Form Processor issues

[rlhanson]

lol - John-Marc, I know just enough to be dangerous and learn every step of the way.
I have the error reporting on so I can see if there are issues. I tried to replace the code like you guys recommended, then I got an "unexpected "{" on line 2 (of this example):

1 if (strlen($_POST['first_name'])
2 {
3 header("Location: error.php");
4 exit;
}

Thank you for your help - I've only been dealing with php since December and I just get completely lost at times. (Been trying to read "php and mysql for dummies", and then "php bible" - what a read that is! lol

[rlhanson]

btw - I did do: if (strlen($_POST['first_name'] <1)

[jmarcv]

Looks like I had a typo. Firefox was munching it.

the bottom line on this is as D pointed out, $first_name becomes $_POST['first_name']
$last_name becomes $_POST['last_name']

So if you look at your revised, in which you correctly added <1, you will see that the original has a ) that is missing.
They should always be in pairs, those parantheses. So we have 2 ( and then only 1 ) so when php gets to the { it says 'wait a minute....'
Hence, "unexpected {" because it expects a ) first.

so, this is what you want:

PHP Code:

if (strlen($_POST['first_name']) <1) 


[rlhanson]

Thank you so-o-o-o much! Especially for explaining it in basic terms for me!
This was a big issue for me as I have multiple client's sites which are all using this form processor!
You've just gained "hero status" in my book!

[rlhanson]

John-Marc -
Is there a way to strip html/script tags from the comments section of the form? My customers are getting links to porn sites, etc.

Thanks in advance!

[Matt]

Why not use Captcha or a simple random math equation to verify it is a human filling out the form?

[rlhanson]

Can you elaborate please?

[Matt]

If you log out of this forum, and try to post a reply to this thread or create a new one, there will be a CAPTCHA code (image verification) that you need to type in. If you log back in, there is no CAPTCHA requirement.

It keeps the pesky bots off of these boards so they cannot post viagra ads on them.

The other human verification system uses a function like bcmath and generates a random simply math problem as one of the field inputs, like:

What is 2+1 ?

The user would put in "3" in the field and if they put in any other answer, the form would not submit.

CAPTCHA and PHP

Personally, I am not a fan of Captcha (though it works very well) because 9 out of 10 times it is illegible even for a human being. There are also some accessibility problems. So you might search for:

CAPTCHA alternatives

[jmarcv]

Matts method works. For a 'quickie' heres what you asked for //Format Email $message=strip_tags($_POST['message']); http://us3.php.net/manual/en/function.strip-tags.php

[rlhanson]

Thank you to John-Marc, Matt, and Dmitri!
Just wanted to post the working form processor script in case someone else needs one....

PHP Code:

<?php
/**
* Form Processing Script
* Version 0.1a
* @DATE November 29, 2006
* @author       Genesis Font 
* @copyright    2006 prolinuxwebhosting.com
* Form must have the following hidden fields: recipient (should be the email address that will receive the emailed message) and redirect (full url including http:// to the thankyou page)
*/
 
$datetime = date("l dS of F Y H:i:s");
$message  = "On $datetime\n";
$message .= "<br />Here are the details of the form submission:\n";
while (list($key, $val) = each($_POST)) {
 if ($key == 'redirect') {
     $redirect = $val;
    }
    if ($key == 'recipient') {
  $to  = $val;
    }
 if (($key != 'redirect') and ($key != 'recipient')) {
  $val = trim($val);
  $message .= "<br />$key: $val\n";
 }
}
 
 // echo "$key: $val<br />";//debugging info
    $lcval = strtolower($val);
 $pos = strpos($lcval,"http://");         
 
//Genesis' code//
$ServerName = $_SERVER["HTTP_HOST"];
$message .= "<br /> Site: $ServerName \n";
$visitorip     = $_SERVER['REMOTE_ADDR'] ;
$message .= "<br /> IP: $visitorip \n";
 
//validation for fields included in form
//Visitor Name
if (strlen($_POST['full_name']) <1)  
{
header("Location: error.php");
exit;
}
if (strlen($_POST['full_name']) >75)  
{
header("Location: error.php");
exit;
}
//Visitor E-Mail
if (! ereg('[A-Za-z0-9_-]+\@[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+', $_POST['vis_email']))
{
header("Location: error.php");
exit;
}
if (strlen($_POST['vis_email']) == 0 )
{
header("Location: error.php");
exit;
}
//Not allowing <tags>
if ( ereg('[<>]', $_POST['comment']))
{
header("Location: error2.php");
exit;
}
//end validation
 
 
//Format Email
$email    = $to;
$vis_email = $_POST['vis_email'] ;
$subject  = "Form Submission from Yaolag Site";
$headers  = "From: $vis_email\r\n";
$headers .= "Content-type: text/html\r\n";
//Send Email
mail($to,$subject,$message,$headers);
//redirect
header("Location: $redirect");
 
?>

Form Information required:

HTML Code:

<form id="form1" name="form1" method="post" action="formprocessor1.php">
<INPUT TYPE="hidden" NAME="redirect" VALUE="http://www.yoursite.com/thankyou.php">
<INPUT TYPE="hidden" NAME="recipient" VALUE="email address of recipient">