Could someone please help me. I am a newbie at PHP. I downloaded formail.php
Version 5.0 from Jacks scripts( http://www.dtheatre.com/scripts/ )and
changed the required areas to my email address and the domain server
address. (these changes were in the $recipient and $referers section)
I have set up the form and can get the form to email me the results.
I have two main problems.
The first one is that I am trying to get the form to go to a page that I
created "thankyou.h tm" once the user presses the submit button. At the
moment it goes to the success default page. I have put a redirect in the
html code but it doesn't seem to get recognised.
The second problem I have is that if a user fails to put any of the required
fields in the form still goes to the success default page.
I have listed my html code below or you can view it via
www.desthealth.com/maillist.htm
<FORM ACTION="formmai l.php" METHOD=POST name="maillist" id="maillist">
<input type=hidden name="recipient " value="te**@des thealth.com">
<input type=hidden name="subject" value="Mailing List">
<input type=hidden name="redirect"
value="http://desthealth/thankyou.htm">
<input type=hidden name="missing_f ields_redirect"
value="http://desthealth.com/error.htm">
<input type=text name="name">
<input name="required" type=hidden value="name,ema il,phone_no">
formail.php code
<?
/*
############### ############### ############### ############### ############### #
##
# PLEASE DO NOT REMOVE THIS HEADER!!!
#
# COPYRIGHT NOTICE
#
# FormMail.php v5.0
# Copyright 2000-2004 Ai Graphics and Joe Lumbroso (c) All rights reserved.
# Created 07/06/2000 Last Modified 10/28/2003
# Joseph Lumbroso, http://www.aigraphics.com, http://www.dtheatre.com
# http://www.dtheatre.com/scripts/
############### ############### ############### ############### ############### #
##
#
# This cannot and will not be inforced but I would appreciate a link back
# to any of these sites:
# http://www.dtheatre.com
# http://www.aigraphics.com
# http://www.dtheatre.com/scripts/
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY ,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT . IN NO EVENT SHALL
# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
#
############### ############### ############### ############### ############### #
##
*/
// for ultimate security, use this instead of using the form
$recipient = "yo*******@doma in.com"; // yo*******@domai n.com
// bcc emails (separate multiples with commas (,))
$bcc = "";
// referers.. domains/ips that you will allow forms to
// reside on.
$referers = array ('somedomain.co m','www.somedom ain.com','121.0 .0.111');
// banned emails, these will be email addresses of people
// who are blocked from using the script (requested)
$banlist = array ('*@somedomain. com', 'u***@domain.co m', 'e**@domains.co m');
// field / value seperator
define("SEPARAT OR", ($separator)?$s eparator:": ");
// content newline
define("NEWLINE ", ($newline)?$new line:"\n");
// formmail version (for debugging mostly)
define("VERSION ", "5.0");
// our mighty error function..
function print_error($re ason,$type = 0) {
build_body($tit le, $bgcolor, $text_color, $link_color, $vlink_color,
$alink_color, $style_sheet);
// for missing required data
if ($type == "missing") {
if ($missing_field _redirect) {
header("Locatio n: $missing_field_ redirect?error= $reason");
exit;
} else {
?>
The form was not submitted for the following reasons:<p>
<ul><?
echo $reason."\n";
?></ul>
Please use your browser's back button to return to the form and try
again.<?
}
} else { // every other error
?>
The form was not submitted because of the following reasons:<p>
<?
}
echo "<br><br>\n ";
echo "<small>Thi s form is powered by <a
href=\"http://www.dtheatre.co m/scripts/\">Jack's Formmail.php
".VERSION." </a></small>\n\n";
exit;
}
// function to check the banlist
// suggested by a whole lot of people.. Thanks
function check_banlist($ banlist, $email) {
if (count($banlist )) {
$allow = true;
foreach($banlis t as $banned) {
$temp = explode("@", $banned);
if ($temp[0] == "*") {
$temp2 = explode("@", $email);
if (trim(strtolowe r($temp2[1])) == trim(strtolower ($temp[1])))
$allow = false;
} else {
if (trim(strtolowe r($email)) == trim(strtolower ($banned)))
$allow = false;
}
}
}
if (!$allow) {
print_error("Yo u are using from a <b>banned email address.</b>");
}
}
// function to check the referer for security reasons.
// contributed by some one who's name got lost.. Thanks
// goes out to him any way.
function check_referer($ referers) {
if (count($referer s)) {
$found = false;
$temp = explode("/",getenv("HTTP_ REFERER"));
$referer = $temp[2];
if ($referer=="") {$referer = $_SERVER['HTTP_REFERER'];
list($remove,$s tuff)=split('//',$referer,2);
list($home,$stu ff)=split('/',$stuff,2);
$referer = $home;
}
for ($x=0; $x < count($referers ); $x++) {
if (eregi ($referers[$x], $referer)) {
$found = true;
}
}
if ($referer =="")
$found = false;
if (!$found){
print_error("Yo u are coming from an <b>unauthoriz ed domain.</b>");
error_log("[FormMail.php] Illegal Referer.
(".getenv("HTTP _REFERER").")", 0);
}
return $found;
} else {
return true; // not a good idea, if empty, it will allow it.
}
}
if ($referers)
check_referer($ referers);
if ($banlist)
check_banlist($ banlist, $email);
// This function takes the sorts, excludes certain keys and
// makes a pretty content string.
function parse_form($arr ay, $sort = "") {
// build reserved keyword array
$reserved_keys[] = "MAX_FILE_SIZE" ;
$reserved_keys[] = "required";
$reserved_keys[] = "redirect";
$reserved_keys[] = "require";
$reserved_keys[] = "path_to_fi le";
$reserved_keys[] = "recipient" ;
$reserved_keys[] = "subject";
$reserved_keys[] = "sort";
$reserved_keys[] = "style_shee t";
$reserved_keys[] = "bgcolor";
$reserved_keys[] = "text_color ";
$reserved_keys[] = "link_color ";
$reserved_keys[] = "vlink_colo r";
$reserved_keys[] = "alink_colo r";
$reserved_keys[] = "title";
$reserved_keys[] = "missing_fields _redirect";
$reserved_keys[] = "env_report ";
$reserved_keys[] = "submit";
if (count($array)) {
if (is_array($sort )) {
foreach ($sort as $field) {
$reserved_viola tion = 0;
for ($ri=0; $ri<count($rese rved_keys); $ri++)
if ($array[$field] == $reserved_keys[$ri])
$reserved_viola tion = 1;
if ($reserved_viol ation != 1) {
if (is_array($arra y[$field])) {
for ($z=0;$z<count( $array[$field]);$z++)
$content .=
$field.SEPARATO R.$array[$field][$z].NEWLINE;
} else
$content .= $field.SEPARATO R.$array[$field].NEWLINE;
}
}
}
while (list($key, $val) = each($array)) {
$reserved_viola tion = 0;
for ($ri=0; $ri<count($rese rved_keys); $ri++)
if ($key == $reserved_keys[$ri]) $reserved_viola tion = 1;
for ($ri=0; $ri<count($sort ); $ri++)
if ($key == $sort[$ri]) $reserved_viola tion = 1;
// prepare content
if ($reserved_viol ation != 1) {
if (is_array($val) ) {
for ($z=0;$z<count( $val);$z++)
$content .= $key.SEPARATOR. $val[$z].NEWLINE;
} else
$content .= $key.SEPARATOR. $val.NEWLINE;
}
}
}
return $content;
}
// mail the content we figure out in the following steps
function mail_it($conten t, $subject, $email, $recipient) {
global $attachment_chu nk, $attachment_nam e, $attachment_typ e,
$attachment_sen t, $bcc;
$ob = "----=_OuterBoundary _000";
$ib = "----=_InnerBoundery _001";
$headers = "MIME-Version: 1.0\r\n";
$headers .= "From: ".$email."\ n";
$headers .= "To: ".$recipient."\ n";
$headers .= "Reply-To: ".$email."\ n";
if ($bcc) $headers .= "Bcc: ".$bcc."\n" ;
$headers .= "X-Priority: 1\n";
$headers .= "X-Mailer: DT Formmail".VERSI ON."\n";
$headers .= "Content-Type: multipart/mixed;\n\tbound ary=\"".$ob."\" \n";
$message = "This is a multi-part message in MIME format.\n";
$message .= "\n--".$ob."\n";
$message .= "Content-Type:
multipart/alternative;\n\ tboundary=\"".$ ib."\"\n\n";
$message .= "\n--".$ib."\n";
$message .= "Content-Type: text/plain;\n\tchars et=\"iso-8859-1\"\n";
$message .= "Content-Transfer-Encoding: quoted-printable\n\n";
$message .= $content."\n\n" ;
$message .= "\n--".$ib."--\n";
if ($attachment_na me && !$attachment_se nt) {
$message .= "\n--".$ob."\n";
$message .= "Content-Type:
$attachment_typ e;\n\tname=\"". $attachment_nam e."\"\n";
$message .= "Content-Transfer-Encoding: base64\n";
$message .= "Content-Disposition:
attachment;\n\t filename=\"".$a ttachment_name. "\"\n\n";
$message .= $attachment_chu nk;
$message .= "\n\n";
$attachment_sen t = 1;
}
$message .= "\n--".$ob."--\n";
mail($recipient , $subject, $message, $headers);
}
// take in the body building arguments and build the body tag for page
display
function build_body($tit le, $bgcolor, $text_color, $link_color,
$vlink_color, $alink_color, $style_sheet) {
if ($style_sheet)
echo "<LINK rel=STYLESHEET href=\"$style_s heet\"
Type=\"text/css\">\n";
if ($title)
echo "<title>$ti tle</title>\n";
if (!$bgcolor)
$bgcolor = "#FFFFFF";
if (!$text_color)
$text_color = "#000000";
if (!$link_color)
$link_color = "#0000FF";
if (!$vlink_color)
$vlink_color = "#FF0000";
if (!$alink_color)
$alink_color = "#000088";
if ($background)
$background = "background=\"$ background\"";
echo "<body bgcolor=\"$bgco lor\" text=\"$text_co lor\"
link=\"$link_co lor\" vlink=\"$vlink_ color\" alink=\"$alink_ color\"
$background>\n\ n";
}
// check for a recipient email address and check the validity of it
// Thanks to Bradley miller (br********@acc esszone.com) for pointing
// out the need for multiple recipient checking and providing the code.
$recipient_in = split(',',$reci pient);
for ($i=0;$i<count( $recipient_in); $i++) {
$recipient_to_t est = trim($recipient _in[$i]);
if (!eregi("^[_\\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\\.)+[a-z]{2,6}$",
$recipient_to_t est)) {
print_error("<b >I NEED VALID RECIPIENT EMAIL ADDRESS
($recipient_to_ test) TO CONTINUE</b>");
}
}
// This is because I originally had it require but too many people
// were used to Matt's Formmail.pl which used required instead.
if ($required)
$require = $required;
// handle the required fields
if ($require) {
// seperate at the commas
$require = ereg_replace( " +", "", $require);
$required = split(",",$requ ire);
for ($i=0;$i<count( $required);$i++ ) {
$string = trim($required[$i]);
// check if they exsist
if((!(${$string })) || (!(${$string})) ) {
// if the missing_fields_ redirect option is on: redirect them
if ($missing_field s_redirect) {
header ("Location: $missing_fields _redirect");
exit;
}
$require;
$missing_field_ list .= "<b>Missing : $required[$i]</b><br>\n";
}
}
// send error to our mighty error function
if ($missing_field _list)
print_error($mi ssing_field_lis t,"missing");
}
// check the email fields for validity
if (($email) || ($EMAIL)) {
$email = trim($email);
if ($EMAIL) $email = trim($EMAIL);
if (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,6}$", $email))
print_error("yo ur <b>email address</b> is invalid");
$EMAIL = $email;
}
// check zipcodes for validity
if (($ZIP_CODE) || ($zip_code)) {
$zip_code = trim($zip_code) ;
if ($ZIP_CODE) $zip_code = trim($ZIP_CODE) ;
if (!ereg("(^[0-9]{5})-([0-9]{4}$)", trim($zip_code) ) &&
(!ereg("^[a-zA-Z][0-9][a-zA-Z][[:space:]][0-9][a-zA-Z][0-9]$",
trim($zip_code) )) && (!ereg("(^[0-9]{5})", trim($zip_code) )))
print_error("yo ur <b>zip/postal code</b> is invalid");
}
// check phone for validity
if (($PHONE_NO) || ($phone_no)) {
$phone_no = trim($phone_no) ;
if ($PHONE_NO) $phone_no = trim($PHONE_NO) ;
if (!ereg("(^(.*)[0-9]{3})(.*)([0-9]{3})(.*)([0-9]{4}$)", $phone_no))
print_error("yo ur <b>phone number</b> is invalid");
}
// check phone for validity
if (($FAX_NO) || ($fax_no)) {
$fax_no = trim($fax_no);
if ($FAX_NO) $fax_no = trim($FAX_NO);
if (!ereg("(^(.*)[0-9]{3})(.*)([0-9]{3})(.*)([0-9]{4}$)", $fax_no))
print_error("yo ur <b>fax number</b> is invalid");
}
// sort alphabetic or prepare an order
if ($sort == "alphabetic ") {
uksort($HTTP_PO ST_VARS, "strnatcasecmp" );
} elseif ((ereg('^order: .*,.*', $sort)) && ($list = explode(',',
ereg_replace('^ order:', '', $sort)))) {
$sort = $list;
}
// prepare the content
$content = parse_form($HTT P_POST_VARS, $sort);
// check for an attachment if there is a file upload it
if ($attachment_na me) {
if ($attachment_si ze > 0) {
if (!$attachment_t ype) $attachment_typ e = "applicatio n/unknown";
$content .= "Attached File: ".$attachment_n ame."\n";
$fp = fopen($attachme nt, "r");
$attachment_chu nk = fread($fp, filesize($attac hment));
$attachment_chu nk = base64_encode($ attachment_chun k);
$attachment_chu nk = chunk_split($at tachment_chunk) ;
}
}
// check for a file if there is a file upload it
if ($file_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$ file_name;
if (file_exists($p ath_to_file.$fi le_name))
$location = $path_to_file.r and(1000,3000). ".".$file_n ame;
copy($file,$loc ation);
unlink($file);
$content .= "Uploaded File: ".$location."\n ";
}
}
// second file (see manual for instructions on how to add more.)
if ($file2_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$ file2_name;
if (file_exists($p ath_to_file.$fi le2_name))
$location = $path_to_file.r and(1000,3000). ".".$file2_name ;
copy($file2,$lo cation);
unlink($file2);
$content .= "Uploaded File: ".$location."\n ";
}
}
// if the env_report option is on: get eviromental variables
if ($env_report) {
$env_report = ereg_replace( " +", "", $env_report);
$env_reports = split(",",$env_ report);
$content .= "\n------ eviromental variables ------\n";
for ($i=0;$i<count( $env_reports);$ i++) {
$string = trim($env_repor ts[$i]);
if ($env_reports[$i] == "REMOTE_HOS T")
$content .= "REMOTE HOST: ".$REMOTE_HOST. "\n";
if ($env_reports[$i] == "REMOTE_USE R")
$content .= "REMOTE USER: ". $REMOTE_USER."\ n";
if ($env_reports[$i] == "REMOTE_ADD R")
$content .= "REMOTE ADDR: ". $REMOTE_ADDR."\ n";
if ($env_reports[$i] == "HTTP_USER_AGEN T")
$content .= "BROWSER: ". $HTTP_USER_AGEN T."\n";
}
}
// send it off
mail_it(stripsl ashes($content) , ($subject)?stri pslashes($subje ct):"Form
Submission", $email, $recipient);
if (file_exists($a r_file)) {
$fd = fopen($ar_file, "rb");
$ar_message = fread($fd, filesize($ar_fi le));
fclose($fd);
mail_it($ar_mes sage, ($ar_subject)?s tripslashes($ar _subject):"RE: Form
Submission", ($ar_from)?$ar_ from:$recipient , $email);
}
// if the redirect option is set: redirect them
if ($redirect) {
header("Locatio n: $redirect");
exit;
} else {
echo "Thank you for your submission\n";
echo "<br><br>\n ";
echo "<small>Thi s form is powered by <a
href=\"http://www.dtheatre.co m/scripts/\">Jack's Formmail.php
".VERSION." !</a></small>\n\n";
exit;
}
// <---------- THE END ----------> //