Welcome to WebmasterWorld Guest from 54.159.50.111

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

formail returning html codes

     
3:11 am on Sep 16, 2009 (gmt 0)

New User

5+ Year Member

joined:May 9, 2009
posts: 31
votes: 0


A friend of mine is using formmail php script on his website but when you submit your info it returns html in your email along with the client's personal data.

Below is the webformmailer.php script that I am hoping might solve the problem.

I am not sure if/what to change to turn the html portion off and probably allow the script to send text instead.

Here is the script and any help will be appreciated.

Thanks for help

<?php

if ( !isset($_SERVER['SPI'])) {
die();
}

if (!isset($_SERVER['DOCUMENT_ROOT'])) {
echo("CRITICAL: we seem to be running outside of the norm.\n");
header("Location: [".$_SERVER["HTTP_HOST"]."...]
die("CRITICAL: Document root unavailable.\n");
}

$request_method = $_SERVER["REQUEST_METHOD"];
if($request_method == "GET") {
$query_vars = $_GET;
}
elseif ($request_method == "POST") {
$query_vars = $_POST;
}

reset($query_vars);
function customsort($a,$b) {
// $a is array for form vars, $b is comma seperated case sensitive field order
// this is case sensitive -- good idea to hrc that.
$data = array();
if ( strstr($b,',') == FALSE ) {
$b = $b.",";
}
$ordering = split(',',$b);
foreach ($ordering as $orderitem) {
if ( ($orderitem != null) && ($orderitem != "") ) {
if (isset($a[$orderitem])) {
$data[$orderitem] = $a[$orderitem];
}
}
}
foreach ($a as $key=>$val) {
$data[$key] = $a[$key];
}
return $data;
}

function xmlentities($string) {
return str_replace ( array('&', '"', "'", '<', '>'), array('&amp;', '&quot;', '&apos;', '&lt;', '&gt;'), $string);
}

$t = date("U");

$formhomedir = preg_replace('/.*\/home\/content/','',$_SERVER['DOCUMENT_ROOT']);
$formhomedir = explode('/',$formhomedir);
if (count($formhomedir) <= 4) {
$formhome="/home/content/".$formhomedir[1]."/".$formhomedir[2]."/data/";
}
else {
$formhome="/home/content/".$formhomedir[1]."/".$formhomedir[2]."/".$formhomedir[3]."/".$formhomedir[4]."/data/";
}

$file_order = ".default";
$file_format = ".text";
$file_interval = ".15m";
$field_order = "";

if (isset($query_vars['form_order'])) {
if ($query_vars['form_order'] != "alpha") {
$field_order=$query_vars['form_order'];
$file_order=".custom";
$query_vars = customsort($query_vars,$field_order);
}
else {
switch ($query_vars['form_order']) {
case "alpha":
uksort($query_vars,'strnatcasecmp');
$file_order=".alpha";
break;
default:
$file_order=".default";
break;
}
}
}

if (isset($query_vars['form_format'])) {
switch ($query_vars['form_format']) {
case "csv":
$file_format = ".csv";
break;
case "html":
$file_format = ".html";
break;
case "xml":
$file_format = ".xml";
break;
case "text":
case "default":
default:
$file_format = ".text";
break;
}
}

if (isset($query_vars['form_delivery'])) {
switch ($query_vars['form_delivery']) {
case "hourly":
$file_interval = ".60m";
break;
case "hourly_digest":
$file_interval = ".60mc";
break;
case "daily":
$file_interval = ".24h";
break;
case "daily_digest":
$file_interval = ".24hc";
break;
case "digest":
$file_interval = ".15mc";
break;
case "default":
default:
$file_interval = ".15m";
break;
}
}

$file = $formhome."form_".$t.$file_order.$file_format.$file_interval;
$fp = fopen($file,"w");

reset($query_vars);
switch ($file_format) {
case ".csv":
$csvkeys = "";
$csvvals= "";
$firsttime = "";
while (list ($key, $val) = each ($query_vars)) {
if ( ($key == "form_order")
($key == "form_format")
($key == "form_delivery")
($key == "redirect") ) {
}
else {
if ($csvkeys != "") {
$firsttime=",";
}
$tmpkey=escapeshellcmd($key);
$csvkeys = $csvkeys.$firsttime."'".$tmpkey."'";
$tmpval=escapeshellcmd($val);
$csvvals = $csvvals.$firsttime."'".$tmpval."'";
}
}
fputs($fp,"$csvkeys\n");
fputs($fp,"$csvvals\n");
break;
case ".html":
fputs($fp,"<table border=\"1\" cellspacing=\"1\" cellpadding=\"2\">\n");
break;
case ".xml":
fputs($fp,"<form>\n");
break;
}

reset($query_vars);
while (list ($key, $val) = each ($query_vars)) {
if ($key == "redirect") {
$landing_page = $val;
}
if ( ($key == "form_order")
($key == "form_format")
($key == "form_delivery")
($key == "redirect") ) {

}
else {
switch ($file_format) {
case ".html":
fputs($fp,"\t<tr>\n");
fputs($fp,"\t\t<td><b>$key</b></td>\n");
fputs($fp,"\t\t<td>$val</td>\n");
fputs($fp,"\t</tr>\n");

break;
case ".csv":
// content is already output
break;
case ".xml":
fputs($fp,"\t<field>\n");
fputs($fp,"\t\t<fieldname>".xmlentities($key)."</fieldname>\n");
fputs($fp,"\t\t<fieldvalue>".xmlentities($val)."</fieldvalue>\n");
fputs($fp,"\t</field>\n");
break;
case ".text":
default:
fputs($fp,$key.": ".$val."\n");
break;
}
}
}

switch ($file_format) {
case ".html":
fputs($fp,"</table>\n");
break;
case ".xml":
fputs($fp,"</form>\n");
break;
}

fclose($fp);

if ($landing_page != "") {
header("Location: [".$_SERVER["HTTP_HOST"]."...]
}
else {
header("Location: [".$_SERVER["HTTP_HOST"]."...]
}

?>

2:43 pm on Sept 16, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 28, 2004
posts:7999
votes: 0


if (isset($query_vars['form_format'])) { .....

Looks to me like there is a hidden field in the submitted form that controls this. Look for this

<input type="hidden" name="form_format" value=".html">

change it to

<input type="hidden" name="form_format" value=".text">

I don't see where it's mailing though, that's probably another script run via cron and is controlled by the form_delivery field (guessing.)

3:19 pm on Sept 16, 2009 (gmt 0)

Administrator

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 24, 2001
posts:15755
votes: 0


.text is also the default, which makes for some odd syntax used, so you could remove the hidden field

that's a weird script

5:54 pm on Sept 16, 2009 (gmt 0)

New User

5+ Year Member

joined:May 9, 2009
posts: 31
votes: 0


Thanks for responses.

I get error "Unexpected File Format" using Flash 8 becuz this might be a higher version of Flash.

I did not want to take a chance and install both F8 and another version on the same machine.

Thanks again
Dave

8:00 pm on Sept 16, 2009 (gmt 0)

New User

5+ Year Member

joined:May 9, 2009
posts: 31
votes: 0


Sorry I missed the cron part.

I will keep troubleshooting.

Thanks again so much for all the help rocknbill and jatar_k

Much appreciated
Dave

4:06 pm on Sept 17, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 28, 2004
posts:7999
votes: 0


Sorry but have to ask, what's Flash got to do with anything in this script? The two are completely unrelated.
4:17 pm on Sept 17, 2009 (gmt 0)

New User

5+ Year Member

joined:May 9, 2009
posts: 31
votes: 0


Forgot to mention this is a flash website. Thought I would need to check some codes there or just use my own form if this one did not work.

And I found the actual send.php form seen below.

BTW there are no cron jobs.

<?php

$to = "test@testaddress.com";

$subject = "Website Contact Message";

$message .= "\nInterest: " . $interest= (isset($_POST['interest'])) ? $_POST['interest'] : 'no interest';

$message .= "\nName: " . $name= (isset($_POST['name'])) ? $_POST['name'] : 'no name';

$message .= "\nCity: " . $city= (isset($_POST['city'])) ? $_POST['city'] : 'no city';

$message .= "\nPhone: " . $phone= (isset($_POST['phone'])) ? $_POST['phone'] : 'no phone';

$message .= "\nEmail: " . $email= (isset($_POST['email'])) ? $_POST['email'] : 'no email';

$message .= "\nDate: " . $date= (isset($_POST['date'])) ? $_POST['date'] : 'no date';

$message .= "\nBride: " . $bride= (isset($_POST['bride'])) ? $_POST['bride'] : 'no bride';

$message .= "\nGroom: " . $groom= (isset($_POST['groom'])) ? $_POST['groom'] : 'no groom';

$message .= "\nCity and State: " . $citystate= (isset($_POST['citystate'])) ? $_POST['citystate'] : 'no citystate';

$message .= "\nCeremony Location: " . $ceremony= (isset($_POST['ceremony'])) ? $_POST['ceremony'] : 'no ceremony';

$message .= "\nReception Location: " . $reception= (isset($_POST['reception'])) ? $_POST['reception'] : 'no reception';

$message .= "\n\nMessage:

" . $comments= (isset($_POST['comments'])) ? $_POST['comments'] : 'no comments';

$headers = "From: $email";

$headers .="\nReply-To: $email";

mail($to, $subject, $message, $headers);

?>