Retrieving data from javascript fields

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
cpm
Forum Newbie
Posts: 2
Joined: Tue Apr 17, 2007 10:56 pm

Retrieving data from javascript fields

Post by cpm »

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Hi, I am new to php. I am having problems getting the data to send to an e-mail address using php. I can get all fields except for the one that calculates the total, which I used javascript to do. I am getting all the other fields via the request variables. I realize you can get a javascript field using the request. All the data shows up in the e-mail except for the "Total Enclosed" field. Below is my send form function and part of the html code that I used for the Total Enclosed. I also included the javascript. Can someone please help me how to get this field to show up in the e-mail that is sent. You are welcome to modify my send_form function accordingly. Thank you. Any help is appreciated.:

Code: Select all

Total Enclosed:<br>
	              <span id="total"></span>
                              <input id="total_cost" name="total_cost" type="hidden" value="" />



function send_form()
{

    global $errors;
    global $se;
 
    /* THIS BLOCK OF CODE SENDS AN EMAIL WITH THE RESULTS TO A SPECIFIC ADDRESS */
    $recipient =  "cpm0160@gmail.com";
    $subject = "RSVP 2006 For Invitations - ". date('m/d/Y H:i A'); 
    
    $headers = "From: " 		. $_POST["name"]; 
	$headers .= "<" 		. $_POST["email"] . ">\r\n"; 
	$headers .= "Reply-To: " 	. $_POST["email"] . "\r\n"; 
	$headers .= "Return-Path: " . $_POST["email"]; 


    $body =
            "\n" .
            "--------------------------------------------------------------\n" . 
            "Adults @ $30 each:				".$_REQUEST['adults']."\n" .
            "Children 13-18 @ $10 each:			".$_REQUEST['children13_18']."\n" .
            "Children 12-6 @ $5:				".$_REQUEST['children12_6']."\n" .
            "Children 5 & under Free:			".$_REQUEST['children5']."\n" .
            "Total Enclosed :			              $".$_REQUEST['total_cost']."\n" .
            "--------------------------------------------------------------\n" . 
            "We are unable to attend but please accept our donation of:	   \n" .
                                       		      $".$_REQUEST['donations']."\n" .
            "--------------------------------------------------------------\n" . 
            "Name:          ".$_REQUEST['name']."\n" .
            "Address:       ".$_REQUEST['address']."\n" .
            "City:          ".$_REQUEST['city']."\n" .
            "State:         ".$_REQUEST['state']."\n" .
            "ZIP:           ".$_REQUEST['zip']."\n" .
            "Telephone:     ".$_REQUEST['phone']."\n" .
            "Email:         ".$_REQUEST['email']."\n" .
            "\n";
	
    if (false === mail($recipient, $subject, $body, $headers))
    {
        $errors[] = "An error occurred when sending the confirmation email. \n";
        return false;
    }
    
     # send a confirmation email
   /* $body_copy = "Here is a copy of your registration for your records:\n\n" . $body;
    $recipient_copy = $_REQUEST['email'];

      mail($recipient_copy, $subject, $body_copy, $headers); 
	
     if (false === mail($recipient_copy, $subject, $body_copy, $headers))
    {
        $errors[] = "An error occurred when sending the confirmation email. \n";
        return false;
    }
    */
    return true;

}



<script type="text/javascript">
function update_total(frm)
{
    
	if (isNaN(frm.adults.value))
    {
        document.getElementById('total').innerHTML = 'Please specify the number of adults above.';
    }
	else if (isNaN(frm.children13_18.value))
    {
        document.getElementById('total').innerHTML = 'Please specify the children 13 - 18 above.';
    }
	else if (isNaN(frm.children12_6.value))
    {
        document.getElementById('total').innerHTML = 'Please specify the the children 6 - 12 above.';
    }
	else if (isNaN(frm.children5.value))
    {
        document.getElementById('total').innerHTML = 'Please specify the the children 5 and under above.';
    }
    else
    {
		cost1 = 0;
    	cost2 = 0;
    	cost3 = 0;
    	cost4 = 0;
		totalcost = 0;
    	if((frm.adults.value !=0))
        {
        	cost1 += 30 * (frm.adults.value);
			cost2 += 10 * (frm.children13_18.value);
			cost3 += 5 * (frm.children12_6.value);
			cost4 += 0 * (frm.children5.value);
		}
    	//document.getElementById('totaladults').innerHTML = '$' + (cost1) + '.00';
		//document.getElementById('totalchildren13_18').innerHTML = '$' + (cost2) + '.00';
		//document.getElementById('totalchildren12_6').innerHTML = '$' + (cost3) + '.00';
		//document.getElementById('totalchildren5').innerHTML = '$' + (cost4) + '.00';
		
    	totalcost = (cost1 + cost2 + cost3 + cost4);	
		document.getElementById('total').innerHTML = '$' + (totalcost) + '.00';	
		
		
    }
}
//-->
</script>

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Begby
Forum Regular
Posts: 575
Joined: Wed Dec 13, 2006 10:28 am

Post by Begby »

Its fine to do calculations client side to show the user totals and such, but its good practice to also redo any calculations in PHP. Whats to stop someone from creating their own HTML form and sending their own totals to you?

Ideally any forms you write, you should write with no javascript. After the form works ok and is rejecting invalid input and such properly, then put in any fancy javascript you might want, but don't ever rely on javascript to calculate any totals or anything that get sent to the database nor rely on it to do any data validation.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Agreed. Although javascript is turned on by default on most borwsers nowadays, if the data that is passed is critical in any fashion, handle the data server side. I'll second what begby said and tell you to develop your app server side first, then enhance the app client side after it is working according to spec.
cpm
Forum Newbie
Posts: 2
Joined: Tue Apr 17, 2007 10:56 pm

Can anyone help

Post by cpm »

This doesnt really help much. Does anyone have a solution for this.
User avatar
neel_basu
Forum Contributor
Posts: 454
Joined: Wed Dec 06, 2006 9:33 am
Location: Picnic Garden, Kolkata, India

Post by neel_basu »

Is that field getting created by Javascript Dynamically runtime ??
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

I think you should reconsider your opinion about the advise given thus far.. that is if you care about security and usability.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

The javascript function changes the innerHtml of <span id="total"> but not the value of <input name="total_cost">
<span> is not a form control, its name=value pair (what ever this would be) is not sent during submission.
User avatar
William
Forum Contributor
Posts: 332
Joined: Sat Oct 25, 2003 4:03 am
Location: New York City

Post by William »

A simple answer to your question:

Code: Select all

Total Enclosed:<br>
                      <span id="total"></span>
                              <input id="total_cost" name="total_cost" type="hidden" value="" />



function send_form()
{

    global $errors;
    global $se;
 
    /* THIS BLOCK OF CODE SENDS AN EMAIL WITH THE RESULTS TO A SPECIFIC ADDRESS */
    $recipient =  "cpm0160@gmail.com";
    $subject = "RSVP 2006 For Invitations - ". date('m/d/Y H:i A');
   
    $headers = "From: "                 . $_POST["name"];
        $headers .= "<"                 . $_POST["email"] . ">\r\n";
        $headers .= "Reply-To: "        . $_POST["email"] . "\r\n";
        $headers .= "Return-Path: " . $_POST["email"];


    $body =
            "\n" .
            "--------------------------------------------------------------\n" .
            "Adults @ $30 each:    ".$_REQUEST['adults']."\n" .
            "Children 13-18 @ $10 each:   ".$_REQUEST['children13_18']."\n" .
            "Children 12-6 @ $5:                                ".$_REQUEST['children12_6']."\n" .
            "Children 5 & under Free:         ".$_REQUEST['children5']."\n" .
            "Total Enclosed :                       $".$_REQUEST['total_cost']."\n" .
            "--------------------------------------------------------------\n" .
            "We are unable to attend but please accept our donation of:    \n" .
                                               $".$_REQUEST['donations']."\n" .
            "--------------------------------------------------------------\n" .
            "Name:          ".$_REQUEST['name']."\n" .
            "Address:       ".$_REQUEST['address']."\n" .
            "City:          ".$_REQUEST['city']."\n" .
            "State:         ".$_REQUEST['state']."\n" .
            "ZIP:           ".$_REQUEST['zip']."\n" .
            "Telephone:     ".$_REQUEST['phone']."\n" .
            "Email:         ".$_REQUEST['email']."\n" .
            "\n";
       
    if (false === mail($recipient, $subject, $body, $headers))
    {
        $errors[] = "An error occurred when sending the confirmation email. \n";
        return false;
    }
   
     # send a confirmation email
   /* $body_copy = "Here is a copy of your registration for your records:\n\n" . $body;
    $recipient_copy = $_REQUEST['email'];

      mail($recipient_copy, $subject, $body_copy, $headers);
       
     if (false === mail($recipient_copy, $subject, $body_copy, $headers))
    {
        $errors[] = "An error occurred when sending the confirmation email. \n";
        return false;
    }
    */
    return true;

}



<script type="text/javascript">
function update_total(frm)
{
   
        if (isNaN(frm.adults.value))
    {
        document.getElementById('total').innerHTML = 'Please specify the number of adults above.';
    }
        else if (isNaN(frm.children13_18.value))
    {
        document.getElementById('total').innerHTML = 'Please specify the children 13 - 18 above.';
    }
        else if (isNaN(frm.children12_6.value))
    {
        document.getElementById('total').innerHTML = 'Please specify the the children 6 - 12 above.';
    }
        else if (isNaN(frm.children5.value))
    {
        document.getElementById('total').innerHTML = 'Please specify the the children 5 and under above.';
    }
    else
    {
                cost1 = 0;
        cost2 = 0;
        cost3 = 0;
        cost4 = 0;
                totalcost = 0;
        if((frm.adults.value !=0))
        {
                cost1 += 30 * (frm.adults.value);
                        cost2 += 10 * (frm.children13_18.value);
                        cost3 += 5 * (frm.children12_6.value);
                        cost4 += 0 * (frm.children5.value);
                }
        //document.getElementById('totaladults').innerHTML = '$' + (cost1) + '.00';
                //document.getElementById('totalchildren13_18').innerHTML = '$' + (cost2) + '.00';
                //document.getElementById('totalchildren12_6').innerHTML = '$' + (cost3) + '.00';
                //document.getElementById('totalchildren5').innerHTML = '$' + (cost4) + '.00';
               
        totalcost = (cost1 + cost2 + cost3 + cost4);       
                document.getElementById('total').innerHTML = '$' + (totalcost) + '.00'; 
                document.getElementById('total_cost').value = (totalcost) + '.00'; 
               
               
    }
}
//-->
</script>
When you submit your form, the variable $_REQUEST['total_cost'] will have the cost, without the dollar sign. I do recommend taking the steps they said above, if I use a simple tool I can edit your JavaScript for my browser right off my site, then inject false information to you. Good luck!
Post Reply