ../emailerror.php?".$cVal);
exit;
}
}
// ------------------------------------------------------------------------------------------------------------------------
get_form_data();
// ------------------------------------------------------------------------------------------------------------------------
$body="";
$mailform_to = "myemail@gmail.com";
$mailform_to = myemail@gmail.com";
$subject = "Pharmapex.com - Contact Form";
if($refpage == 'contact.html')
$body= $body . "Name: $name\
" . "Title: $title\
" . "Company: $company\
" . "Country: $country\
" . "Email: $email\
" . "Phone: $phone\
\
" . "Comments: $message\
";
else
$body= $body . "Name: $name\
" . "Phone: $phone\
" . "Email: $email\
\
" . "Message: $message\
";
$nSend = mail($mailform_to, $subject, $body, "From:" . $email);
echo $nSend;
if($nSend==1)
header("Location: ../thankyou.php?r=".$refpage);
else
header("Location: ../thankyou.php?e=".$refpage);
?>
<?
//-----------------------------------------------------------------------------------------------------------------------------
function get_form_data(){
global $REQUEST_METHOD;
global $HTTP_POST_VARS;
global $HTTP_GET_VARS;
//strip spaces from all fields
$vars = ($REQUEST_METHOD == 'GET') ? $_GET : $_POST;
foreach ($vars as $k=>$value){
input_check_mailinj($value);
}
}
function input_check_mailinj($value)
{
# mail adress(ess) for reports...
$report_to = "myemail@gmail.com";
# array holding strings to check...
$suspicious_str = array
(
"content-type:"
,"charset="
,"mime-version:"
,"multipart/mixed"
,"bcc:"
,"cc:"
);
// remove added slashes from $value...
$value = stripslashes($value);
foreach($suspicious_str as $suspect)
{
# checks if $value contains $suspect...
if(eregi($suspect, strtolower($value)))
{
$ip = (empty($_SERVER['REMOTE_ADDR'])) ? 'empty' : $_SERVER['REMOTE_ADDR']; // replace this with your own get_ip function...
$rf = (empty($_SERVER['HTTP_REFERER'])) ? 'empty' : $_SERVER['HTTP_REFERER'];
$ua = (empty($_SERVER['HTTP_USER_AGENT'])) ? 'empty' : $_SERVER['HTTP_USER_AGENT'];
$ru = (empty($_SERVER['REQUEST_URI'])) ? 'empty' : $_SERVER['REQUEST_URI'];
$rm = (empty($_SERVER['REQUEST_METHOD'])) ? 'empty' : $_SERVER['REQUEST_METHOD'];
# if so, file a report...
if(isset($report_to) && !empty($report_to))
{
@mail
(
$report_to
,"[ABUSE] mailinjection @ " . $_SERVER['HTTP_HOST'] . " by " . $ip
,"Stopped possible mail-injection @ " . $_SERVER['HTTP_HOST'] . " by " . $ip . " (" . date('d/m/Y H:i:s') . ")\\r\
\\r\
" .
"*** IP/HOST\\r\
" . $ip . "\\r\
\\r\
" .
"*** USER AGENT\\r\
" . $ua . "\\r\
\\r\
" .
"*** REFERER\\r\
" . $rf . "\\r\
\\r\
" .
"*** REQUEST URI\\r\
" . $ru . "\\r\
\\r\
" .
"*** REQUEST METHOD\\r\
" . $rm . "\\r\
\\r\
" .
"*** SUSPECT\\r\
--\\r\
" . $value . "\\r\
--"
);
}
# ... and kill the script.
die
(
'Script processing cancelled: string (`<em>'.$value.'</em>`) contains text portions that are ' .
'potentially harmful to this server. <em>Your input has not been sent!</em> Please use your ' .
'browser\\'s `back`-button to return to the previous page and try refrasing your input.</p>'
);
}
}
}
//-----------------------------------------------------------------------------------------------------------------------------