I am using the following code to save the e-mails entered in the form. But on clicking on "Submit", it is giving an internal server error. Please help in rectifying it.
Code for form.php:
<html>
<body>
<form action="email_script.php" method="POST">
<p> Email Address: <input type="text" name="email" size="30"/> </p>
<input type="submit" name="submit" value="Submit"/>
</body>
</html>
Code for email_script.php:
<? php
$email = $_POST('email');
$file = "file.html"
file_put_contents($file, $email . PHP_EQL, FILE_APPEND);
print("...");
?>
You have a gap between <? and php. This should be <?php.
Also, $email = $_POST('email'); should be $email = $_POST['email']; (with square brackets)
Also, as pointed out below, the second line needs a semi colon at the end.
Also, I have never heard of PHP_EQL. Perhaps you mean PHP_EOL?
If you are working in a local environment, consider putting error_reporting(-1); at the top of your php file (after the <?php). This will give more detailed errors than just 'Internal Server Error'. BUT REMEMBER to remove the line before putting the script in a live environment.
ALSO - be aware that just adding data from a form into a file on the server, without validating or cleaning, is very very dangerous. I won't go into more detail as that's not what your question asked, but maybe look into that a little as well.
Related
I'm just starting to learn form and PHP. I am testing a simple HTML file from W3Schools here with the following code:
<html>
<body>
<form action="welcome.php" method="get">
Name: <input type="text" name="name"><br>
E-mail: <input type="text" name="email"><br>
<input type="submit">
</form>
</body>
</html>
It is supposed to pass the information to a PHP file called welcome.php, which looks like this:
<html>
<body>
Welcome <?php echo $_GET["name"]; ?><br>
Your email address is: <?php echo $_GET["email"]; ?><br>
Random thing: <?php $rand = "bananas"; echo "$rand"; ?>
</body>
</html>
When I run the HTML file on Chrome, fill in the name and the email and press submit, the page looks like this:
Welcome
Your email address is:
Random thing:
While the HTML part works, the name variable, email variable and rand variable isn't printed.
[EDIT]: I solved it by transferring the files to a server and running it by going onto the actual webpage and it worked. Also Azeez Kallayi suggested running it on Xamp.
I think you are not using any server, just opening in broswer without any server. Also correct semicolon as in the above comment.
Since PHP is a server side programming language , you need a server to execute the PHP scripts.
There are many applications available that you can use as local servers and run your application. Some of them are below.
Wamp, Xamp, Lamp
Hope this will help you
Change this
echo "$rand";
To this
echo $rand;
Firstly you should get knowledge what PHP is and how you can use it.
PHP is a server-side scripting language. So if you try to run it like a html file you will not see the expected output. You need to understand what is a server side server-side scripting is.
If you have have jumped into coding is very essential you should know how you should debug to resolve your error.
One easy way is to enable error reporting.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
?>
Hope this will give you a start .
I'm creating an e-mail system, so I made this little test tidbit and it works.....a bit?
<html>
<head><title>EMail Test</title></head>
<body>
<input type="text" name="email">
EMail (required)
<br><br>
<textarea name="comment" rows="5" cols="40"></textarea> what's your problem?
<br><br>
<form method="POST" action=''>
<input type="submit" name="button1" value="Submit">
</form>
<?php
if (isset($_POST['button1'])) {
$msg=$_POST['email']." asks: ".$_POST['comment'];
echo $msg;
$email=$_POST['email'];
$SupportNinga="Typhoone01#gmail.com";
$mail=mail($SupportNinga,"Question from ".$email,$msg);
echo "Emailing...";
if($mail) {
echo"E-mail sent sucessfully";
}
}
?>
</body>
</html>
This was put into an online host and didn't seem to work.
It sent the e-mail, but it simply said "Question from-asks:". I can tell it's not properly reading the $_POST.
Help is appriciated. :P
Firstly, this part of your code is outside your form.
<textarea name="comment" rows="5" cols="40"></textarea> what's your problem?
As is <input type="text" name="email">
Place all form elements inside <form></form> tags.
Reference: http://php.net/manual/en/tutorial.forms.php
Your mail() parameters are also off.
Read the manual http://php.net/manual/en/function.mail.php
Use error reporting.
Add error reporting to the top of your file(s) which will help find errors.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// rest of your code
Sidenote: Displaying errors should only be done in staging, and never production.
You should also check for empty()'ness on your email input.
http://php.net/manual/en/function.empty.php
Also using FILTER_VALIDATE_EMAIL against it:
http://php.net/manual/en/filter.examples.validation.php
HTML sticklers:
In regards to using <html> it's best to declare a doctype, such as <!DOCTYPE html>.
Firefox for one, will throw a (red) warning in HTML source, upon placing your mouse over <html>.
Such as:
Start tag seen without seeing a doctype first. Expected "<!DOCTYPE html>".
<form method="POST" action=''> be consistent and use all double quotes.
Seperate your PHP from HTML. Place your PHP above your HTML if you're not going to be echoing anything special besides your "success on mail" message.
Prevent data resubmissions:
You should be redirecting to a new page using a header, and using sessions/tokens to prevent people from resubmitting the same data if the user refreshes that page.
References:
http://php.net/manual/en/function.header.php
How to make a redirect in PHP?
How to prevent form resubmission when page is refreshed via PHP
http://www.phpro.org/tutorials/Preventing-Multiple-Submits.html
XSS injection:
$msg=$_POST['email']." asks: ".$_POST['comment'];
You should first declare your variables assigned from your POST arrays, then concatenate those variables. You stand at getting an XSS injection here.
References:
XSS (Cross Site Scripting) Prevention Cheat Sheet
How to prevent cross site scripting
How to sanitze user input in PHP before mailing?
User sign-up via email footnote:
"I'm creating an e-mail system".
It seems you're new to working with emailing, and here are a few pointers for you.
You need to make sure that you include an unsubscribe method in each mailing.
There are laws about this, and is beyond the scope of this question.
Canada for one and being my country, has strict anti-spam laws, as do other countries.
http://fightspam.gc.ca/
So, make sure that the people who sign up, know what they're getting themselves into and have an double opt-in method for verification.
Otherwise, you will get blacklisted.
I am currently going through elithecomputerguy's youtube playlist for php programming. I am on part 7 of his 11 part series, this section talks about sending email with php. He writes out all the php code on notepad++ and uploads it to a standard godaddy web hosting account. I am using the same exact method, copying his code line by line, setting up the files in the same location and when I upload my email_form.php, it displays correctly
<HTML>
<HEAD>
</HEAD>
<BODY>
<form action="email_script.php" method="POST">
<p>Email Address: <input type="text" name="email" size="30"></p>
<p>Subject: <input type="text" name="subject" size="30"></p>
<p>Message: </p>
<p><textarea rows="10" cols="20" name="message"></textarea></p>
<input type="submit" name="submit" value="Submit">
</BODY>
</HTML>
Now I uploaded my email_script.php file just fine and it looks like so:
<?PHP
$from="test#mikesmtgadvice.com";
$email=$_POST['email'];
$subject=$_POST['subject'];
$message=$_POST['message'];
mail($email, $subject, $message,"From:".$from);
print "Your message has been sent: </br?$email</br>$subject</br>$message</p>
?>
so when I go to mysite.com/test/email_form.php, it works and displays this form the way it should. However, when I fill in the form and hit submit, when it tries running the script, I get an 500 Internal Server Error. I have no idea where to look for this error and cannot find the error log, and therefore cannot figure this out. In the video, he does this exact same process and it works, is there a setting I need to change in my server or?
Thank you for your help in advance, I'm sorry for the long winded version but I wanted to be as specific as possible.
You are missing a double quote and ; at the end of the print statement:
print "Your message has been sent: <br />$email<br />$subject<br />$message</p>";
Replace that with your print line and it will fix it.
so I've been fighting with this for a few days, and I just can't seem to make it work. Whenever I press the submit button, the browser should send the post variables to write.php, but instead, it just redirects back to the website homepage, or the Document Root. This should be really, really simple, and I've done it before, but now it doesn't work for me. What I want to know is if this is a problem with my webserver setup, or PHP, or just a stupid mistake on my part. It's just a simple HTML form, not really special, so here's the form itself, in index.php:
<p style="font-size:13px">
<?php
$rp = fopen('mainlog.txt', 'r');
while(!feof($rp))
{
$read = fgets($rp);
echo($read).('<br/>');
}
fclose($rp);
?>
</p>
<form action="write.php" method="post">
Name: <input type="text" name="user" /><br/>
Changes:<br/>
<textarea cols="70" rows="8" name="change" style="background-color:#555;color:#ccc;font-family:verdana,arial,helvetica,sans-serif;font-size:13px"></textarea><br/>
<input type="submit" value="Add Entry"/>
</form>
And here's where it send to, in write.php:
<?php
$fp = fopen('mainlog.txt', 'a');
$wr1 = $_POST['change'];
#$my_t = getdate(date("g"));
date_default_timezone_set("America/New_York");
$date = date("n").('/').date("d").('/').date("Y").(', ').date("g").(':').date("i").(':').date("s");
$who = $_POST['user'];
$write = $date.(' by ').$who.('
').$wr1.('
');
fwrite($fp, $write);
fclose($fp);
header('Location: http://www.zennixstudios.com/first/chlog/');
?>
I have tried this both on my Apache 2.2 dedicated server with PHP 5 on FreeBSD8.2, and on XAMPP for Windows, with the same results. I have a suspicion that it may have something to do with PHP, specifically PHP include(), because I have several of those on this page, and when I put this on a friend's computer with XAMPP, but without the included files, the include()s just put errors on the screen, but the HTML form suddenly works fine. So, are there any known conflicts with HTML forms and certain PHP functions?
Other Notes:
The code shown above for index.php is within the main page div, but if you want the whole page source just ask.
I'm pretty sure the error isn't in write.php, because I KNOW that the browser never sends anything to it, because it would at least put the date in mainlog.txt.
If you want to see what this looks like in context, go to http://www.zennixstudios.com/first/chlog/
Thanks,
Chaos
Here is your problem:
<table align="right"><tr><td align="right"><form action="/" method="post">Username: <input action="login.php" type="text" name="uname"/><br/>Password: <input type="password" name="passwd"/><br/><input type="submit" value="Login" align="right"/></td></tr></table>
You never closed the form up in your header for the username and password, so your <form action="/" method="post"> is being used for pretty much the entire page and your write.php form action is being ignored because a form is already, technically, open. You'll need to close the form in your header for the rest of your page to work properly.
To reiterate: nothing is being redirected, you're actually posting all the data from both 'forms' to the location / as specified.
I'm new to web development and have been wrestling with this problem for several hours now, so I've decided to turn to your wisdom. I'm trying to design a little webpage with a database for my wife to store her recipes in, but I'm having trouble getting form submission to work. Here is the code for the webpage where I take the form information in:
<html><body>
Enter the information below to add a new ingredient for use in your recipes.
<form action="add_to_database.php" method="post">
Name: <input name="name" type="text" />
Serving: <input type="text" name="serving" />
Calories: <input type="text" name="calories" />
<input type="submit" />
</form>
</body></html>
And here is some silly code I've been trying to display on the page to see if I can even get the form submission to work:
<html><body>
<?php
$name = $_POST['name'];
echo $name."<br />";
?>
</body></html>
Unfortunately, the page comes back as completely back (after I hit the submit button). What's absolutely baffling to me is that I've copied and pasted the examples from this page into some files and everything seems to work fine. So it seems as though apache and php are working correctly, but I'm messing up somewhere along the way. My apologies in advance if this seems like a stupid question but for the life of me I can't figure it out.
Do you name the other file as add_to_database.php where the form is submitted. Instead you can test on teh same page by removing the add_to_database.php from the form action.
form action="" method="post">
Name: <input name="name" type="text" />
Serving: <input type="text" name="serving" />
Calories: <input type="text" name="calories" />
<input type="submit" />
</form>
and write the php code on the same page as
$name = $_POST['name'];
echo $name;
If this is not working for you. Create a php file named test.php and type phpinfo(); there.
Verify that your page is indeed being processed by PHP - obvious question, but does your PHP file have a .php extension? Do other things like phpinfo() or echo "Test"; work?
Check the error log in /var/log/apache2/error.log or similar (if on Linux, dunno where that'd be on Windows).
Try turning display_errors on in the PHP configuration (this is a good idea only for a development install, not a production server).
a bit of a longshot, but if you can verify that php is pro essing the page. Clean up your html, you are missing the dtd, head, and encoding. . hard to say how a browser is going to interpret a form (missing a name attribute) without these.