I am adding a contact page to my website, but having issues with the comment text box. When the user enters invalid information into the name and email text field, the website redirects the user back to the contact page to fill out the correct information. However, I want the comment box to be optional for the user. For example, the user will enter their name and email, but doesn't have any comments. The code should then process the information. Currently, my code will redirect the user back to the contact page because the user did not enter any information into the comment box. Any suggestions on how to fix this error?
Thanks!
if (empty($_REQUEST['comment'])) {
$error = TRUE;
} else {
$comment = $_REQUEST['comment'];
$form['comment'] = $comment;
if (!preg_match("/^.{0,50}$/", $comment)) {
$error = TRUE;
$messages['comment'] = "<p class='errorMessage'> You have entered invalid information.</p>";
} else {
$_SESSION['comment'] = $comment;
}
}
If you want to allow the content box to be empty, just let an empty value be an acceptable value. This means only running your validation against that field if there is a value present. This means removing your if/else statement since empty($_REQUEST['comment']) is no longer a valid check.
if (!empty($comment) && !preg_match("/^.{0,50}$/", $comment)) {
I just added !empty($comment) && to your check which basically says, "if there is a value go ahead and validate it".
One thing you should also do if you use this code is trim whitespace from your comment box values. Otherwise a user could type a space character and that would not be considered empty:
$comment = trim($_REQUEST['comment']);
Final code:
$comment = trim($_REQUEST['comment']);
$form['comment'] = $comment; // I am assuming this is used elsewhere
if (!empty($comment) && !preg_match("/^.{0,50}$/", $comment)) {
$error = TRUE;
$messages['comment'] = "<p class='errorMessage'> You have entered invalid information.</p>";
} else {
$_SESSION['comment'] = $comment;
}
Related
I have a simple register form, my form validates but will not show error messages or validation messages
This is my form function
function validate_new_user()
{
$errors = [];
if (isset($_POST['register'])) {
$email = $_POST['email'];
$name = str_replace(" ", "", $_POST['username']);
$password = $_POST['password'];
if (empty($email)) {
$errors[] = "Email Address is required";
}
if (empty($name)) {
$errors[] = "Username is required";
}
if (strlen($password) < 5) {
$errors[] = "Password must be at least 6 characters long";
}
if (!empty($errors)) {
set_message($errors[0], WARNING);
} else if (create_new_user($email, $name, $password)) {
set_message('Please check your email for user Information.', SUCCESS);
redirect_to_url("/user/login");
}
}
}
I call my validation function in my form page
<?php validate_new_user(); ?>
so if there is an error it should set message but don't.
now if it successfully it redirects to login and sets a flash message also and I call it with
<?php display_message(); ?>
That don't display a message either
Flash message code
define('SUCCESS', 'success');
define('INFO', 'info');
define('WARNING', 'warning');
function set_message($message, $type = 'success')
{
if (!empty($_SESSION['flash_notifications'])) {
$_SESSION['flash_notifications'] = [];
}
$_SESSION['flash_notifications'][] =
$message = [
'<div class="alert . $type .">$message</div>'
];
}
function display_message()
{
if (isset($_SESSION['flash_notifications'])){
return $_SESSION['flash_notifications'];
}
}
my goal is to use one set message for all notifications with styles but I cannot get none of the messages to display
I’ll assume you’re calling session_start() at the beginning of the script.
Your usage of functions makes the problem much easier to diagnose! Sometimes, though, it helps to have a different set of eyes look at it.
Your function set_message() has a couple of errors:
The initialization of $_SESSION['flash_notifications'] should occur if it is empty, but instead you are initializing if it is not empty. Hence nothing can be added
Malformed assignment. When you are building the message array to save in $_SESSION, there is no need to reassign $message. Also, usage of single quotes does not interpret variables within the quotes, so the html snippet is not what you expect.
Corrected function:
function set_message($message, $type = 'success')
{
if (empty($_SESSION['flash_notifications'])) {
$_SESSION['flash_notifications'] = [];
}
$_SESSION['flash_notifications'][] = '<div class="alert '. $type .'">'.$message.'</div>';
}
Note, it might be more understandable to write it this way:
$_SESSION['flash_notifications'][] = <<<FLASH
<div class="alert $type'">$message</div>
FLASH;
Your function display_message() is almost correct as is, except you’re returning an array, not a string. If you’re going to print it, it must be converted into a string:
function display_message()
{
if (isset($_SESSION['flash_notifications'])){
return join('',$_SESSION['flash_notifications']);
}
}
Then when you call it in your html, use the short print tag instead of the regular <?php tag:
<!— somewhere in your view (html output) —>
<?= display_message() ?>
<!— continue html —>
I am a newbie and trying to implement a simple validation script after reading up, but I can't see how I can have multiple Ifs that will only do an sql insert if all required fields are met. Rather than having the multiple else statements, what is a syntax approach for having all the form validation Ifs together and if one of them fails, then the correct error is shown and the sql is not execute?
if(isset($_POST ['submit'])){
$user_ID = get_current_user_id();
$catErr = $ratingErr = $titleErr = $textErr = "";
if (empty($_POST["category"])) {
$catErr = "Category is required";
} else {
//DO THE INSERT BELOW!
}
if (empty($_POST["rating"])) {
$ratingErr = "Rating is required";
} else {
//DO THE INSERT BELOW!
}
if (empty($_POST["post_name"])) {
$postErr = "Title is required";
} else {
//DO THE INSERT BELOW!
}
if (empty($_POST["text"])) {
$textErr = "Text is required";
} else {
//DO THE INSERT BELOW!
}
//PDO query begins here...
$sql = "INSERT INTO forum(ID,
category,
rating,
post_name,
text
Use one variable for all the error messages and concatenate to it in the branches, so in the end if that variable is still empty string you won't do the insert. (And you don't need any of the empty else blocks that contain nothing but a comment.)
$err = "";
if (empty($_POST["category"])) {
$err .= "<br/>Category is required";
}
if (empty($_POST["rating"])) {
$err .= "<br/>Rating is required";
}
if (empty($_POST["post_name"])) {
$err .= "<br/>Title is required";
}
if (empty($_POST["text"])) {
$err .= "<br/>Text is required";
}
//PDO query begins here...
if($err=='')
{
$sql = "INSERT INTO forum(ID,
category,
rating,
...";
...
}
There are many solutions to your problem. Here are 3 methods of solving your issue.
You could combine all of your if statements like so:
if (empty($_POST['rating']) || empty($_POST'rating']) || ... ) { ... }
and separate them by double pipes.
You could also check the entire array:
if (empty($_POST)) $error = "There was an error!";
You could set a universal error variable and then output it.
A third solution could keep your current syntax but cut down on the amount of lines. You could save lines by doing without brackets. You can create an array and push your errors to the array.
Note: You can use empty() or isset().
// create an array to push errors to
$errors_array = array();
// if a particular field is empty then push the relevant error to the array
if(!isset($_POST['category'])) array_push($errors_array, "Category is required");
if(!isset($_POST['rating'])) array_push($errors_array, "Rating is required");
...
Once you have an array full of errors you can check for them like so:
// if the array is not empty (then there are errors! don't insert!)
if (count($errors_array) > 0) {
// loop through and echo out the errors to the page
for ($i = 0; $i < count($errors_array); $i++) {
echo $errors_array[i];
}
} else {
// success! run your query!
}
You should use javascript to validate the page before it is even processed into a post. This script will run client-side when they hit submit and catch errors before they even leave the page.
Here's a tutorial on how to do something like that: tutorial
Each field can have its own validation parameters and methods, and it will also make the page's code look a lot nicer.
I got it to go with this approach after showdev got me thinking that way. It's not very elegant perhaps, but does the trick, although all the user is taken to a blank page if there are errors and it simple says: Missing category (or whatever). Wondering if I can echo a link or something back to the page with the form from there so the user has an option like "go back and resubmit". Otherwise I will have to handle and display the errors alongside the form which will require a different approach altogether...
if(isset($_POST ['submit'])){
$errors = false;
if(empty($_POST['category'])) {
echo 'Missing category.<br>';
$errors = true;
}
if(empty($_POST['rating'])) {
echo 'Missing rating.<br>';
$errors = true;
}
if(empty($_POST['post_name'])) {
echo 'Missing title.<br>';
$errors = true;
}
if(empty($_POST['text'])) {
echo 'Missing text.<br>';
$errors = true;
}
if($errors) {
exit;
}
// THEN ADD CODE HERE. But how display form again if user makes errors and sees nothing but error message on page if they miss something (which is how it works now)
Generally, if you find yourself repeatedly writing very similar statements, using some sort of loop is probably a better way to go about it. I think what you said about "handling and displaying the errors alongside the form" is really what you need to do if you want the process to be user-friendly. If you put your validation script at the top of the file that has your form in it, then you can just have the form submit to itself (action=""). If the submission is successful, you can redirect the user elsewhere, and if not, they will see the form again, with error messages in useful places.
if (isset($_POST['submit'])) {
// define your required fields and create an array to hold errors
$required = array('category', 'rating', 'post_name', 'text');
$errors = array();
// loop over the required fields array and verify their non-emptiness
foreach ($required as $field) {
// Use empty rather than isset here. isset only checks that the
// variable exists and is not null, so blank entries can pass.
if (empty($_POST[$field])) {
$errors[$field] = "$field is required";
}
}
if (empty($errors)) {
// insert the record; redirect to a success page (or wherever)
}
}
// Display the form, showing errors from the $errors array next to the
// corresponding inputs
I am making a login system and I have a form with some validation.
However my form seems to be failing to pass the validation even though the data input should pass easily.
See:
http://marmiteontoast.co.uk/fyp/login-register/index.php
When you input a username, it should be over 3 characters. But even if you enter one really long you get the error message: The username is less than 3 characters.
EDIT: There was an issue in my copying from formatting that caused a missing }. I've corrected this. It wasn't the issue.
This is the if statement for the username pass. So it seems like it is not getting past the first test:
if (isset($_POST['username'])){
$username = mysql_real_escape_string(trim($_POST['username']));
$_SESSION['status']['register']['username'] = $username;
if(strlen($username) > 3){
if(strlen($username) < 31){
if(user_exists($username) === true){
$_SESSION['status']['register']['error'][] = 'That username is already taken. Sorry, please try again with a different username.';
}else{
// passed
}
} else {
$_SESSION['status']['register']['error'][] = 'The username is greater than 30 characters.';
}
} else {
$_SESSION['status']['register']['error'][] = 'The username is less than 3 characters.';
}
} else {
$_SESSION['status']['register']['error'][] = 'The username is not entered.';
}
And this is the HTML for the username:
<form method="post" action="register.php">
<div class="username">
<label class="control-label" for="inputUser">Username</label>
<input type="text" id="inputUser" name="username" placeholder="Username" value="<?php echo $usern_value; ?>" />
</div>
You can see the site here: http://marmiteontoast.co.uk/fyp/login-register/index.php
Session
The index page does use sessions.
It starts with this:
<?php
session_start();
?>
And kills the session at the end of the file:
<?php
unset($_SESSION['status']);
?>
But in the file it starts new sessions which store the inputs. This is so if you make a mistake, it still holds your info so you can adjust it rather than having the fill in the form again. Here is an example of where it grabs the username and saves it, then outputs it.
<?php
if(isset($_SESSION['status']['register']['username'])){
$usern_value = $_SESSION['status']['register']['username'];
} else {
$usern_value = "";
}
?>
value="<?php echo $usern_value; ?>" />
This is the user-exists function:
function user_exists($username){
$sql = "SELECT `id` FROM `users` WHERE `username` = '".$username."'";
$query = mysql_query($sql);
$result = mysql_num_rows($query);
if($result == 1){
// username does already exist
return true;
}else{
// username doesn't exist in the database
return false;
}
}
Ah, I can see the problem from your website link. When the error pops up ("The username is less than 3 characters."), try refreshing your browser. I expected to receive a browser warning that says the data would be resubmitted to the server — because you are in a post form — but I did not.
So, what does this mean? It means that immediately after validation failure, you are redirecting back to the same screen, and — unless you are using a session to preserve this information — your $_POST data will be lost. Commonly in the case of validation failure with this sort of form, you must prevent that redirect and render inside the post operation, which keeps the user's input available to you. The redirect should only occur if the form input was successful (i.e. it saves to the data and/or sends an email).
Edit: I should have seen the $_SESSION in the original post. OK, so the strategy is to write things to the session, redirect regardless of validation outcome, and to save error messages to the session. I wonder whether you are not resetting the session errors array when you're posting the form? Immediately after your first if, try adding this:
if (isset($_POST['username'])){
$_SESSION['status']['register']['error'] = array(); // New line
Unless you have something to make the session forget your errors, they will be stored until you delete your browser's cookie.
You have missed a closing brace } on this line:
if(user_exists($username) === true){
} else{// **missed the closing brace before the else**
// passed
}
Why is your logic so complex?
if (strlen($username) < 3) {
// too short
} elseif (strlen($username) > 31) {
// too long
} elseif (true === user_exists($username)) {
// already registered
} else {
// passed
}
Hi :) This is my first time posting on here but I can't figure it out and it should be simple. I think I have just been looking at it for too long. So I have a form for which I am carrying out form validation, all the validation works and it sends to the database.
The small issue I have is when it comes to the email and confirm email validation, the first if statement checks if the textbox is empty and if it is I should get the "Email is required" message. But due to the second if statement, I think the $emailErr variable gets overwritten by the second error message which should appear only if the email syntax is invalid.
Therefore, if i leave the textbox empty, i still get the "syntax invalid" message rather than the "email is required" message.
My confusion comes from the fact that, for example, my "firstname" validation (and all other validation) is pretty much the same idea but they do not get overwritten by the second error message which is also presented by using a second if statement.
I will copy the code for my firstname validation and the code for my email validation so you can get an idea of what I am talking about. Any help would be greatly appreciated. If not, im sure ill figure it out eventually :) Thanks!
FIRST NAME VALIDATION - if I leave the textbox blank I get error message "First name is required" - which is correct.
//Check if the firstname textbox is empty
if (empty($_POST['fname']))
//Show error message
{
$fnameErr = "First name is required";
}
//Check if fname is set
elseif (isset($_POST['fname']))
//Check the text using the test_input function and assign it to $fname
{$fname = test_input($_POST['fname']);}
//Check if first name contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$fname))
//Show error message & unset the fname variable
{
$fnameErr = "Only letters and white space allowed";
unset($_POST['fname']);
}
else
//Check the text using the test_input function and assign it to $fname
{$fname = test_input($_POST['fname']);}
EMAIL VALIDATION - if I leave the textbox empty I get the error message "Invalid Email Format" - it should be "Email is required" - why is this?
//Check if the email textbox is empty
if (empty($_POST['email']))
//Show error message
{
$emailErr = "Email is required";
}
//Check if email is set
elseif (isset($_POST['email']))
//Check the text using the test_input function and assign it to $email
{$email = test_input($_POST['email']);}
//Check if e-mail syntax is valid
if (!preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/",$email))
//Show error message & unset the email variable
{
$emailErr = "Invalid email format";
unset($_POST['email']);
}
else
//Check the text using the test_input function
{$email = test_input($_POST['email']);}
The proper way to validate an email is by using filter_var
$email = filter_var(filter_var($_POST['email'],FILTER_SANITIZE_EMAIL),FILTER_VALIDATE_EMAIL)
if(!$email)
$invalidemailMessage = 'You have entered an invalid email address!';
End of story.
If you really,really,really need to output "Email required":
if($_POST['email'] == "" || preg_match('/^\s+$/', $_POST['email']) == true) {
$invalidemailMessage = 'Email required.';
} else {
$email = filter_var(filter_var($_POST['email'],FILTER_SANITIZE_EMAIL),FILTER_VALIDATE_EMAIL)
if(!$email)
$invalidemailMessage = 'You have entered an invalid email address!';
}
with some adjustment to your current code you can keep it, ALTHOUGH what #tftd said is absolutely correct with regard to Sanitisation and Validation.
$error = array();
if (empty($_POST['email'])) {
$error[__LINE__] = "Email is required";
} elseif (isset($_POST['email'])) {
$email = test_input($_POST['email']);
}
if (!preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/", $email)) {
$error[__LINE__] = "Invalid email format";
unset($_POST['email']);
} else {
$email = test_input($_POST['email']);
}
if ($error){
print_r($error);
}
Part of your problem with your code is your last if is still being ran so you will always get the error if the email field is empty.
Change this
if (!preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/",$email))
To this
if (isset($email) && !preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/",$email))
I posted earlier, but have more information so would like to try again. I am trying to help a friend sort out a problem with the contact forms on his web page, which is built using SiteMan. He has a basic 'contact me' form and a 'request a quote' form on his page. The page is meadowwoodpedestals.com and it is hosted on BlueHost. These forms have worked for years, but we have just discovered that he is not receiving messages being sent via these forms. Upon testing, we found that when the submit button is clicked for either of these pages, instead of getting a confirmation screen, a blank screen is displayed and no message is sent. It has been months since he made any changes in the SiteMan editor.
(1) I contacted the host for support, and the reply told me that the errors indicated a problem with the page code for these two pages:
Premature end of script headers: 500.php, referer: http://www.meadowwoodpedestals.com/content/index.php?page=quote
Premature end of script headers: 500.php, referer: http://www.meadowwoodpedestals.com/content/index.php?page=contact
The response said: As you will see, it appears that the issue is with the code itself. You will need to have your web designer, or a script specialist, look over the code for the two pages, in order to resolve these issues. (My Note: the web designer is out of business)
(2) I found the following in the Bluehost forums (this is a bluehost site), I'm not sure if it is relevant?
"The premature end of script header, on a Bluehost server, is more than likely due to CPU quota (or memory?), the script was killed due to resource limitations."
(3) I looked at the page code for the contact form, which uses method="post" action="/cgi-bin/frmctact.php" and all of the basic html looked good - I don't know javascript so I am not sure about this (I've never seen that little cross symbol before?):
<script type="text/javascript" language="javascript">
function m_sfcon (u) {
pre = "mail";
url = pre + "to:" + u;
document.location.href = url + "#meadowwoodpedestals.com";
}†</script>
(4) I looked at the page code for the quote form, which uses method="post" action="/cgi-bin/mail/mail.php", and there are no script tags at all on that page.
(5) Without posting reams of code (as I'm not sure just what is useful), here is my thinking, please let me know if this is a reasonable track:
Since there are two different pages with the same error, I'm thinking it is not really a problem in either quote.php or contact.php
The two forms use different actions, so I'm guessing it is not mail.php or frmctact.php
==> There must be something common between the two pages, but what is it?? maybe index.php?
(6) I looked at index.php, and when I clicked on the opening php tag it closed with a tag in the sixth line of this statement (the ?> just prior to 'si",):
$adress = "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
include("data/page_header.php");
switch ($do) {
case "prevphp":
if ($Siteman->mlevel >= 4) {
echo preg_replace("'<\?php.*?\?>'si","",stripslashes($_POST["content"]));
}
break 1;
case "default":
if ($info[2] == 1 || $Siteman->mlevel >= $info[2]) {
include_once($content);
if ($Siteman->mlevel < 5) {
if ($page == "index") {
if (substr_count($_SERVER["HTTP_REFERER"],$adress) == 0) {
echo "<script language=\"Javascript\" type=\"text/javascript\">
var res = screen.width.toString() + 'x' + screen.height.toString();
var referer = '" . urlencode($_SERVER["HTTP_REFERER"]) . "';
document.write('<img width=\"1\" height=\"1\" src=\"stats.php?new=1&res=' + res + '&referer=' + referer + '\" id=\"stat\" name=\"stat\" />');
</script>";
}
}
}
}
break 1;
}
include("data/page_footer.php");
?>
(I don't know why this page works with address misspelled...)
Should I post the full code in cgi-bin/mail/mail.php and cgi-bin/frmctact.php to this area?
My sincere thanks for any / all help!
Abby
EDIT - Here is full frmctact.php - I deleted some blank lines and repeated warnings
<?
// ##########################################################################
//
// DynaForm v1.4 - Created by the Webligo Group
// http://www.webligo.com
//
//--> I deleted license text here
// ###########################################################################
// #### CONFIGURE FROM: ADDRESS ##############################################
// If you would like to specify the From: address of emails sent by DynaForm,
// enter it between the double quotes below. If you leave this blank, the
// server will assign the default email address.
$from_address = "info#meadowwoodpedestals.com";
// ###########################################################################
// #### ACTIVATE REQUIRED FIELDS? ############################################
//
// If you would like to make some fields of your form required, change "no" to
// "yes" below.
$required_on = "yes";
// If you have set $required_on to "yes" above, you can make fields required
// by beginning their name with "r_". For example, if you want to require
// a user to enter their name, use the following HTML:
//
// <input type='text' name='r_Name'>
//
// If a user fails to enter a required field, they will be taken to a page
// where a message such as "You have not completed all the required fields."
// will be displayed. Please specify the URL to this file below:
$required_errorpage = "/content/index.php?page=formerror";
// ###########################################################################
// #### OVERRIDE REQUIRED VARIABLES? #########################################
//NOTE: THIS WILL NOT
// AFFECT YOUR 'TURN ON REQUIRED FIELDS?' SECTION SETTINGS ABOVE.
//
// If you would like to override the three required variables in
// order to hide your email address, email subject, and thank you page
// URL from your email form, change "no" to "yes" below.
$override = "yes";
// If override is set to "yes", the hidden variables on your HTML
// email form named "rec_mailto", "rec_subject", and "rec_thanks" will be
// overridden and can therefore be removed from the form.
// If you have set override to "yes" above, you must specify new values for
// each of these variables below.
// Enter the email address(es) to send the email to.
$incoming_mailto = "info#meadowwoodpedestals.com";
// Enter the email subject.
$incoming_subject = "Website form";
// Enter the thank you page URL.
$incoming_thanks = "/content/index.php?page=formthanks";
// ###########################################################################
// #### BAN IP ADDRESSES? ####################################################
//
// If you would like to ban certain IP addresses from submitting your form,
// change "no" to "yes" below.
$ban_ip_on = "no";
// If you have set $ban_ip_on to "yes" above, please enter a list of the
// IP addresses you would like to ban, seperated only by commas.
// An example has been provided below:
$ban_ip_list = "111.222.33.55,11.33.777.99";
// ###########################################################################
// #### ACTIVATE DOMAIN SECURITY? ############################################
//
// This setting, when set to "yes" (default), will check to make sure other
// people are not submitting data to your dynaform.php file from their
// external domains. This means that if your domain name is "www.mysite.com",
// only forms on "www.mysite.com" will be able to use this dynaform.php.
// IF YOU ARE RECEIVING ERRORS SUCH AS "INVALID DOMAIN" FOR NO REASON, PLEASE
// CHANGE "yes" TO "no" BELOW.
$secure_domain_on = "no";
// ###########################################################################
// #### ACTIVATE AUTO-RESPONSE? ##############################################
//
//
// This setting, when set to "yes", will make DynaForm automatically reply to
// the user who submitted your form with an email message. If you would like
// to use this feature, change "no" to "yes" below.
$autorespond_on = "no";
// If you have set $autorespond_on to "yes" above, you must specify a subject,
// from-address, and message to include in the auto-response email.
// The following setting is the subject of the auto-response email:
$autorespond_subject = "Your Form Submission";
// The following setting is the from-address of the auto-respond email:
$autorespond_from = "youremail#yoursite.com";
// The following setting is the message of your auto-response email:
$autorespond_contents = "Your submission from our website has been received. Thank you!";
// DynaForm also needs to know how to retrieve the user's email address.
// You must specify the name of the field into which the user will enter
// their email address. For example, if your email form contains an input
// field like "<input type='text' name='Email'>" you would set the
// following setting to "Email".
$autorespond_mailto_field = "Email";
// ###########################################################################
// MAKE SURE DYNAFORM IS NOT BEING LOADED FROM THE URL
if($HTTP_SERVER_VARS['REQUEST_METHOD'] == "GET") {
echo "
<html>
<head><title>Webligo PHP DynaForm is installed correctly.</title></head>
<body>
<font style='font-family: verdana, arial; font-size: 9pt;'>
<b>DynaForm is installed correctly.</b></font><br>
<font style='font-family: verdana, arial; font-size: 8pt;'>
DynaForm Easy PHP Form Mailer was created by <a href='http://www.webligo.com'>Webligo Developments</a>.
</font>
</body></html>
";
exit();
}
// SET VARIABLES
$incoming_fields = array_keys($HTTP_POST_VARS);
$incoming_values = array_values($HTTP_POST_VARS);
if($override == "no") {
$incoming_mailto = #$HTTP_POST_VARS['rec_mailto'];
$incoming_subject = #$HTTP_POST_VARS['rec_subject'];
$incoming_thanks = #$HTTP_POST_VARS['rec_thanks'];
}
$incoming_mailto_cc = #$HTTP_POST_VARS['opt_mailto_cc'];
$incoming_mailto_bcc = #$HTTP_POST_VARS['opt_mailto_bcc'];
$form_url = #$HTTP_REFERER;
// MAKE SURE DYNAFORM IS BEING RUN FROM THE RIGHT DOMAIN
if($secure_domain_on == "yes") {
$form_url_array = parse_url($form_url);
$form_domain = $form_url_array[host];
if($form_domain != $HTTP_SERVER_VARS[HTTP_HOST]) {
echo "<h2>DynaForm Error - Invalid Domain</h2>
You have accessed DynaForm from an external domain - this is not allowed.<br>
You may only submit forms to a DynaForm file that exists on the same domain name.<br>
If you believe to be receiving this message in error, please refer to your readme.txt file.
<br><br>";
$error = "yes";
}
}
// CHECK IF MAILTO IS SET
if($incoming_mailto == "") {
echo "<h2>DynaForm Error - Missing Field</h2>
Your form located at <a href='$form_url'>$form_url</a> does not work because you forgot to include
the required \"<b>rec_mailto</b>\" field within the form. This field specifies who the email will
be sent to.
<br><br>
This should look like:<br>
<input type=\"hidden\" name=\"rec_mailto\" value=\"youremail#yoursite.com\">
<br><br>
If you are still confused, please refer to the readme.txt for more information and examples.<br><br><br><br>
";
$error = "yes";
}
// CHECK IF SUBJECT IS SET
if($incoming_subject == "") {
echo "<h2>DynaForm Error - Missing Field</h2>
Your form located at <a href='$form_url'>$form_url</a> does not work because you forgot to include
the required \"<b>rec_subject</b>\" field within the form. This field specifies the subject of
the email that will be sent.
<br><br>
This should look like:<br>
<input type=\"hidden\" name=\"rec_subject\" value=\"New DynaForm Email\">
<br><br>
If you are still confused, please refer to the readme.txt for more information and examples.<br><br><br><br>
";
$error = "yes";
}
// CHECK IF THANKS IS SET
if($incoming_thanks == "") {
echo "<h2>DynaForm Error - Missing Field</h2>
Your form located at <a href='$form_url'>$form_url</a> does not work because you forgot to include
the required \"<b>rec_thanks</b>\" field within the form. This field specifies what page the user
will be taken to after they submit the form.
<br><br>
This should look like:<br>
<input type=\"hidden\" name=\"rec_thanks\" value=\"thanks.html\">
<br><br>
If you are still confused, please refer to the readme.txt for more information and examples.<br><br><br><br>
";
$error = "yes";
}
// CHECK IF IP ADDRESS IS BANNED
if($ban_ip_on == "yes") {
if(strstr($ban_ip_list, $HTTP_SERVER_VARS[REMOTE_ADDR])) {
echo "<h2>DynaForm Error - Banned IP</h2>
You cannot use this form because your IP address has been banned by the administrator.<br>
";
$error = "yes";
}
}
if($error == "yes") {
exit();
}
// SET EMAIL INTRODUCTION
$message = "This email was received from your DynaForm located at $form_url \n\n";
// LOAD EMAIL CONTENTS
for ($i = 0; $i < count($incoming_fields); $i++) {
if($incoming_fields[$i] != "rec_mailto") {
if($incoming_fields[$i] != "rec_subject") {
if($incoming_fields[$i] != "rec_thanks") {
if($incoming_fields[$i] != "opt_mailto_cc") {
if($incoming_fields[$i] != "opt_mailto_bcc") {
// CHECK FOR REQUIRED FIELDS IF ACTIVATED
if($required_on == "yes") {
$sub = substr($incoming_fields[$i], 0, 2);
if($sub == "r_") {
if($incoming_values[$i] == "" OR !isset($incoming_values[$i]) OR $incoming_values[$i] == " ") {
header("Location: $required_errorpage");
exit();
}}}
// ADD FIELD TO OUTGOING MESSAGE
$message .= "$incoming_fields[$i]:\n$incoming_values[$i]\n\n";
}}}}}}
// SET EMAIL FOOTER
$message .= "\n\nEnd";
// CLEAR HEADERS
$headers = "";
// ADD FROM ADDRESS
if($from_address != "") {
$headers .= "From: $from_address\r\n";
}
// CHECK FOR CC OR BCC
if($incoming_mailto_cc != "") {
$headers .= "Cc: $incoming_mailto_cc\r\n";
}
if($incoming_mailto_bcc != "") {
$headers .= "Bcc: $incoming_mailto_bcc\r\n";
}
// SEND EMAIL
mail($incoming_mailto, $incoming_subject, $message, $headers);
// SEND AUTO-RESPONSE IF ACTIVATED
if($autorespond_on == "yes") {
$autorespond_mailto = #$HTTP_POST_VARS[$autorespond_mailto_field];
$autorespond_headers = "From: $autorespond_from";
mail($autorespond_mailto, $autorespond_subject, $autorespond_contents, $autorespond_headers);
}
// FORWARD TO THANK YOU PAGE
header("Location: $incoming_thanks");
?>
The 500 errors mean PHP is crashing. You need to look in the apache error log (bluehost have an icon for this in the cpanel, IIRC), and hopefully will see some PHP error message.
[people say] "the script was killed due to resource limitations."
I don't think it is this, because the 500 error happens immediately after submitting the form.