PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
We are a youth hockey league that uses a php webform that emails the results, writes to a mysql database and a csv file.
2 weeks ago our web hosting company relocated servers. Since then the form hasn't worked. All form fields are required. The problem is when all the fields are filled out correctly, the form sends the user to the default error page telling them to go back and re-do the form, yadda yadda. The code looks the same to me as it did when it worked.
We need this form to work badly. Any free help would be truly appreciated! Thanks in advance.
(perhaps you need to check again that the form and this handling page match, there also seem to be 'work phone' which is used (but not required) in your code here but is not in the form; and is your security number even being checked?)
<?php
# ----------------------------------------------------
# -----
# ----- This script was generated by the demo version of PHP-Form Wizard 1.2.6 on 11/2/2007 at 12:04:17 AM
# -----
# ----- http://www.tools4php.com
# -----
# ----------------------------------------------------
# -----
# ----- Many Features are available only in the Full version, to order please follow this link :
# -----
# ----- http:// http://www.tools4php.com/form-wizard/index.html
# -----
# ----------------------------------------------------
# Get our items
@$pfw_ip= $_SERVER['REMOTE_ADDR'];
@$Position = $_POST['Position:'];
@$Position_Other = $_POST['Position_Other:'];
@$Parent_Name = $_POST['Parent_Name'];
@$Address = $_POST['Address'];
@$City = $_POST['City'];
@$State = $_POST['State'];
@$Zip = $_POST['Zip'];
@$Email = $_POST['Email'];
@$Home_Phone = $_POST['Home_Phone'];
@$Players_Name = $_POST['Players_Name'];
@$DOB = $_POST['DOB'];
@$Currently_Attending = $_POST['Currently_Attending'];
@$Current_School_District = $_POST['Current_School_District'];
@$Current_School = $_POST['Current_School'];
@$High_School = $_POST['High_School'];
@$Current_Age_Division = $_POST['Current_Age_Division'];
# We only get other if current team is other
@$Your_Current_Team = $_POST['Current_Team'];
if ($Your_Current_Team == 'Other') {
@$Your_Current_Team = $_POST['Team_Other'];
}
@$Team_Level = $_POST['Team_Level'];
@$secnumber = $_POST['secnumber'];
@$checksum = $_POST['checksum'];
@$Additional_Info = $_POST['Additional_Info'];
// Validation
if (strlen($Parent_Name) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Address) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($City) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($State) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Zip) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (! ereg('[A-Za-z0-9_-]+\@[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+', $Email))
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Email) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Home_Phone) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Players_Name) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($DOB) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Currently_Attending) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Current_School_District) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Current_School) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($High_School) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Current_Age_Division) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Current_Team) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Team_Other) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
if (strlen($Team_Level) == 0 )
{
header("Location: http://glghl.com/error.html");
exit;
}
//Sending Email to form owner
$pfw_header = "From: $Email\n"
. "Reply-To: $Email\n";
$pfw_subject = "Girls HS Census Form";
$pfw_email_to = "bpavone@glghl.com";
$pfw_message = "Visitor's IP: $pfw_ip\n"
. "Parent_Name: $Parent_Name\n"
. "Address: $Address\n"
. "City: $City\n"
. "State: $State\n"
. "Zip: $Zip\n"
. "Email: $Email\n"
. "Home_Phone: $Home_Phone\n"
. "Players_Name: $Players_Name\n"
. "DOB: $DOB\n"
. "Currently_Attending: $Currently_Attending\n"
. "Current_School_District: $Current_School_District\n"
. "Current_School: $Current_School\n"
. "High_School: $High_School\n"
. "Current_Age_Division: $Current_Age_Division\n"
. "Current_Team: $Current_Team\n"
. "Team_Level: $Team_Level\n"
. "secnumber: $secnumber\n"
. "checksum: $checksum\n"
. "Additional_Info: $Additional_Info\n";
@mail($pfw_email_to, $pfw_subject ,$pfw_message ,$pfw_header ) ;
//Sending auto respond Email to visitor
$pfw_header = "From: bpavone@glghl.com"
. "Reply-To: bpavone@glghl.com";
$pfw_subject = "Girls HS Census Form";
$pfw_email_to = $Email;
$pfw_message = "Thank you for your submission. Your form data has been submitted.\n"
."This is what we have received: \n"
. "................................................. \n"
. "Parent_Name: $Parent_Name\n"
. "Address: $Address\n"
. "City: $City\n"
. "State: $State\n"
. "Zip: $Zip\n"
. "Email: $Email\n"
. "Home_Phone: $Home_Phone\n"
. "Players_Name: $Players_Name\n"
. "DOB: $DOB\n"
. "Currently_Attending: $Currently_Attending\n"
. "Current_School_District: $Current_School_District\n"
. "Current_School: $Current_School\n"
. "High_School: $High_School\n"
. "Current_Age_Division: $Current_Age_Division\n"
. "Current_Team: $Current_Team\n"
. "Team_Level: $Team_Level\n"
. "secnumber: $secnumber\n"
. "checksum: $checksum\n"
. "Additional_Info: $Additional_Info\n\n\n"
. "If any additional info is required we shall get back to you as soon as possible.\n\n"
. "GLGHL Webmaster.\n";
@mail($pfw_email_to, $pfw_subject ,$pfw_message ,$pfw_header ) ;
# This will add to SQL
mysql_connect('localhost', 'glghlcom_user', 'gdf234214');
mysql_select_db('glghlcom_hockey_info');
$sql = '
INSERT INTO hockey_info
SET ip="'.mysql_escape_string($pfw_ip).'",
name_parent="'.mysql_escape_string($Parent_Name).'",
address="'.mysql_escape_string($Address).'",
city="'.mysql_escape_string($City).'",
state="'.mysql_escape_string($State).'",
zip="'.mysql_escape_string($Zip).'",
email="'.mysql_escape_string($Email).'",
phone="'.mysql_escape_string($Home_Phone).'",
name_player="'.mysql_escape_string($Players_Name).'",
dob="'.mysql_escape_string($DOB).'",
attending="'.mysql_escape_string($Currently_Attending).'",
school_district="'.mysql_escape_string($Current_School_District).'",
school_name="'.mysql_escape_string($Current_School).'",
school_hs_name="'.mysql_escape_string($High_School).'",
division="'.mysql_escape_string($Current_Age_Division).'",
team="'.mysql_escape_string($Your_Current_Team).'",
tier="'.mysql_escape_string($Team_Level).'",
info="'.mysql_escape_string($Additional_Info).'";';
$result = mysql_query($sql) or die(mysql_error());
header("Location: http://glghl.com/thank_you.html");
?>
As far as the security code, I belong to a web form processor and I use their code because I don't know how to implement it myself. I am trying hard to learn on the fly.
you are testing "$Current_Team" but you do not create it like the other values. you create "$Your_Current_Team" instead.
oh, and you also test "$Team_Other", but you also do not define it. although, because you are only using it for $Current_Team you probably do not need to test it (unless you specifically wanted to notify the user that they had failed to provide the 'other' team value).
Last edited by Popcorn on Sat Jan 24, 2009 12:27 am, edited 1 time in total.