[thelist] PHP_SELF / Contact Form
DAVOUD TOHIDY
dtohidy at hotmail.com
Thu Jul 29 09:58:42 CDT 2010
Hi,
I have an index.php file which is placing and replacing some pages such as contact page within itself dynamically using pId and a configuration file which contains an array like:
$mypages = array("0x12" => "contact.php",// etc.)
// mypages/contact.php
I have a contact form and wrote the following to process and validate the form inside contact.php file :
<?php
error_reporting(6143);
if(isset($_POST['btnshoot'])) {
$name = mysql_real_escape_string(htmlentities(strip_tags(stripslashes(trim($_POST['name'])))));
$subject = mysql_real_escape_string(htmlentities(strip_tags(stripslashes(trim($_POST['subject'])))));
$tel = mysql_real_escape_string(htmlentities(strip_tags(stripslashes(trim($_POST['tel'])))));
$com = mysql_real_escape_string(htmlentities(strip_tags(stripslashes(trim($_POST['com'])))));
$email = mysql_real_escape_string(htmlentities(strip_tags(stripslashes(trim($_POST['email'])))));
$message = mysql_real_escape_string(htmlentities(strip_tags(stripslashes(trim($_POST['message'])))));
$captcha = mysql_real_escape_string(htmlentities(strip_tags(stripslashes(trim($_POST['captcha'])))));
$valid = true;
$error = "";
$errMsg = "";
if(!preg_match("#^[a-zA-Z]+$#", $name)){
$errMsg .="Invalid Entry, Please enter only letters";
$valid = false;
exit;
} else if(strlen($name > 20)){
$error.="Please enter a name less than 20 characters!<br />";
$valid = false;
exit;
} else if(!preg_match("#^[a-zA-Z]+$#", $subject)){
$errMsg .="Invalid Entry, Please enter only letters";
$valid = false;
exit;
} else if(strlen($subject > 40)){
$error.="Please enter a subject less than 40 characters!<br />";
$valid = false;
exit;
} else if(!preg_match("#^[a-zA-Z0-9_]{1,}$#", $com)){
$errMsg .="Invalid Entry, Please enter only letters and numbers";
$valid = false;
exit;
} else if(strlen($com > 40)){
$error.="Please enter less than 40 characters!<br />";
$valid = false;
exit;
} else if(!preg_match("/^[2-9]{1}[0-9]{2}-[0-9]{3}-[0-9]{4}$/", $tel)){
$errMsg .="Please enter a telephone number in xxx-xxx-xxxx format ";
$valid = false;
exit;
} else if(strlen($tel <> 12)){
$error.="Please enter 12 characters including dashes<br />";
$valid = false;
exit;
} else if(!preg_match('/^[A-Z1-9][\w.+-]*@[\w.-]+\.[A-Z]{2,6}$/i', $email)){
$errMsg.= "Invalid Entry, Please enter a valid email";
$valid = false;
exit;
} else if($name == "" || $subject == "" || $tel == "" || $com == "" || $email == "" || $message == ""){
$error.="None of the fields can be left blank. Please provide the information requested. <br />";
$valid = false;
exit;
} else if(!preg_match('^[\w\.\?]+?$/', $message)){
$errMsg.= "Invalid Entry, Please enter only words";
$valid = false;
exit;
} else if(strlen($message > 400)){
// sets max amount of characters in comments area (edit as nesesary)
$message=substr($message, 0, 400).'...';
$error .="We are sorry for inconvenience. Your message should not exceed 400 characters.<br />";
$valid = false;
exit;
} else if(!preg_match("#^[a-zA-Z]+$#", $captcha)){
$errMsg .="Invalid Entry, Please enter name of the image";
$valid = false;
exit;
} else if (isset($_POST['btnshoot'])) {
$caperror = array();
if (!in_array(strtolower($_POST['captcha']), $aCaptcha[$_SESSION['captcha']])) {
$caperror['captcha'] = "<span style='color:red'>Name of the animal is not correct.</span>";
exit;
}
} else {
header("Expires: ".gmdate("D, d M Y H:i:s", mktime(date("H")+2, date("i"), date("s"), date("m"), date("d"), date("Y")))." GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
function remove_headers($string) {
$headers = array(
"/to\:/i",
"/from\:/i",
"/bcc\:/i",
"/cc\:/i",
"/Content\-Transfer\-Encoding\:/i",
"/Content\-Type\:/i",
"/Mime\-Version\:/i"
);
if(preg_replace($headers, '', $string) == $string) {
return $string;
} else {
die('.....');
}
}
$name = remove_headers($name);
$email = remove_headers($email);
$subject = remove_headers($subject);
$message = remove_headers($message);
$http_referrer = getenv( "HTTP_REFERER" );
$to = "myemail at hotmail.com";
$body = "This message was sent from:\n" . "$http_referrer\n\n" . "From: $name\n E-Mail: $email\n Message:\n $message";
$ret = mail($to, $subject, $body);
if($ret){
$feedback= "Thanks for contacting us. We've recieved your email. We will be in touch with you shortly.";
} else {
$errMsg.="Sorry There was a Problem. please try again <br />";
}
}
}
?>
here it is the html:
<form name="mycontactForm" action="<?php $_SERVER['PHP_SELF']?>" method="get">
I get the error : The requested URL /****/< was not found on this server.
and this is in the address bar : www.myurl.com/****/<?name=&subject=&tel=&com=&email=&message=&captcha=&btnSend=Send+Message
Could someone help me to debug this please?
Thanks
davoud
More information about the thelist
mailing list