OK, does it work? Doesn't it work? Is the module you are using installed on the server? Mail::Sendmail

The page can't be displayed. When I run perl -c I get:
Array found where operator expected at form.cgi line 22, at end of line
Global symbol "@dr" requires explicit package name at form.cgi line 9.
syntax error at form.cgi line 9, near "@dr ("
Global symbol "@appt" requires explicit package name at form.cgi line 11.
syntax error at form.cgi line 11, near "@appt ("
Global symbol "@pets" requires explicit package name at form.cgi line 12.
syntax error at form.cgi line 12, near "@pets ("
Global symbol "$dr" requires explicit package name at form.cgi line 18.
Global symbol "$appt" requires explicit package name at form.cgi line 19.
Global symbol "$pets" requires explicit package name at form.cgi line 21.
Global symbol "$email" requires explicit package name at form.cgi line 22.
form.cgi has too many errors.

Is there a way I can do it without using arrays?
I just figured I would need to use the arrays with so many fields.

You must escape the at-signs

I don't think DrDoc read the error messages correctly you are getting. What you need to do is declare your variables with "my" because you are using strict (which is a good thing). For example you have:

@dr ("No Preference","Dr. Julie Example", "Dr. Alan Example",
"Dr. Craig Example", "Dr. Jillian Example");

needs to be declared with "my":

my @dr ("No Preference","Dr. Julie Example", "Dr. Alan Example",
"Dr. Craig Example", "Dr. Jillian Example");

same with the other ones listed in the error message.
here you just plain have a syntax error:

$email = fourvets@example.com;

you need quotes around the right side:

$email = 'fourvets@example.com';

The @ sign in the strings are OK if you have them in single-quotes. If you use double-quotes you have to escape them:

$email = "fourvets\@example.com";

otherwise perl will think @example is an array. Also you have to print an http header before printing anything to the screen. Since you are using CGI.pm (standard) you can simply do this:

#create Webpage acknowledgement
print header;
print "<html><head><title>Appt Schedule</title></head>\n";
print "<body><h1> Thank you for choosing us as your Veterinarian!</h1><hr>\n";
print "<h2>$msg</h2>\n";
print "</body>"\n";

[edited by: jatar_k at 4:23 pm (utc) on Feb. 14, 2006]

[edited by: coopster at 2:16 pm (utc) on Feb. 15, 2006]
[edit reason] specifics [/edit]

I made some changes based on what you said and a few minor errors I found. Here is the script:
#!/usr/bin/perl
#form.cgi - sends email to office about appts
use CGI qw(:standard);
use strict;
use Mail::Sendmail;

#declare variables
my ($name, $phone, $dr, $appt, $pets, $clientemail, $phone2, $comment, %mail);
#declare variables
my ($name, $phone, $clientemail, $phone2, $comment, %mail);
my @dr ("No Preference", "Dr. Julie Example", "Dr. Alan Example",
"Dr. Craig Example", "Dr. Jillian Example");
my @appt ("Morning", "Afternoon", "No Preference");
my @pets ("1 to 2 pets", "3 to 4 pets", "5 or more pets", "Thinking of getting a pet");

#assign to variables
$name =param ('Name');
$phone =param ('Phone');
$phone2 =param ('Phone2');
$dr =param ('Dr');
$appt =param ('Appt');
$clientemail =param ('Clientemail');
$comment = param ('Comment');
$pets= param ('Pets');
$email = 'fourvets@example.com';

#create message
$msg ="$name, we have received your request for an appointment with $dr in the $appt\n";
$msg =$msg. "You have $pets and your concerns are $comment. We will call you at $phone or $phone2\n";

#create Webpage acknowledgement
print header;
print "<html><head><title>Sheffield Appt Schedule</title></head>\n";
print "<body><h1> Thank you for choosing us as your Veterinarian!</h1><hr>\n";
print "<h2>$msg</h2>\n";
print "</body></html>\n";

#send email to Sheffield Vet
$mail {To} = $email;
$mail {From} = 'fourvets@example.com';
$mail {Subject} ='New Client';
$mail {Smtp} = 'smtp-server.example.com';
$mail {Message} = $msg;
sendmail(%mail);

I'm still getting these errors:
crux-sdexte01% perl -c form.cgi
syntax error at form.cgi line 9, near "@dr ("
syntax error at form.cgi line 11, near "@appt ("
syntax error at form.cgi line 12, near "@pets ("
Global symbol "$email" requires explicit package name at form.cgi line 20.
Global symbol "$msg" requires explicit package name at form.cgi line 23.
Global symbol "$dr" requires explicit package name at form.cgi line 23.
Global symbol "$appt" requires explicit package name at form.cgi line 23.
Global symbol "$msg" requires explicit package name at form.cgi line 24.
Global symbol "$msg" requires explicit package name at form.cgi line 24.
Global symbol "$pets" requires explicit package name at form.cgi line 24.
Global symbol "$msg" requires explicit package name at form.cgi line 31.
Global symbol "$email" requires explicit package name at form.cgi line 35.
Global symbol "$msg" requires explicit package name at form.cgi line 39.
form.cgi had compilation errors.

I;m not sure where I am going wrong. Thanks for all your help!

[edited by: jatar_k at 6:31 pm (utc) on Feb. 14, 2006]

[edited by: coopster at 2:17 pm (utc) on Feb. 15, 2006]
[edit reason] removed specifics [/edit]

What Dr. Doc spotted was the unescaped "@" symbol in the following:

$email = 'fourvets@example.com';

It likely needs to be changed to:

$email = 'fourvets\@example.com';

That may well not be the only problem, and I am not certain that you need to escape symbols enclosed in single quotes, but I find its usually what trips up first editions of email scripts - especially my own.

[edited by: jatar_k at 6:31 pm (utc) on Feb. 14, 2006]

What Dr. Doc spotted was the unescaped "@" symbol in the following:

$email = 'fourvets@example.com';

It likely needs to be changed to:

$email = 'fourvets\@example.com';

That may well not be the only problem, and I am not certain that you need to escape symbols enclosed in single quotes, but I find its usually what trips up first editions of email scripts - especially my own.

It's not a problem at all. There is no need to escape the @ in a single-quoted string in perl because there is no expansion of variables in single-quoted strings in perl, this was already explained above.

sorry tester121,

My previous answer tripped you up because I posted code with an error:

my @dr (".....");

there should have been a '='in there:

my @dr = (".....");

Because I tripped you up I have corrected your code:

#!/usr/bin/perl
#form.cgi - sends email to office about appts
use CGI qw(:standard);
use strict;
use Mail::Sendmail;

my @dr = ("No Preference", "Dr. Julie Example", "Dr. Alan Example",
"Dr. Craig Example", "Dr. Jillian Example");
my @appt = ("Morning", "Afternoon", "No Preference");
my @pets = ("1 to 2 pets", "3 to 4 pets", "5 or more pets", "Thinking of getting a pet");

#assign to variables
my $name =param ('Name');
my $phone =param ('Phone');
my $phone2 =param ('Phone2');
my $dr =param ('Dr');
my $appt =param ('Appt');
my $clientemail =param ('Clientemail');
my $comment = param ('Comment');
my $pets= param ('Pets');
my $email = 'fourvets@example.com';
my %mail = ();

#create message
my $msg = qq~$name, we have received your request for an appointment with $dr in the $appt.
You have $pets and your concerns are $comment. We will call you at $phone or $phone2.
~;

#create Webpage acknowledgement
print header,
qq~<html><head><title>Sheffield Appt Schedule</title></head>
<body><h1> Thank you for choosing us as your Veterinarian!</h1><hr>
<h2>$msg</h2>
</body></html>
~;

#send email to Sheffield Vet
$mail{To} = $email;
$mail{From} = 'fourvets@example.com';
$mail{Subject} ='New Client';
$mail{Smtp} = 'smtp-server.example.com';
$mail{Message} = $msg;
sendmail(%mail);

hopefully that works now. Be careful though because you are sending data from a form without validating the data, so a malicious person could potentially use your form to crack into your server or just play pranks on you, like sending mass amounts of emails with no content or spam. Also make sure to edit the parts that say "example", I think the forum moderator did that.

[edited by: coopster at 2:17 pm (utc) on Feb. 15, 2006]
[edit reason] removed specifics [/edit]

EDIT: Derr. We posted at the same time. So you dragged it through 8 or 10 posts and didn't see @name="(..)? LOL!

Now I don't feel so bad. :-)

syntax error at form.cgi line 9, near "@dr ("
syntax error at form.cgi line 11, near "@appt ("
syntax error at form.cgi line 12, near "@pets ("

@dr = ("No Preference","Dr. Julie Example", "Dr. Alan Example",
"Dr. Craig Example", "Dr. Jillian Example");
@appt = ("Morning", "Afternoon", "No Preference");
@pets = ("1 to 2 pets", "3 to 4 pets", "5 or more pets", "Thinking of getting a pet");

Often perl errors snowball, that is, it may only be one or two errors and the effect accumulates when it tries to continue compilation. So eliminate these by adding the = as in @name = (array values); and see what it does.

[edited by: rocknbil at 7:39 pm (utc) on Feb. 14, 2006]

[edited by: coopster at 2:18 pm (utc) on Feb. 15, 2006]
[edit reason] removed specifics [/edit]

it was a mistake on my part rocknbil, thank you for spotting the error and being diplomatic about correcting it. ;)

PS: we were posting at the same time too, I already corrected it for the OP. :)

By the way, if you don't take some action on $name, $dr, $appt, $pets, $comment, $phone, and $phone2, someone might be able to call your script with something like:

<script language="JavaScript">
evil javascript code
</script>

in one of those fields, and then your script would display it, so a malicious person could send someone to your script with a carefully crafted URL and the victim would get javascripted with whatever code they sent.

Basically, the idea is that BadUser spams Victim with the URL of your site and script. Victim clicks on the URL which contains the encoded Javascript, and they get hit and probably blame it on you and your site. I ran into that with a search script where it said "You searched for $searchterm." Stripping out angle brackets from $searchterm before displaying seemed to work.

Generally, if I'm going to display what someone entered, I will first turn all < and > into &lt; and &gt; to help prevent that kind of thing.

Probably not a big deal, just something I noticed. :-)

JK

Jolly are you saying they are entering Javascript into the input fields on the form?

If so absolutely, anything input from a form should be screened and invalid characters ignored, but that's a bit outside the scope of this thread.

You're right rocknbil, I didn't notice it in the original post (my eyes just filled the = signs in I guess) , but it had plenty of other errors too so just correcting that would have been a start but many variables still needed to be declared properly with "my". Thanks for having my back, I'll return the favor someday if I can. :)

It is a concern and I mentioned it too already at the end of a previous post, but for now they just need to get it working then they can start adding the filtering/validation.

I see that now, perl_diver. I'm a slow poster, so I was actually still composing mine when you posted that. I did read the thread, honest. :-)

JK

[edit to say: it seemed like everyone had the syntax errors pretty much fixed, so the input validation was just another "fix" to my mind. Sorry if I went outside the scope! Didn't mean to thread-hijack. :-)]

That works for me, so for protection should I just verify the data or do I need to do something else?

That's cool JollyK, team work is a good thing, and we were all sort of posting at the same time, stepping on each others post (so to speak). :)

That works for me, so for protection should I just verify the data or do I need to do something else?

If you used CGI.pm to generate your form code as well as process the form data, any HTML code embedded in data would be escaped automatically. But you can call the:

escapeHTML();

function to do that manually too:

my $name = escapeHTML(param('Name'));

I think that will work, do that for all your form fields. It's better than nothing.

Thanks everyone for your help. I'm no programmer and have decided after playing with Perl that I probably never want to be one! Too much detail on the code and I tend overthink & look stuff 8}

and have decided after playing with Perl that I probably never want to be one!

Even after all the friendly help you received here? But you're well on your way, now! ;)

Well, whatever you decide we want you to know you are welcome to WebmasterWorld, tester121. I think these fine folks here have proven that.

I generalized the 'Dr.' names to protect the innocent ;-)

Hahaha! tester121, it's too late. You have written a program, so you are now a programmer. :-)

You shall never escape! Neverrrrrrr!

But seriously, even people who have been programming for YEARS overlook things. Heck, look at Microsoft or any big software company. Do they have bugs? Yes. Do they have security issues? Yes. Do they overlook things? Yes. It happens. If it does, you try to avoid it the next time.

JK