Page 1 of 1

Text after apostrophe in e-mail mailer won't show up

Posted: Sat Feb 28, 2009 4:07 am
by Okoth
I am having a problem with a (very good, by the way) script. It's Catch-all Form Processor. Text won't appear anymore in a sent e-mail after using an apostrophe in the textbox. It changes this "Hello, Im John." into this "Hello, I".

I've been spending a couple of hours now to find a solution, but no luck. Anyone?

(Files can be downloaded at: http://www.erikreagan.com/?download=Cat ... -Processor )

Mailer

Code: Select all

// Configure These Variables
 
$usingTemplate      = false;   
$customForm         = "path/to-your/form.php";   
$emailRecipient     = "handle@domainname.com";   
$bccRecipient       = "";   
$forwardUser        = true;   
$finalDestination   = "/";   
$subject            = "My PHP Form";   
$subjectIsInForm    = true;   
$subjectField       = "required-subject";  
$fromName           = "Your Name";   
$fromNameIsInForm   = true;   
$fromNameField      = "required-your-name";   
$fromEmail          = "yourhandle@domain.com";  
$fromEmailIsInForm  = true;   
$fromEmailField     = "required-your-email";   
$includeTimestamp   = true;   
$includeBlankFields = true;   
$emailHTML          = true;   
$headerTroubles     = false;   
 
 
 
define('EMAIL_RECIPIENT', $emailRecipient);
define('BCC_RECIPIENT', $bccRecipient);
define('FINAL_DESTINATION', $finalDestination);
if ($subjectIsInForm) { define('SUBJECT', $_POST[$subjectField]); } else { define('SUBJECT', $subject); }
if ($fromNameIsInForm) { define('FROM_NAME', $_POST[$fromNameField]); } else { define('FROM_NAME', $fromName); }
if ($fromEmailIsInForm) { define('FROM_EMAIL', $_POST[$fromEmailField]); } else { define('FROM_EMAIL', $fromEmail); }
if ($headerTroubles) { define('HEADER_TRAIL', "\n"); } else { define('HEADER_TRAIL', "\r\n"); }
 
// Start by checking to see if we're emailing the final results
if (array_key_exists('emailnow', $_POST)) {
    $to  = EMAIL_RECIPIENT;
    // To send HTML mail, the Content-type header must be set
    $headers  = 'MIME-Version: 1.0' . HEADER_TRAIL;
    if (!$emailHTML) {
        $headers .= 'Content-type: text;' . HEADER_TRAIL;
    } else {
        $headers .= 'Content-type: text/html; charset=iso-8859-1' . HEADER_TRAIL;
    }
 
    // Additional headers
    $headers .= "From: ".FROM_NAME." <".FROM_EMAIL.">" . HEADER_TRAIL;
    $headers .= "Bcc: ".BCC_RECIPIENT . HEADER_TRAIL;
    $title = SUBJECT;
    $timestamp = date('g:ia');
    $date = date('M jS, Y');
 
    if (!$emailHTML) {
        $message = "Here are the results from the form submitted on $date\n\n";
        foreach($_POST as $key2 => $value2) {
            if (is_array($value2)) { $value2 = implode(", ", $value2); }
            $key2 = str_replace('_', ' ', $key2);
            $key2 = str_replace('-', ' ', $key2);
            $key2 = str_replace('ignore ','',$key2);
            $key2 = ucwords(str_replace('required ', '', $key2));
            $value2 = htmlspecialchars($value2);
            $message .= ((strtolower($key2) == "submit") || (strtolower($key2) == "emailnow")) ? "" : "\n$key2\n   $value2\n";
        }
            if ($timestamp) { $message .= "\nForm Submitted on $date at $timestamp\n"; }
    } else {
        $message = "    <html>
        <head>
          <title>$title</title>
        </head>
        <body>
 
          <p>Here are the results from the form submitted on $date</p>
 
          <table cellpadding='0' cellspacing= '0'>\n
        ";
        foreach($_POST as $key2 => $value2) {
            if (is_array($value2)) { $value2 = implode(", ", $value2); }
            $key2 = str_replace('_', ' ', strtolower($key2));
            $key2 = str_replace('-', ' ', $key2);
            $key2 = str_replace('ignore ','',$key2);
            $key2 = ucwords(str_replace('required', '', $key2));
            $value2 = htmlspecialchars($value2);
            $message .= ((strtolower($key2) == "submit") || (strtolower($key2) == "emailnow")) ? "" : "    <tr style='margin:4px'>
              <td style='width:200px;border-bottom:1px solid #c0c0c0;'>$key2</td><td style='border-bottom: 1px solid #c0c0c0'>$value2</td>
            </tr>\n
        ";
        }
        if ($timestamp) {
            $message .= "    <tr style='margin:4px'>
              <td style='width:200px;border-bottom:1px solid #c0c0c0;'>Form Submitted on</td><td style='border-bottom: 1px solid #c0c0c0'>$date at $timestamp</td>
            </tr>\n
        ";
        }
        $message .= "
          </table>
 
        </body>
        </html>
        ";
    }
 
    if (mail($to, SUBJECT, $message, $headers)) {
        $block = "<div id=\"top\">\n\n<h2>Thank You</h2>\n\n</div>\n\n<p class=\"sent\">Your form has been submitted.\n";
        if ($forwardUser) {
            $block .= "If you are not redirected shortly please <a href=\"".FINAL_DESTINATION."\">click here</a>.</p>\n\n<script type=\"text/javascript\">setTimeout('window.location=\"".FINAL_DESTINATION."\"',5000)</script>\n";
        } else { $block .= "</p>\n\n"; }
    } else {
        $block = "<div id=\"top\">\n\n<h2>I'm sorry</h2>\n\n</div>\n\n<p class=\"sent\">Your form has not been submitted. There may be a problem with the server. Please contact the administrator.\n";
    }
 
// If it's not ready to email then run errors and display back form data
} else if ((in_array('submit', $_POST)) || (array_key_exists('submit', $_POST))){
    
    // Check required fields for any data
    foreach ($_POST as $check => $info) {
        $check = strtolower(preg_replace("/[^a-zA-Z0-9s]/", " ", $check));
        if ((strstr($check,'required')) && (empty($info))) {
            $check = ucwords(str_replace('required','',$check));
            $errors[] = "A required field was left blank: <strong>$check</strong>";
        }
        if ((is_array($info)) && (in_array('didnotchoose',$info)) && count($info) == 1) {
            $check = ucwords(str_replace('required','',$check));
            $errors[] = "A required field was left blank: <strong>$check</strong>";
        }
    }
    
    // Check to standard email field to validate
    foreach ($_POST as $check => $info) {
        $check = strtolower(preg_replace("/[^a-zA-Z0-9s]/", "", $check));
        $info = strtolower($info);
        if ((strstr($check,'email')) && (!empty($info)) && (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $info))) {
            $errors[] = "This email address is not valid: <strong>$info</strong>";
        }
    }
    
    // Setup HTML display of form values
    $title = "Form Results";
    $block = "<div id=\"top\">\n    <h2>Form Results</h2>\n    <h5>Please Review Your Information</h5>\n    <h5 class=\"red\">Form Not Yet Submitted</h5>\n</div>\n\n<div id=\"results\">\n</div>\n\n<div id=\"results\">\n\n";
 
    // Run the error report and display it if needed
    if (!empty($errors)) {
        if (count($errors) > 1) { $Error = "Errors"; } else { $Error = "Error"; }
        $block .= " <div class=\"error\">\n   <p><strong>$Error in Form</strong></p>\n";
        $block .= "   <ul>";
        foreach ($errors as $field => $data) {
            $block .= "\n     <li>$data</li>";
        }
        $block .= "\n   </ul>\n   <p><a href=\"javascript&#058;history.go(-1)\">Go back and try again.</a></p>\n </div>\n\n";
    }
    $block .= " <ul id=\"display\">";
    
    
    foreach($_POST as $key1 => $value1) {
        $key1 = str_replace('_', ' ', strtolower($key1));
        $key1 = str_replace('-', ' ', $key1);
        $key1 = str_replace('required', '', $key1);
        if (!strstr($key1,'ignore')) {
            if (is_array($value1)) { $value1 = implode(", ", $value1); }
            $value1 = str_replace('didnotchoose, ', '', $value1);
            $value1 = htmlspecialchars($value1);
            if (($value1 == "") || ($value1 == "didnotchoose")) { $value1 = "<strong>[ left blank ]</strong>"; }
            $block .= ((strtolower($key1) == "submit") || (strtolower($key1) == "emailnow")) ? "" : "\n   <li><strong>".str_replace('ignore', '', ucwords($key1)). ":</strong> <span>".stripslashes($value1)."</span></li>";
        }
    }
    $block .= "\n  </ul>\n</div>\n\n";
    // Setup hidden form for email submission 
    $block .= "<div id=\"email\">\n    <form name=\"emailit\" action=\"\" method=\"post\" accept-charset=\"utf-8\">\n";
    $block .= "\t<input type='hidden' name='emailnow' value='emailnow' id='emailnow' />\n";
    foreach ($_POST as $field => $value) {
        if (is_array($value)) { $value = implode(", ", $value); }
        $value = str_replace('didnotchoose, ', '', $value);
        $value = htmlspecialchars($value);
        if ($value == "") { $value = "[ left blank ]"; }
        if (!$includeBlankFields) {
            if (($field !== "submit") && ($value !== "[ left blank ]")) {
                $block .= "\t<input type='hidden' name='".$field."' value='".htmlspecialchars(stripslashes($value))."' id='".$field."' />\n";
            }
        } else { 
            if ($field !== "submit") {
                $block .= "\t<input type='hidden' name='".$field."' value='".htmlspecialchars(stripslashes($value))."' id='".$field."' />\n";
            }
        }
    }
    
    if (!empty($errors)) {
        $block .= "\t<p><input type=\"button\" name=\"back\" value=\"Go Back\" id=\"back\" onclick=\"history.go(-1);\" /></p>\n    </form>\n</div>\n";
    } else {
        $block .= "\t<p><input type=\"button\" name=\"print\" value=\"Print Results\" id=\"print\" onclick=\"window.print();\" /><input type=\"submit\" name=\"submit\" value=\"Send Results\" id=\"submit\" /></p>\n    </form>\n</div>\n";
    }
    
} else {
    if ($usingTemplate) {
        include($customForm);
    } else {
        $block = "\n<p>There was an error processing the form.</p>\n\n";
    }
}
 
 
if (!$usingTemplate): ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
/* I leave it out coz text is too long...  */
</head>
<body>
<?php endif;
 
echo $block;
 
if (!$usingTemplate): ?>

Re: Text after apostrophe in e-mail mailer won't show up

Posted: Sat Feb 28, 2009 4:12 am
by requinix
htmlspecialchars doesn't encode apostrophes by default. I'm looking at lines 174 and 178.

Read the documentation.

Re: Text after apostrophe in e-mail mailer won't show up

Posted: Sat Feb 28, 2009 8:28 am
by Okoth
tasairis wrote:htmlspecialchars doesn't encode apostrophes by default. I'm looking at lines 174 and 178.

Read the documentation.
Almost there. In the line 174 and 178 I changed

Code: Select all

.htmlspecialchars(stripslashes($value))
into

Code: Select all

.htmlspecialchars(stripslashes($value), ENT_QUOTES)
But now the outcome of "Hello, I'm John." is "Hello, I\'m John."

One more clue and I am there... Please?