How can I embed http referrer in divi contact forms. I am able send only email, message text fields which are given inbetween %%field id%%. In Divi documentation they given that we need to put field id in between %% like this %%field id%%. But I am unable to add the http referrer or page url. I saw source code like this
"
<label for="et_pb_contact_name_1" class="et_pb_contact_form_label">Name</label>
<input type="text" id="et_pb_contact_name_1" class="input" value="" name="et_pb_contact_name_1" data-required_mark="required" data-field_type="input" data-original_id="name" placeholder="Name">
</p><p class="et_pb_contact_field et_pb_contact_field_1 et_pb_contact_field_last" data-id="email" data-type="email">
<label for="et_pb_contact_email_1" class="et_pb_contact_form_label">Email Address</label>
<input type="text" id="et_pb_contact_email_1" class="input" value="" name="et_pb_contact_email_1" data-required_mark="required" data-field_type="email" data-original_id="email" placeholder="Email Address">
</p><p class="et_pb_contact_field et_pb_contact_field_2 et_pb_contact_field_last" data-id="phone" data-type="input">
<label for="et_pb_contact_phone_1" class="et_pb_contact_form_label">Phone Number</label>
<input type="text" id="et_pb_contact_phone_1" class="input" value="" name="et_pb_contact_phone_1" data-required_mark="required" data-field_type="input" data-original_id="phone" placeholder="Phone Number" pattern="[0-9]*" title="Only numbers allowed.">
</p><p class="et_pb_contact_field et_pb_contact_field_3 et_pb_contact_field_last" data-id="message" data-type="text">
<label for="et_pb_contact_message_1" class="et_pb_contact_form_label">Message</label>
<textarea name="et_pb_contact_message_1" id="et_pb_contact_message_1" class="et_pb_contact_message input" data-required_mark="required" data-field_type="text" data-original_id="message" placeholder="Message"></textarea>
</p><p class="et_pb_contact_field et_pb_contact_field_4 et_pb_contact_field_last" data-id="url" data-type="input">
<label for="et_pb_contact_url_1" class="et_pb_contact_form_label">New Field</label>
<input type="text" id="et_pb_contact_url_1" class="input" value="" name="et_pb_contact_url_1" data-required_mark="not_required" data-field_type="input" data-original_id="url" placeholder="New Field">
</p>
<input type="hidden" value="et_contact_proccess" name="et_pb_contactform_submit_0">
<input type="text" value="" name="et_pb_contactform_validate_0" class="et_pb_contactform_validate_field" />
<div class="et_contact_bottom_container">
<button type="submit" class="et_pb_contact_submit et_pb_button">Send Message</button>
</div>
<input type="hidden" id="_wpnonce-et-pb-contact-form-submitted" name="_wpnonce-et-pb-contact-form-submitted" value="8b651527df" /><input type="hidden" name="_wp_http_referer" value="/data-analytics/test" />
</form>
</div> <!-- .et_pb_contact -->
</div> <!-- .et_pb_contact_form_container -->
Clearly there is hidden field but I dont know how to embed in form. Thanks
You can create new field and set display: none then just copy id of this input field.
Next create below divi code module and paste this
<script> const newInput = document.querySelector('#et_pb_contact_oboz-nazwa_0'); newInput.setAttribute('value', document.title) </script>
Where et_pb_contact_oboz-nazwa_0 - is ID of input field. You have to choose yours
document.title - is a title of page
If you want get url of page change document.title to window.location.href
And of course set this new input field to be not required
Related
I made a HTML form with a php csp header. I want to make a safe checkout with php. My csp header looks like this: Content-Security-Policy:default-src 'none'; base-uri 'self'; form-action 'none' https:example.com;. My form has also a php generated CSRF token.
Now my problem: I have a index.php file with the form and the token generator, a validation.php file and a thankyou.php file with the end screen. I want that the validation.php file not display in the url when redirect to the thankyou.php file.
index.php
<!---- HERE IS MY PHP CODE ---->
header('X-XSS-Protection: 1; mode=block');
header('X-Frame-Options: deny');
header('X-Content-Type-Options: nosniff');
header('Referrer-Policy: same-origin');
/* CSRF Protection */
$_SESSION['token'] = bin2hex(random_bytes(24));
<!---- ******************* ---->
<form id="delivery-form" action="php/validation.php"> <!---- HERE I'M NOT SURE HOW TO HIDE ---->
<div id="delivery-address" class="site">
<h2>Delivery Address/h2>
<!---Radio Buttons---->
<label for="men" class="radio men">
<input type="radio" name="rdo" id="men" class="hidden"/>
<span class="label"></span>Herr
</label>
<label for="woman" class="radio">
<input type="radio" name="rdo" id="woman" class="hidden"/>
<span class="label"></span>Frau
</label><br><br>
<div class="inputBox">
<input type="text" placeholder=" " name="firstname" autocomplete="on" required value="">
<label>Firstname</label>
</div><br>
<div class="inputBox">
<input type="text" placeholder=" " name="lastname" class="big_break" autocomplete="on" required value="">
<label>Lastname</label>
</div><br>
<div class="inputBox">
<input type="text" placeholder=" " name="street" id="input_middle_size" autocomplete="on" required value="">
<label>Street</label>
</div>
<div class="inputBox">
<input type="text" placeholder=" " name="number" id="input_small_size" autocomplete="on" required value="">
<label>Number</label>
</div><br>
<div class="inputBox">
<input type="text" placeholder=" " name="plz" id="input_small_size" autocomplete="on" required value="">
<label>Place</label>
</div>
<div class="inputBox">
<input type="text" placeholder=" " name="town" class="big_break" id="input_middle_size" autocomplete="on" required value="">
<label>town</label>
</div><br>
<div class="inputBox">
<input type="email" placeholder=" " name="email" autocomplete="on" required value="">
<label>E-Mail</label>
</div><br>
<!---Vorwahl und Telefonnummer Feld---->
<div class="inputBox">
<input type="text" placeholder=" " name="vorwahl" id="input_small_size" autocomplete="on" required value="">
<label>area-code</label>
</div>
<div class="inputBox">
<input type="tel" placeholder=" " name="phone_number" class="big_break" id="input_middle_size" autocomplete="on" required value="">
<label>phone-number</label>
</div><br>
</div>
</form>
Because hacker can then attack my validation.php file. I read an article over Post/Redirect/Get.
But I have no idee, how I can redirect securly.
I hope anyone can tell me how I can redirect from my form to the validation.php and thankyou.php file (Mostly Hacker Safe).
Anyway you have to send form somewhere to the server, and you can not hide this PHP-module by redirects (these easily trace in HTTP headers so it's protection from the kiddie-hackers only).
You already do use CSRF token and CSP's form-action for security. That's good.
To complicate hackers attacks you can additionally use CAPTCHA service (like reCAPTHA, hCAPTCHA), but these third-party scripts required to be also allowed in CSP (since you use it).
But it's impossible to hide a form handler (validation.php in your case).
It's only possible to create validation.php handler with no vulnerabilities and leave hackers no chances.
I'm trying to create a login page in php.
I got the form and the login verificaion works fine but when i go to my index.php which is my log in page, the login credentials are auto filled with unwanted credentials like below.
Whereas my login paage should look like this..
My form is as below:
<form action="check_login.php" method="post">
<label id="uname">User Name: </label><input type="text" placeholder="Enter Username" name="uname" required="required"> <br>
<label id="psw">Password: </label><input type="password" placeholder="Enter Password" name="psw" required="required"> <br> <br>
<button type="submit" name="login">Login </button>
</form>
When I use type=text it works fine..
I've also tried autocomplete="off", but it doesn't work...
What am I doing wrong? I'm a newbie... Please help me...
change
<input type="text" placeholder="Enter Username" name="uname" required="required">
with
<input type="text" placeholder="Enter Username" name="uname" required="required" autocomplete="off" />
it is browser feature to auto fill the form
"Autofilling" a form is a browser feature. You can turn it off for a form using the autocomplete attribute (setting it to off). Change your form to
<form action="check_login.php" method="post" autocomplete="off">
<label id="uname">User Name: </label><input type="text" placeholder="Enter Username" name="uname" required="required"> <br>
<label id="psw">Password: </label><input type="password" placeholder="Enter Password" name="psw" required="required"> <br> <br>
<button type="submit" name="login">Login </button>
</form>
There might be cases where autocomplete="off" is set, but the browser still fills in your form details. The "trick" is to set autocomplete to an invalid value, like autocomplete="kerbholz".
I got it...removed the user from saved logins from my browser.... And it works fine...
I have a large amount of input fields. How can I pass the values into an array so I can pass the array from one page to another?
example:
<input type="text" value=<?php $arry = "compName" ?> placeholder="Company Name" />
Is this legal? How can I do this properly?
EDIT:
In my page, I have "add" and "delete" buttons that will add/delete more input fields. I also have a "preview" button at the bottom. User will add/delete before hitting preview. Preview will collect all input and will call the next page. So the amount of field is unknown.
Here's what my code/markup looks like:
<div class="panel" style="width: 98%; margin:0 auto">
<div class="row">
<div class="large-6 columns">
Advertiser Info: <hr>
<input type="text" value="compName" placeholder="Company Name" />
<input type="text" value= "adEmail" placeholder="Email" />
<input type="text" value="adContName" placeholder="Contact Name" />
<input type="text" value="adPhone" placeholder="Phone # (NO DASHES)" />
<input type="text" value="adStreet" placeholder="Street Address" />
<input type="text" value="adCity" placeholder="City" />
<input type="text" value="adState" placeholder="State/Provice" />
<input type="text" value="adZip" placeholder="Zip/Postal Code" />
<input type="text" value="adCountry" placeholder="Country" />
</div>
<div class="large-6 columns">
Billing Info: <hr>
<input type="text" value="bEmail" placeholder="Email" />
<input type="text" value="bContName" placeholder="Contact Name" />
<input type="text" value="bPhone" placeholder="Phone # (NO DASHES)" />
<input type="text" value="bStreet" placeholder="Street Address" />
<input type="text" value="bCity" placeholder="City" />
<input type="text" value="bState" placeholder="State/Provice" />
<input type="text" value="bZip" placeholder="Zip/Postal Code" />
<input type="text" value="bCountry" placeholder="Country" />
</div>
</div>
</div>
So when the user hits add and EXACT copy of above code will be made.
With that said, I want to be able to use PHP arrays for html values to pass. How can I set my inputs so that I can do this?
You can do some tweaks like:
Using input type elements as array elements.
So that:
<input type="text" name="elem[name]" value="<?php echo $YOUR_VALUE;?>"
<input type="text" name="elem[class]" value="<?php echo $YOUR_VALUE;?>"
<input type="text" name="elem[marks]" value="<?php echo $YOUR_VALUE;?>"
So that the variables are you are posting should be less.
In this case, you are posting only one variable instead of three.
Use Jquery to get all the values of input fields and make a json object of {input_name:value} or array variable of key value and then pass it in argument.
var key_value = {};
$('input').each(function(){
key_value[$(this).attr('name')]= $(this).val();
})
alert(JSON.stringify(key_value));
Now you have an object with field name as key and its value.
I want my hidden input field to get the page title as its value.
This is my testmail.php code.
<p>From: <?php echo $_POST['name']; ?></p>
<p>Subject: <?php echo $_POST['subject']; ?></p>
<p>Email: <?php echo $_POST['email']; ?></p>
<p>Phone Number: <?php echo $_POST['phone']; ?></p>
<p style="width:300px;">Message: <?php echo $_POST['message']; ?></p>
and this is my form code
<form action="testmail.php" method="post" class="cf">
<label for="name">* Name:</label>
<input type="text" name="name" placeholder="Your Name">
<input type="hidden" name="subject" value="<?php value $_POST['pagetitle']; ?>">
<label for="email">* Email:</label>
<input type="text" name="email" placeholder="Enter a valid Email Address">
<label for="phone"> Phone:</label>
<input type="text" name="phone" placeholder="Enter areacode and number">
<label for="message">* Message:</label>
<textarea name="message"></textarea>
<button type="input">Send</button>
</form>
Is there a way to get the title automatically?
Here's a pure javascript way using the onsubmit event.
<form onsubmit="this.subject.value=document.title;">
<input type="text" name="subject" value="" />
<input type="submit" />
</form>
To give you a better understanding of the onsubmit event as the name suggests it executes the contained javascript when the user submits the form. The operation this.subject.value=document.title working from right to left basically says assign the value of document.title to the value attribute of the element with the name of subject in this specific form.
Using your existing form it should look like this (I added the onsubmit event and fixed up errors in your html as well as added the appropriate id's to form elements):
<form action="testmail.php" method="post" class="cf" onsubmit="this.subject.value=document.title;">
<label for="name">* Name:</label>
<input type="text" id="name" name="name" placeholder="Your Name" />
<input type="hidden" name="subject" value="" />
<label for="email">* Email:</label>
<input type="text" id="email" name="email" placeholder="Enter a valid Email Address" />
<label for="phone"> Phone:</label>
<input type="text" id="phone" name="phone" placeholder="Enter areacode and number" />
<label for="message">* Message:</label>
<textarea id="message" name="message"></textarea>
<input type="submit" name="submit" value="submit" />
</form>
This will set the value of your hidden input field once the page has finished loading.
<script>
$(function() {
$('input[name="subject"]').val($('title').text());
});
</script>
You can use JavaScript to do so, assuming you're using jQuery, bind submit event to your form
$('your_form_selector').on('submit', function(){
$('<input />').attr('type', 'hidden')
.attr('name', 'title')
.attr('value', document.title)
.appendTo($(this));
});
How may I get data of this form to be received in an email?
<form class="pa">
<fieldset>
<label>Name <em>*</em></label>
<input type="text" placeholder="">
<label>Email <em>*</em></label>
<input type="text" placeholder="">
<label>Age <em>*</em></label>
<input type="text" placeholder="">
<label>Phone <em>*</em></label>
<input type="text" placeholder="">
<label>Zip Code <em>*</em></label>
<input type="text" placeholder="">
<a class="submit pa" href="#"><img src="wp-content/themes/child/img/submit.png"</a>
</fieldset>
</form>
You'll need a server-side script to accept the form data, and send an email with it. You can do this PHP and several other languages. Judging by your sample code you have WordPress, so you might look into the ContactForm plugin.
wrap your input's with something like
<form class="pa" action="yourscript.php" method="post">
.
.
<label for="name">Name <em>*</em></label>
<input type="text" placeholder="" id="name" name="name">
.
<input type="submit" value="Submit" />
<!-- remove the a tag because that won't submit your form data or use type="image" -->
<input type="image" src="wp-content/themes/child/img/submit.png" />
</form>
then use $_POST['name'] to retrieve the value
you have to add name='' to each inputs to have them sent to your script eg <input type="text" id="name" name="name"> and they have to be different otherwise they might get overridden.
also your labels will need the for= to be useable which uses the id of the input eg <label for="name">Name <em>*</em></label>