Page 1 of 1

Cant Figure this one out?

Posted: Mon Jul 30, 2007 4:36 pm
by me!
I have a mailing list page that signs up a user, and puts them in our db.

The form is working just fine and it does save them to the db the problem is it also saves blank info, meaning if you hit the submit button with nothing filled out it will put a line in the db and send me an e-mail.

I don't know how it is doing this since the mail() line requires $process == 2, and I don't see the "thank you" :?

Code: Select all

//Post form data
$process = pnVarCleanFromInput('process'); //used in form to tell what stage we are at
$name = pnVarCleanFromInput('name');
$barn = pnVarCleanFromInput('barn');
$address = pnVarCleanFromInput('address');
$city = pnVarCleanFromInput('city');
$state = pnVarCleanFromInput('state');
$zip = pnVarCleanFromInput('zip');
$email = pnVarCleanFromInput('email');
$phone = pnVarCleanFromInput('phone');
$fax = pnVarCleanFromInput('fax');
$pony_kids = pnVarCleanFromInput('pony_kids');
$horse_masters = pnVarCleanFromInput('horse_masters');
$schooling_shows = pnVarCleanFromInput('schooling_shows');

if (empty($process))  // the user has not submitted the form so show it to them
	{
	include 'mailing_list_form.php';
	}

if($process == '1')  // form was submitted  
  {
	// set up error message if needed...	
        $error_msg=''; 
					
	//Now lets do some input checking
	if(trim("$name") == '' || strlen(trim("$name")) < 2)
		{
		$error_msg.="<li>Please enter a name.</li>";
		$error_1 = ' class="formerror"'; // the space in front of the class="formerror" is required!
		}
	if(trim("$address") =='' || strlen(trim("$address")) < 6) 
		{
		$error_msg.="<li>Please enter an address.</li>";
		$error_2 = ' class="formerror"'; 
		}
	if(trim("$city") =='' || strlen(trim("$city")) < 4) 
		{
		$error_msg.="<li>Please enter a city.</li>";
		$error_3 = ' class="formerror"'; 
		}
	if(trim("$state") =='' || strlen(trim("$state")) != 2) 
		{
		$error_msg.="<li>Please enter a state.</li>";
		$error_4 = ' class="formerror"'; 
		}
	if(trim("$zip") =='' || strlen(trim("$zip")) < 5)
		{
		$error_msg.="<li>Please enter a zip code.</li>";
		$error_5 = ' class="formerror"'; 
		}
	
	if (!empty($phone))
		{
		if(strlen(trim("$phone")) != 12)
			{
			$error_msg.="<li>Please enter a valid phone number, ex. 425-457-5555.</li>";
			$error_6 = ' class="formerror"'; 
			}
		}
					
	// see if an e-mail address was entered
	if (!empty($email))
		{
		// now check if email is a valid address in this format username@domain.com
		if(!ereg("[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]", "$email")) 
			{
			$error_msg.="<li>Please enter a valid email address.</li>";
			$error_7 = ' class="formerror"'; 
			}
		}
						
	// validate the check boxes
	if (!empty($schooling_shows))
		{
		if(trim("$schooling_shows") !='Yes') 
			{
			$error_msg.="<li><h1>Stop Hacking our Form!</h1></li>";
			}
		}
	if (!empty($pony_kids))
		{
		if(trim($pony_kids) !='Yes') 
			{
			$error_msg.="<li><h1>Stop Hacking our Form!</h1></li>";
			}
		}
	if (!empty($horse_masters))
		{
		if(trim("$horse_masters") !='Yes') 
			{
			$error_msg.="<li><h1>Stop Hacking our Form!</h1></li>";
			}
		}
  }



//***************************************************
// display error message if any, if not, proceed to other processing
//***************************************************

if($error_msg=='')  // if there are no errors do this
	{											
	// check to see if this person is in the DB			
	$query = "SELECT * FROM mailing_list 
                                         WHERE name='".pnVarPrepForStore($name)."' 
                                         AND address='".pnVarPrepForStore($address)."'"; 
	$result = mysql_query($query);
	$numrows = mysql_num_rows($result);
								
	if($numrows == 0) // 0 means this person is NOT in the db
		{
		//This person is new insert them
		mysql_query ("INSERT INTO  mailing_list (name, address, city, state, zip, phone, fax, 
                                                                                  email, schooling_shows, pony_kids, horse_masters, barn) 
		VALUES ('".pnVarPrepForStore($name)."',
                              '".pnVarPrepForStore($address)."',
                              '".pnVarPrepForStore($city)."',
                              '".pnVarPrepForStore($state)."',
                              '".pnVarPrepForStore($zip)."',
                              '".pnVarPrepForStore($phone)."',
                              '".pnVarPrepForStore($fax)."',
                              '".pnVarPrepForStore($email)."',
                              '".pnVarPrepForStore($schooling_shows)."',
                              '".pnVarPrepForStore($pony_kids)."',
                              '".pnVarPrepForStore($horse_masters)."',
                              '".pnVarPrepForStore($barn)."' )")
                or die ("Error - Could not insert you into our system, please try again, if problem persists contact us."); 

		}else{

			  // they are already in the db so just update everything
			  $query = "UPDATE mailing_list 
                          SET
				name='".pnVarPrepForStore($name)."',
                                address='".pnVarPrepForStore($address)."',
                                city='".pnVarPrepForStore($city)."',
                                state='".pnVarPrepForStore($state)."',
                                zip='".pnVarPrepForStore($zip)."',
                                phone='".pnVarPrepForStore($phone)."',
                                fax='".pnVarPrepForStore($fax)."',
                                schooling_shows='".pnVarPrepForStore($schooling_shows)."',
                                pony_kids='".pnVarPrepForStore($pony_kids)."',
                                horse_masters='".pnVarPrepForStore($horse_masters)."',
                                barn='".pnVarPrepForStore($barn)."'
			  WHERE name='".pnVarPrepForStore($name)."'
                          AND address='".pnVarPrepForStore($address)."'"; 
				
                           $result = mysql_query($query) 	
                           or die ("Error - could not update information.");
			  }
			
	// IMPORTANT LINE!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!						
	$process = '2';  // allow us to go to the conformation page
								
								
	} else { 
			//this is the error message if validation fails
			// set $error_message_html... to be used in html
			$error_message_html= '<div align="center">
			<table border="0" cellpadding="10"style="border-collapse: collapse" width="600" id="table2"><tr class="formerror">
			<td width="50" align="left"><img src="/images/error.gif" alt="ERROR!" width="48" height="48" /></td>
			<td width="500" align="left"><h2>Please correct the following errors:</h2><ul>'.$error_msg.'</ul></td>
			<td width="50" align="right"><img src="/images/error.gif" alt="ERROR!" width="48" height="48" /></td></tr>
                        </table></div><br />';
											
			// display the form so they can make the corrections
			include 'mailing_list_form.php';							
		    }
				
	
if($process == '2') //form data should have been validated and saved at this point
	{
	echo'<h2>Thank you your information was submitted.</h2>';
	
	// send an e-mail
	$to = "me@myweb.com";
	$subject = "Mailing List";
	$body = "Please add $name to the maling list,\n\nThey are intrested in getting information on:\nPony Kids: $pony_kids\nHorsemasters: $horse_masters\nHorse Shows: $schooling_shows\n\nAddress:\n$name\n$address\n$city $state $zip\n\nPhon: $phone\nFax: $fax\n\nE-mail: $email";
	mail($to, $subject, $body);
	}

Posted: Mon Jul 30, 2007 4:44 pm
by nathanr
shouldn't all you < be > 8O

Posted: Mon Jul 30, 2007 6:47 pm
by me!
Hu? :?:

Posted: Tue Jul 31, 2007 4:51 pm
by me!
this thing is driving me juts I just don't see how it is sending e-mails :?:

Any suggestions?

Posted: Tue Jul 31, 2007 4:51 pm
by me!
me! wrote:this thing is driving me nuts I just don't see how it is sending e-mails :?:

Any suggestions?

Posted: Tue Jul 31, 2007 5:01 pm
by nathanr
is this the whole script?

I can't see where you are picking up the post/get dtat and putting it into the variables..?

Posted: Tue Jul 31, 2007 8:54 pm
by me!
Sorry I left out the post data, I edited it.

It's all working and the form and db do work just as they should,
validation = works
save to db = works
edit if in db = works
send email and say thank you = works (as far as the user knows)

I also cleaned up the formatting so you can read it. :)

Now the part that has me most confused is not only do I get sent an e-mail but the info also gets sent to the db, BUT no "thank you" just the form with errors as it should be.

Posted: Wed Aug 01, 2007 4:08 am
by tansoft
could you please post the updated code ?

Posted: Wed Aug 01, 2007 7:37 pm
by me!
The first post has the updated code... I just edited it. The POST data is:

Code: Select all

//Post form data
$process = pnVarCleanFromInput('process'); //used in form to tell what stage we are at
$name = pnVarCleanFromInput('name');
$barn = pnVarCleanFromInput('barn');
$address = pnVarCleanFromInput('address');
$city = pnVarCleanFromInput('city');
$state = pnVarCleanFromInput('state');
$zip = pnVarCleanFromInput('zip');
$email = pnVarCleanFromInput('email');
$phone = pnVarCleanFromInput('phone');
$fax = pnVarCleanFromInput('fax');
$pony_kids = pnVarCleanFromInput('pony_kids');
$horse_masters = pnVarCleanFromInput('horse_masters');
$schooling_shows = pnVarCleanFromInput('schooling_shows'); 
The only thing that is missing is two includes, the API, and the form HTML page. Neither has an effect on the operation.

Posted: Wed Aug 01, 2007 8:05 pm
by smudge
try echoing $process at various locations in the script to see if and when it changes.
Also, It might be easier to do this in the beginning:

Code: Select all

while (list ($key,$val) = each ($_POST)) {
    ${$key} = pnVarCleanFromInput($key);
}
That should have the same effect as all those lines.