Interlopers.net Forum - Half-Life 2 News & Tutorials

hey Guys,

I'm creating an email form, and Im struggling with the code at the end, what am I missing?

Code: Select all

   if
      ($captcha == "yes"}
       mail{$mailto, $mail_subject,$mail_body, $headers);
   if
      ($captcha == "yes"}
      echo '<META HTTP:-EQUIV=Refresh CONTENT="0; URL='http://www.domain.com'">';      

I know nothing of php, but why do you have a } instead of a ) for the if statement?

also theres a { at the mail function and single quotes breaking up the echo'ed string.

You, my friend, need syntax highlighting. FAST.

yah I caught that...

but I still cant get the page to redirect after the user hits the submit button

heres the entire code to get a better idea of what im trying to do

Code: Select all

<?php
// Make sure to go through the HTML form //
   if
      ($_SERVER["REQUEST_METHOD"] <> "POST")
   die
      ("Unauthorized Access is not allowed.");
      
// Set the CAPTCHA Variables: //
   if
      {S_POST["capycha"] != $_SESSION["pass"]) $captcha = "no";
   if
      {S_POST["capycha"] != $_SESSION["pass"]) $captcha = "yes";

// E-Mail Header Information //
   $headers = 'MIME-Verson: 1.0' . "\r\n";
   $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
   $headers .= 'From: ' .$_POST['cust_email_addr']. "\r\n";
   $headers .= 'Reply-To: ' .$_POST['cust_email_addr']. "\r\n";
   $mail_to = "sales@suprtech.com";
   $mail_subject = "Service Order Request";
   
// E-Mail Body Information //
   // Cusstomer Information //
   $mail_boddy .= "\n <b>Customer Information" '\n';
   $mail_boddy .= "\n <br><b>- Customer Name:</b>: " .$_POST['cust_name']. "\n";
   $mail_boddy .= "\n <br><b>- Company Name:</b>: " .$_POST['cust_co_name']. "\n";
   $mail_boddy .= "\n <br><b>- Address:</b>: " .$_POST['cust_address']. "\n";
   $mail_boddy .= "\n <br><b>- City:</b>: " .$_POST['cust_city']. "\n";
   $mail_boddy .= "\n <br><b>- Province/State:</b>: " .$_POST['cust_state']. "\n";
   $mail_boddy .= "\n <br><b>- Postal/Zip Code:</b>: " .$_POST['cust_postal']. "\n";
   $mail_boddy .= "\n <br><b>- Customer Email:</b>: " .$_POST['cust_email_addr']. "\n";
   $mail_boddy .= "\n <br><b>- Customer Phone:</b>: " .$_POST['cust_phone']. "\n";
   
   // Customer Account Information //
   $mail_boddy .= "\n <b>Customer Account Information" '\n';
   $mail_boddy .= "\n <br><b>- Requested Package Type:</b>: " .$_POST['cust_package']. "\n";
   $mail_boddy .= "\n <br><b>- Requested Domain:</b>: " .$_POST['cust_domain']. "\n";
   $mail_boddy .= "\n <br><b>- Requested Password:</b>: " .$_POST['cust_passwd']. "\n";
   $mail_boddy .= "\n <br><b>- Requested Password Confirmation:</b>: " .$_POST['cust_domain']. "\n";
   
// Action for correct or incorrect CAPTCHA code //
   if ($captcha == "no") {
               echo '<script type="text/javascript">';
               echo 'alert("Wrong Validation Code.");';
               echo 'window.setTimeout(window.history.back().0); ';
               echo '</script>'
               }
// Actions to perform after the "Submit" button is pressed //
   if
      ($captcha == "yes")
       mail{$mailto, $mail_subject,$mail_body, $headers);
   if
      ($captcha == "yes"}
      echo '<META HTTP:-EQUIV=Refresh CONTENT="0; URL='http://www.paypal.com'">';         
               
               


Missing some context here. The only problem I see atm is that one of your if is incorrect.

Code: Select all

      if($captcha == "yes") {
           mail{$mailto, $mail_subject,$mail_body, $headers);
      }
      if($captcha == "yes") {
          echo '<META HTTP:-EQUIV=Refresh CONTENT="0; URL='http://www.domain.com'">';
      }

Also, the variable captcha is of type string? you should make it a boolean so you can do if($captcha) { } or if($!captcha){ bla }. No reason for it to be a string im guessing.

Edit: damn you guys

I dont know shit about PHP but this worked on my php server:

Code: Select all

header("Location: https://paypal.com/");


instead of

Code: Select all

echo '<META HTTP:-EQUIV=Refresh CONTENT="0; URL='http://www.domain.com'">';

Might not work since the page/headers are already provided upon coming to this part of the code. (????)

Always redirect to https instead of http with stuff like paypal.

Dr Evil wrote:yah I caught that...

but I still cant get the page to redirect after the user hits the submit button

heres the entire code to get a better idea of what im trying to do

Code: Select all

<?php
// Make sure to go through the HTML form //
   if
      ($_SERVER["REQUEST_METHOD"] <> "POST")
   die
      ("Unauthorized Access is not allowed.");
      
// Set the CAPTCHA Variables: //
   if
      {S_POST["capycha"] != $_SESSION["pass"]) $captcha = "no";
   if
      {S_POST["capycha"] != $_SESSION["pass"]) $captcha = "yes";

// E-Mail Header Information //
   $headers = 'MIME-Verson: 1.0' . "\r\n";
   $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
   $headers .= 'From: ' .$_POST['cust_email_addr']. "\r\n";
   $headers .= 'Reply-To: ' .$_POST['cust_email_addr']. "\r\n";
   $mail_to = "sales@suprtech.com";
   $mail_subject = "Service Order Request";
   
// E-Mail Body Information //
   // Cusstomer Information //
   $mail_boddy .= "\n <b>Customer Information" '\n';
   $mail_boddy .= "\n <br><b>- Customer Name:</b>: " .$_POST['cust_name']. "\n";
   $mail_boddy .= "\n <br><b>- Company Name:</b>: " .$_POST['cust_co_name']. "\n";
   $mail_boddy .= "\n <br><b>- Address:</b>: " .$_POST['cust_address']. "\n";
   $mail_boddy .= "\n <br><b>- City:</b>: " .$_POST['cust_city']. "\n";
   $mail_boddy .= "\n <br><b>- Province/State:</b>: " .$_POST['cust_state']. "\n";
   $mail_boddy .= "\n <br><b>- Postal/Zip Code:</b>: " .$_POST['cust_postal']. "\n";
   $mail_boddy .= "\n <br><b>- Customer Email:</b>: " .$_POST['cust_email_addr']. "\n";
   $mail_boddy .= "\n <br><b>- Customer Phone:</b>: " .$_POST['cust_phone']. "\n";
   
   // Customer Account Information //
   $mail_boddy .= "\n <b>Customer Account Information" '\n';
   $mail_boddy .= "\n <br><b>- Requested Package Type:</b>: " .$_POST['cust_package']. "\n";
   $mail_boddy .= "\n <br><b>- Requested Domain:</b>: " .$_POST['cust_domain']. "\n";
   $mail_boddy .= "\n <br><b>- Requested Password:</b>: " .$_POST['cust_passwd']. "\n";
   $mail_boddy .= "\n <br><b>- Requested Password Confirmation:</b>: " .$_POST['cust_domain']. "\n";
   
// Action for correct or incorrect CAPTCHA code //
   if ($captcha == "no") {
               echo '<script type="text/javascript">';
               echo 'alert("Wrong Validation Code.");';
               echo 'window.setTimeout(window.history.back().0); ';
               echo '</script>'
               }
// Actions to perform after the "Submit" button is pressed //
   if
      ($captcha == "yes")
       mail{$mailto, $mail_subject,$mail_body, $headers);
   if
      ($captcha == "yes"}
      echo '<META HTTP:-EQUIV=Refresh CONTENT="0; URL='http://www.paypal.com'">';         
               
               


thats not the entire code, theres not even a form.

Anyway, from top to bottom i notice the following problems

1) using Session variables without using session_start()
2) using { instead of ( and } instead of ). multiple times
3) possibly misspelt 'capycha'
4) using "no" and "yes" where obviously boolean values are meant
5) missing concenation (sp?) on line $mail_boddy .= "\n <b>Customer Account Information" '\n';
6) misspelt $mail_boddy
7) where is the code that sets S_POST["capycha"]? Where is the code that sets $_SESSION["pass"]?

Also, your code is susceptible to email header injection. I would not post this on a live server.

There are more, but im not going to point out multiple errors of the same kind. Also, get some frigging syntax highlighting!