Advanced Search

Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Contact form processor not getting value

  1. #11
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,629
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    Goign back to your original post...
    Quote Originally Posted by ?foru View Post
    The email will go to different users based on the query string in the URL like:

    index.php?page=contact&user=User%20One
    Quote Originally Posted by ?foru View Post
    Code:
    <input type="hidden" name="user" value="User One">
    PHP Code:
    switch ($_POST['user']) {
    case 
    "user%20One":
    $owner_email "user_one@domain.com";
    break; 
    These are not the same thing. $_POST will contain the values from the form field if the POST method was used to submit the form. $_GET will contain those values if the GET method was used.

    In either case, PHP url-decodes the values before you run your script: You should simply match against user One (etc.).

    Unless I'm missing something.
    We Only Torture the Folks We Don't Like (You're Probably Gonna Be Okay)
    It's a Party in the CIA

  2. #12
    Join Date
    Mar 2005
    Location
    SE PA USA
    Posts
    28,706
    Thanks
    43
    Thanked 3,133 Times in 3,097 Posts
    Blog Entries
    12

    Default

    I think we're way beyond that now. We abandoned that %20 part early on for instance. For another, jQuery ajax() is being used to submit the form. Please see my previous post in this thread for a working solution, fully tested.
    Last edited by jscheuer1; 08-04-2013 at 02:22 AM. Reason: more detail
    - John
    ________________________

    Show Additional Thanks: International Rescue Committee - Donate or: The Ocean Conservancy - Donate or: PayPal - Donate

  3. #13
    Join Date
    Jul 2008
    Posts
    119
    Thanks
    12
    Thanked 1 Time in 1 Post

    Default

    Thank you very much for your help jscheuer1! I was almost there with the concept of the code on the form and handler, but I knew I wasn't making the link in the ajax.

    It isn't a big deal, but do you or anyone else have a suggestion on how I can exactly match the security code? This is generated by the following...
    PHP Code:
    <? $a rand() % 2$b rand() % 3$c $a $b?> 
    <label class="security"> 
    <input type="text" value="<?php echo "Security question: $a + $b =";?>">
    I setup a basic validation for that field that didn't allow letters and ranged from 0 to 5
    Code:
    ".security":{rx:/^\+?(\b0*[0-5]\b)/,target:'input'},
    to force some type of human interaction, but it would be better if it didn't validate if you entered in the incorrect response.

    From the research I've done on regex, I believe it's going to have to be something in the ajax code to check this rather than in the validation section. Thank you.

  4. #14
    Join Date
    Mar 2005
    Location
    SE PA USA
    Posts
    28,706
    Thanks
    43
    Thanked 3,133 Times in 3,097 Posts
    Blog Entries
    12

    Default

    In the form (addition highlighted):

    Code:
                          <?php $a = rand() % 2; $b = rand() % 3; $c = $a + $b; ?>  
                          <input type="hidden" name="security" value="<?php echo "$c"; ?>">  
                          <label class="security">  
                            <input type="text" value="<?php echo "Security question: $a + $b =";?>">  
                              <span class="error">*This is not a valid response.</span> <span class="empty">*This field is required.</span>  
                          </label>
    In the script, change highlighted:

    Code:
    					rx:{
    						".name":{rx:/^[a-zA-Z'][a-zA-Z-' ]+[a-zA-Z']?$/,target:'input'},
    						".state":{rx:/^[a-zA-Z'][a-zA-Z-' ]+[a-zA-Z']?$/,target:'input'},
    						".email":{rx:/^(("[\w-\s]+")|([\w-]+(?:\.[\w-]+)*)|("[\w-\s]+")([\w-]+(?:\.[\w-]+)*))(@((?:[\w-]+\.)*\w[\w-]{0,66})\.([a-z]{2,6}(?:\.[a-z]{2})?)$)|(@\[?((25[0-5]\.|2[0-4][0-9]\.|1[0-9]{2}\.|[0-9]{1,2}\.))((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\.){2}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\]?$)/i,target:'input'},
    						".security":{rx:new RegExp('^' + $('[name="security"]',th).val() + '$'),target:'input'},
    						".fax":{rx:/^\+?(\d[\d\-\+\(\) ]{5,}\d$)/,target:'input'},
    						".message":{rx:/.{20}/,target:'textarea'}
    					},
    This will require the response to be the correct response and only the correct response.

    I think it would be nice, if the incorrect response is given, that the original content (in this case the math problem) should be shown again on focus or even right away. But I'm not sure how to do either of those . . . yet.
    Last edited by jscheuer1; 08-06-2013 at 10:50 AM. Reason: make RegExp more strict, add info
    - John
    ________________________

    Show Additional Thanks: International Rescue Committee - Donate or: The Ocean Conservancy - Donate or: PayPal - Donate

  5. The Following User Says Thank You to jscheuer1 For This Useful Post:

    ?foru (08-08-2013)

  6. #15
    Join Date
    Mar 2005
    Location
    SE PA USA
    Posts
    28,706
    Thanks
    43
    Thanked 3,133 Times in 3,097 Posts
    Blog Entries
    12

    Default

    OK, I figured that one out. You cannot show the original content (the security question) on focus because the field needs to empty for input, but you can show it on error. But that got complicated because then you have to blur it or it empties out anyway, which leads to other things happening, unless you change the blur function slightly for cases where you don't want those other to happen.

    Anyways, by doing all that and adding an optional reset class for fields that you want to do this (only the security one seems to need it now) I got that to happen. I also changed the hidden filed to obfuscate the answer if someone or a bot used view source to try to outwit the check, converting it to an ASCII character and then back to the number in the validation RegExp.

    I also added a check in MailHandler:

    Code:
        if ($_SERVER['REQUEST_METHOD'] != 'POST' || isset($_SERVER['REFERER'])){  
        header("Location: ../index.php?page=contact"); 
        die;  
        }
    Because, if a hacker were to make a form and POST it to MailHandler, they could stuff your mailboxes with spam. But that form would have a referer, so would be redirected to the real form, which requires human interaction. The jQuery ajax() submission has no referer and a hacker cannot cross site submit via AJAX. They could set their page not to have one, but it's an extra step and they would have to guess that was the problem, they cannot see your PHP code.

    I added a callback for when the security question answer is wrong, to show the wrong answer so that slow humans will have a better chance the second time. I doubt this would be of any use to a bot. In fact, since most bots are not javascript enabled, they might not even see the form, as I've set it to display: none; and added code to the user.js to make it display (a better strategy for that purpose - hiding from bots, would be to have javascript make the form). The main reason for how I'm doing it now though is for real people without javascript, so they won't see the form, which is useless without javascript, and be shown instead:

    Get In Touch With User One

    (requires javascript enabled)
    Here's the new demo:

    user2.zip
    - John
    ________________________

    Show Additional Thanks: International Rescue Committee - Donate or: The Ocean Conservancy - Donate or: PayPal - Donate

  7. #16
    Join Date
    Jul 2008
    Posts
    119
    Thanks
    12
    Thanked 1 Time in 1 Post

    Default

    The hidden value "security" in the form and
    Code:
    ".security":{rx:new RegExp('^' + $('[name="security"]',th).val() + '$'),target:'input'},
    worked great to only accept the correct answer as you mentioned, thank you!

    After you mentioned displaying the question again I started thinking of all different types of scenarios but didn't know if one was possible for the reasons you mentioned in your last post (tricky situation). I'll definitely check out the last zip file you included with the latest round of modifications, because it sounds like you've covered all bases regarding bots and all! I was also thinking that after form submission I might add a meta refresh to redirect away from the form because several testing it said that they didn't see the success message and continued to hit submit which led to multiple emails being sent. I read about some ajax calls not working properly in windows 8, but these were windows 7 machines so my guess is that they scrolled down and didn't see the message. This form alone has helped me learn, and I appreciate all your help.

  8. #17
    Join Date
    Mar 2005
    Location
    SE PA USA
    Posts
    28,706
    Thanks
    43
    Thanked 3,133 Times in 3,097 Posts
    Blog Entries
    12

    Default

    The problem with multiple submissions isn't due to the person not seeing (missing) the success message. It's that they haven't seen it yet and/or that even when the submission is successful, the form doesn't reset until after the success message is hidden. We can disable the submission process until the AJAX call completes and the success message begins to slide up, at which point the form resets, so hitting submit again then would only result in each field displaying its '*This field is required.' message.

    To do that, add the highlighted to my latest index.php:

    Code:
    <style type="text/css">
    #contact-form fieldset {
    	width: 250px;
    }
    .error span {
    	color: red;
    }
    #contact-form fieldset label input, #contact-form fieldset label textarea {
    	margin: 2px;
    	padding: 1px 0;
    }
    .security input {
    	width: 12em;
    }
    .button1.disabled {
    	color: gray;
    	opacity: 0.5;
    }
    </style>
    <!--[if lt IE 9]>
    <style type="text/css">
    .button1.disabled {
    	filter:progid:DXImageTransform.Microsoft.Alpha(opacity=50);
    	display: inline-block;
    	zoom: 1;
    }
    </style>
    <![endif]-->
    </head>
    And use this updated version of the script:

    user.js

    Viola! No need to redirect the page.

    It's true though that sometimes the AJAX call will fail. So we should probably add an error function to it to display a message like:

    Submission Failed! Please try again later.
    When I get more time I will whip that up. I seriously doubt that Windows 8 will not do AJAX, though it's certainly possible, or that it might need a different syntax and/or later version of jQuery. I don't have Windows 8 to test on, so I would want more information on that. Where did you see/hear about this idea?
    Last edited by jscheuer1; 08-08-2013 at 07:28 AM. Reason: add old IE styles
    - John
    ________________________

    Show Additional Thanks: International Rescue Committee - Donate or: The Ocean Conservancy - Donate or: PayPal - Donate

  9. #18
    Join Date
    Jul 2008
    Posts
    119
    Thanks
    12
    Thanked 1 Time in 1 Post

    Default

    I found some were having issues with ajax Get in IE10, and there were mentions of Windows 8 but it seemed to be regarding specific calls and not ajax itself.

Similar Threads

  1. CSS Contact form-help need
    By bogdancornel in forum CSS
    Replies: 0
    Last Post: 06-22-2010, 03:17 PM
  2. Need Contact form...
    By baldrn in forum JavaScript
    Replies: 2
    Last Post: 04-14-2009, 03:26 PM
  3. Open Source Form Processor ?
    By chrbar in forum Looking for such a script or service
    Replies: 4
    Last Post: 04-02-2008, 05:57 AM
  4. Form Processor
    By Chevvy in forum PHP
    Replies: 1
    Last Post: 01-03-2007, 07:07 PM
  5. Contact Form
    By Johnnymushio in forum HTML
    Replies: 2
    Last Post: 08-25-2006, 05:20 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •