homepage Welcome to WebmasterWorld Guest from 54.145.183.169
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
formail returning html codes
drdave

5+ Year Member



 
Msg#: 3990033 posted 3:11 am on Sep 16, 2009 (gmt 0)

A friend of mine is using formmail php script on his website but when you submit your info it returns html in your email along with the client's personal data.

Below is the webformmailer.php script that I am hoping might solve the problem.

I am not sure if/what to change to turn the html portion off and probably allow the script to send text instead.

Here is the script and any help will be appreciated.

Thanks for help

<?php

if ( !isset($_SERVER['SPI'])) {
die();
}

if (!isset($_SERVER['DOCUMENT_ROOT'])) {
echo("CRITICAL: we seem to be running outside of the norm.\n");
header("Location: [".$_SERVER["HTTP_HOST"]."...]
die("CRITICAL: Document root unavailable.\n");
}

$request_method = $_SERVER["REQUEST_METHOD"];
if($request_method == "GET") {
$query_vars = $_GET;
}
elseif ($request_method == "POST") {
$query_vars = $_POST;
}

reset($query_vars);
function customsort($a,$b) {
// $a is array for form vars, $b is comma seperated case sensitive field order
// this is case sensitive -- good idea to hrc that.
$data = array();
if ( strstr($b,',') == FALSE ) {
$b = $b.",";
}
$ordering = split(',',$b);
foreach ($ordering as $orderitem) {
if ( ($orderitem != null) && ($orderitem != "") ) {
if (isset($a[$orderitem])) {
$data[$orderitem] = $a[$orderitem];
}
}
}
foreach ($a as $key=>$val) {
$data[$key] = $a[$key];
}
return $data;
}

function xmlentities($string) {
return str_replace ( array('&', '"', "'", '<', '>'), array('&amp;', '&quot;', '&apos;', '&lt;', '&gt;'), $string);
}

$t = date("U");

$formhomedir = preg_replace('/.*\/home\/content/','',$_SERVER['DOCUMENT_ROOT']);
$formhomedir = explode('/',$formhomedir);
if (count($formhomedir) <= 4) {
$formhome="/home/content/".$formhomedir[1]."/".$formhomedir[2]."/data/";
}
else {
$formhome="/home/content/".$formhomedir[1]."/".$formhomedir[2]."/".$formhomedir[3]."/".$formhomedir[4]."/data/";
}

$file_order = ".default";
$file_format = ".text";
$file_interval = ".15m";
$field_order = "";

if (isset($query_vars['form_order'])) {
if ($query_vars['form_order'] != "alpha") {
$field_order=$query_vars['form_order'];
$file_order=".custom";
$query_vars = customsort($query_vars,$field_order);
}
else {
switch ($query_vars['form_order']) {
case "alpha":
uksort($query_vars,'strnatcasecmp');
$file_order=".alpha";
break;
default:
$file_order=".default";
break;
}
}
}

if (isset($query_vars['form_format'])) {
switch ($query_vars['form_format']) {
case "csv":
$file_format = ".csv";
break;
case "html":
$file_format = ".html";
break;
case "xml":
$file_format = ".xml";
break;
case "text":
case "default":
default:
$file_format = ".text";
break;
}
}

if (isset($query_vars['form_delivery'])) {
switch ($query_vars['form_delivery']) {
case "hourly":
$file_interval = ".60m";
break;
case "hourly_digest":
$file_interval = ".60mc";
break;
case "daily":
$file_interval = ".24h";
break;
case "daily_digest":
$file_interval = ".24hc";
break;
case "digest":
$file_interval = ".15mc";
break;
case "default":
default:
$file_interval = ".15m";
break;
}
}

$file = $formhome."form_".$t.$file_order.$file_format.$file_interval;
$fp = fopen($file,"w");

reset($query_vars);
switch ($file_format) {
case ".csv":
$csvkeys = "";
$csvvals= "";
$firsttime = "";
while (list ($key, $val) = each ($query_vars)) {
if ( ($key == "form_order")
($key == "form_format")
($key == "form_delivery")
($key == "redirect") ) {
}
else {
if ($csvkeys != "") {
$firsttime=",";
}
$tmpkey=escapeshellcmd($key);
$csvkeys = $csvkeys.$firsttime."'".$tmpkey."'";
$tmpval=escapeshellcmd($val);
$csvvals = $csvvals.$firsttime."'".$tmpval."'";
}
}
fputs($fp,"$csvkeys\n");
fputs($fp,"$csvvals\n");
break;
case ".html":
fputs($fp,"<table border=\"1\" cellspacing=\"1\" cellpadding=\"2\">\n");
break;
case ".xml":
fputs($fp,"<form>\n");
break;
}

reset($query_vars);
while (list ($key, $val) = each ($query_vars)) {
if ($key == "redirect") {
$landing_page = $val;
}
if ( ($key == "form_order")
($key == "form_format")
($key == "form_delivery")
($key == "redirect") ) {

}
else {
switch ($file_format) {
case ".html":
fputs($fp,"\t<tr>\n");
fputs($fp,"\t\t<td><b>$key</b></td>\n");
fputs($fp,"\t\t<td>$val</td>\n");
fputs($fp,"\t</tr>\n");

break;
case ".csv":
// content is already output
break;
case ".xml":
fputs($fp,"\t<field>\n");
fputs($fp,"\t\t<fieldname>".xmlentities($key)."</fieldname>\n");
fputs($fp,"\t\t<fieldvalue>".xmlentities($val)."</fieldvalue>\n");
fputs($fp,"\t</field>\n");
break;
case ".text":
default:
fputs($fp,$key.": ".$val."\n");
break;
}
}
}

switch ($file_format) {
case ".html":
fputs($fp,"</table>\n");
break;
case ".xml":
fputs($fp,"</form>\n");
break;
}

fclose($fp);

if ($landing_page != "") {
header("Location: [".$_SERVER["HTTP_HOST"]."...]
}
else {
header("Location: [".$_SERVER["HTTP_HOST"]."...]
}

?>

 

rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3990033 posted 2:43 pm on Sep 16, 2009 (gmt 0)

if (isset($query_vars['form_format'])) { .....

Looks to me like there is a hidden field in the submitted form that controls this. Look for this

<input type="hidden" name="form_format" value=".html">

change it to

<input type="hidden" name="form_format" value=".text">

I don't see where it's mailing though, that's probably another script run via cron and is controlled by the form_delivery field (guessing.)

jatar_k

WebmasterWorld Administrator jatar_k us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3990033 posted 3:19 pm on Sep 16, 2009 (gmt 0)

.text is also the default, which makes for some odd syntax used, so you could remove the hidden field

that's a weird script

drdave

5+ Year Member



 
Msg#: 3990033 posted 5:54 pm on Sep 16, 2009 (gmt 0)

Thanks for responses.

I get error "Unexpected File Format" using Flash 8 becuz this might be a higher version of Flash.

I did not want to take a chance and install both F8 and another version on the same machine.

Thanks again
Dave

drdave

5+ Year Member



 
Msg#: 3990033 posted 8:00 pm on Sep 16, 2009 (gmt 0)

Sorry I missed the cron part.

I will keep troubleshooting.

Thanks again so much for all the help rocknbill and jatar_k

Much appreciated
Dave

rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3990033 posted 4:06 pm on Sep 17, 2009 (gmt 0)

Sorry but have to ask, what's Flash got to do with anything in this script? The two are completely unrelated.

drdave

5+ Year Member



 
Msg#: 3990033 posted 4:17 pm on Sep 17, 2009 (gmt 0)

Forgot to mention this is a flash website. Thought I would need to check some codes there or just use my own form if this one did not work.

And I found the actual send.php form seen below.

BTW there are no cron jobs.

<?php

$to = "test@testaddress.com";

$subject = "Website Contact Message";

$message .= "\nInterest: " . $interest= (isset($_POST['interest'])) ? $_POST['interest'] : 'no interest';

$message .= "\nName: " . $name= (isset($_POST['name'])) ? $_POST['name'] : 'no name';

$message .= "\nCity: " . $city= (isset($_POST['city'])) ? $_POST['city'] : 'no city';

$message .= "\nPhone: " . $phone= (isset($_POST['phone'])) ? $_POST['phone'] : 'no phone';

$message .= "\nEmail: " . $email= (isset($_POST['email'])) ? $_POST['email'] : 'no email';

$message .= "\nDate: " . $date= (isset($_POST['date'])) ? $_POST['date'] : 'no date';

$message .= "\nBride: " . $bride= (isset($_POST['bride'])) ? $_POST['bride'] : 'no bride';

$message .= "\nGroom: " . $groom= (isset($_POST['groom'])) ? $_POST['groom'] : 'no groom';

$message .= "\nCity and State: " . $citystate= (isset($_POST['citystate'])) ? $_POST['citystate'] : 'no citystate';

$message .= "\nCeremony Location: " . $ceremony= (isset($_POST['ceremony'])) ? $_POST['ceremony'] : 'no ceremony';

$message .= "\nReception Location: " . $reception= (isset($_POST['reception'])) ? $_POST['reception'] : 'no reception';

$message .= "\n\nMessage:

" . $comments= (isset($_POST['comments'])) ? $_POST['comments'] : 'no comments';

$headers = "From: $email";

$headers .="\nReply-To: $email";

mail($to, $subject, $message, $headers);

?>

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved