Probleem met Bestelformulier html - php

Status
Niet open voor verdere reacties.
JohnyBoy

JohnyBoy

Gebruiker
Lid geworden
29 dec 2000
Berichten
276
Beste, op mijn testwebsite http://chocoladeboutique2.jnwebcreations.be/bestellen.html heb ik een probleem met het bestelformulier. Bij het testen krijg ik inderdaad een email met de bestelling, zie bijlage bestelling.jpg. Ik krijg dus o.a. niet de benaming van het gekozen artikel vermeld, wel het volgnummer. Bij Leveringswijze hetzelfde. Ook lukt het niet om een foto te uploaden, enkel de benaming verschijnt in de email. Ik ken eigenlijk niets van php en heb een paar voorbeelden van internet aangepast. Wie kan mij helpen de 2 probleempjes op te lossen? Alvast bedankt, Johny.
PHP: 
<?
$your_email_address="johny.neirinck@telenet.be";

if(empty($_GET) && empty($_POST)) {
	die('Ongeldige actie');
}

// Emular register_globals on
if (!ini_get('register_globals')) {
	$superglobales = array($_SERVER, $_ENV, $_FILES, $_COOKIE, $_POST, $_GET);
	if (isset($_SESSION)) {
		array_unshift($superglobales, $_SESSION);
	}
	foreach ($superglobales as $superglobal) {
		extract($superglobal, EXTR_SKIP);
	}
}

// to prevent header injection
if (eregi("\r",$_POST['johny.neirinck@telenet.be']) || eregi("\n",$_POST['johny.neirinck@telenet.be'])){
     exit;
}

// kick anyone whoever tried to inject a header in the form
foreach( $_POST as $value ){
	if( strpos($value,'Content-Type:') !== FALSE ){
		exit;
	}
}


$fields = array_keys($_POST);

function headfunction($url) {
	header ("Location: $url");
}

// protect the variable $reserved_vars
if(isset($reserved_vars)) {
	unset($reserved_vars);
}
$reserved_vars = array("css_file", "background_color", "background_image", "text_color", "link_color", "visited_link_color", "active_link_color", "font_name", "font_size", "highlight_color", "required_fields", "after_url", "check_email_address", "subject", "your_email_address", "env_report", "owner_name", "autoresponse", "response_subject", "response_mail", "dodosmail_header_file", "dodosmail_footer_file");

function include_dodosmail_header($dodosmail_header_file) {
	global $reserved_vars;
	foreach($reserved_vars as $reserved_var) {
		global $$reserved_var;
	}

	if(is_file($dodosmail_header_file)) {
		include_once($dodosmail_header_file);
		return;
	} else {
		echo "<html>\n";
		echo "<head>\n";
		echo "<title>\n";
		echo "DodosMail\n";
		echo "</title>\n";
		if($css_file != "")
			echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$css_file\">\n";
		echo "</head>\n";
		echo "<body bgcolor=\"$background_color\" background=\"$background_image\" text=\"$text_color\" link=\"$link_color\" vlink=\"$visited_link_color\" alink=\"$active_link_color\">\n";
		echo "<font face=\"$font_name\" size=\"$font_size\">\n";
	}
}

function include_dodosmail_footer($dodosmail_footer_file) {
	global $reserved_vars;
	foreach($reserved_vars as $reserved_var) {
		global $$reserved_var;
	}
	if(is_file($dodosmail_footer_file)) {
		include_once($dodosmail_footer_file);
		return;
	} else {
		echo "</font>\n</body>\n</html>";
	}
}

function dodosmail_error_handle($msg) {
	global $highlight_color;
	if(isset($highlight_color)) {
		$extra_begin = "<font color=\"".$highlight_color."\">";
		$extra_end = "</font>";
	} else {
		$extra_begin = "<span class=\"DodosMailErrorHighLight\">";
		$extra_end = "</span>";
	}

	return $extra_begin.$msg.$extra_end;
}

// checking required fields
// in case they used comma and space, replace
if(strstr($required_fields, ", ")) {
	$required_fields = str_replace(", ", ",", $required_fields);
} else {
	$required_fields = $required_fields;
}
$required_fields = explode(",", $required_fields);

for($i = 0; $i < count($required_fields); $i++) {
	$required_var_name = $required_fields[$i];
	if(empty($$required_var_name)) {
		include_dodosmail_header($dodosmail_header_file);
		echo "<p class=\"DodosMailError\">Fout! - het verplichte veld ".dodosmail_error_handle($required_var_name)." is niet ingevuld.\n";
		echo "<br /><br /><a href=\"javascript:history.back(1)\">Terug</a>\n";
		echo "</p>\n";
		include_dodosmail_footer($dodosmail_footer_file);
		exit;
	}
}
if($check_email_address == "yes" && !empty($email)) {
	if(!check_email($email)) {
		include_dodosmail_header($dodosmail_header_file);
		echo "<p class=\"DodosMailError\">Fout - het adres ".dodosmail_error_handle($email)." is niet geldig.\n";
		echo "<br /><br /><a href=\"javascript:history.back(1)\">Terug</a>\n";
		echo "</p>\n";
		include_dodosmail_footer($dodosmail_footer_file);
		exit;
	}
}


for($i = 0; $i < count($fields); $i++) {
	$actual_var = $fields[$i];
	if(in_array($actual_var, $reserved_vars)) {
		$inside_mail = $inside_mail;
	} else {
		if(is_array($$actual_var)) {
			$inside_mail.= "$actual_var: ";
			foreach($$actual_var as $actual_val) {
				$inside_mail.= "$actual_val ";
			}
			$inside_mail.= "\n";
		} else {
			$actual_val = stripslashes($$actual_var);
			$inside_mail.= "$actual_var: $actual_val\n";
		}
	}
}

// getting other information from the form
$cname = gethostbyaddr($_SERVER[REMOTE_ADDR]);
$inside_mail.=
"
-----------------------------------------------------------------------
 SENDER INFO:
 IP: $_SERVER[REMOTE_ADDR]
 Computer Name: $cname
 Browser Type: $_SERVER[HTTP_USER_AGENT]
 Page Referer: $_SERVER[HTTP_REFERER]
-----------------------------------------------------------------------
";






$headers .= "MIME-Version: 1.0\r\n";
$headers .= "X-Priority: 3\r\n";
$headers .= "X-MSMail-Priority: Normal\r\n";
$headers .= "X-Mailer: DodosMail 2.0 http://regretless.com/scripts/\r\n";
$headers .= "Content-type: text/plain; charset=\"iso-8859-1\"\r\n";
//$headers .= "Date: ".date("R")."\r\n";
$headers .= "From: $name <$email>\r\n";



$success = mail($your_email_address, $subject, $inside_mail, $headers);
if($success) {
	if($autoresponse == "yes") {
		$response_subject = stripslashes($response_subject);
		$response_mail = stripslashes($response_mail);
		mail($email, $response_subject, $response_mail, "From: $owner_name <$johny.neirinck@telenet.be>");
	}
	if($after_url == "") {
		// out put send info
		include_dodosmail_header($dodosmail_header_file);


		echo "<p>\n";
		
		echo "Het formulier is verzonden!</p><ul>";
		for($i = 0; $i < count($fields); $i++) {
			$actual_var = $fields[$i];
			if(in_array($actual_var, $reserved_vars))
				echo "";
			else {
				if(is_array($$actual_var)) {
					echo "<li>$actual_var: ";
					foreach($$actual_var as $actual_val) {
						echo "$actual_val ";
					}
					echo "</li>\n";
				} else {
					$actual_val = stripslashes($$actual_var);
					echo "<li>$actual_var: $actual_val</li>\n";
				}
			}
		}
		echo "</ul>\n<p></p>";
		include_dodosmail_footer($dodosmail_footer_file);
		exit;
	} else {
	headfunction($after_url);
	}
} else {
	include_dodosmail_header($dodosmail_header_file);
	echo "<p class=\"DodosMailError\">Fout - Het formulier is tijdelijk niet bruikbaar, gebruik ".dodosmail_error_handle($your_email_address)." om contact op te nemen.\n";
	echo "<br /><br /><a href=\"javascript:history.back(1)\">Terug</a>\n";
	echo "</p>\n";
	include_dodosmail_footer($dodosmail_footer_file);
	exit;
}



function check_email($email) {
	if( (preg_match('/(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/', $email)) ||
		(preg_match('/^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/',$email)) ) {
		return true;
	}
	return false;
}



?>
 
Ik heb op het eerste zicht geen bijlage toevoeging gezien
???
PHP: 
Content-Type: application/zip; name="mijnattachment.jpg" 
Content-Transfer-Encoding: base64 
Content-Disposition: attachment 
<?php echo $attachment;//dit is de file base64 encoded(zorgt ervoor dat deze dus kan verstuurd worden) ?>
ik heb toch al een codecontrole op los gelaten Het betreft zeer vuil geschreven code
vooral eens kijken op de $$ kan fouten maken die je niet onder controle hebt en is voor gevorderde developers zeer op te letten voor geheugengebruik.
PHP: 
<?
$your_email_address="johny.neirinck@telenet.be"; if(empty($_GET) && empty($_POST)) {
    die('Ongeldige actie');
} // Emular register_globals on
if (!ini_get('register_globals')) {//?SECURITY?
    $superglobales = array($_SERVER, $_ENV, $_FILES, $_COOKIE, $_POST, $_GET);
    if (isset($_SESSION)) {
        array_unshift($superglobales, $_SESSION);
    }
    foreach ($superglobales as $superglobal) {
        extract($superglobal, EXTR_SKIP);
    }
} // to prevent header injection
if (eregi("\r",$_POST['johny.neirinck@telenet.be']) || eregi("\n",$_POST['johny.neirinck@telenet.be'])){
     exit;//?SECURITY?USE die()
} // kick anyone whoever tried to inject a header in the form
foreach( $_POST as $value ){
    if( strpos($value,'Content-Type:') !== FALSE ){
        exit;
    }
}  
$fields = array_keys($_POST); function headfunction($url){
    header ("Location: $url");
} // protect the variable $reserved_vars
if(isset($reserved_vars)) {
    unset($reserved_vars);
}
$reserved_vars = array("css_file", "background_color", "background_image", "text_color", "link_color", "visited_link_color", "active_link_color", "font_name", "font_size", "highlight_color", "required_fields", "after_url", "check_email_address", "subject", "your_email_address", "env_report", "owner_name", "autoresponse", "response_subject", "response_mail", "dodosmail_header_file", "dodosmail_footer_file"); function include_dodosmail_header($dodosmail_header_file) {
    global $reserved_vars;
    foreach($reserved_vars as $reserved_var) {
        global $$reserved_var;
    }     
    if(is_file($dodosmail_header_file)) {
        include_once($dodosmail_header_file);
        return;
    } else {
        echo "<html>\n";
        echo "<head>\n";
        echo "<title>\n";
        echo "DodosMail\n";
        echo "</title>\n";
        if($css_file != "")
            echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$css_file\">\n";
        echo "</head>\n";
        echo "<body bgcolor=\"$background_color\" background=\"$background_image\" text=\"$text_color\" link=\"$link_color\" vlink=\"$visited_link_color\" alink=\"$active_link_color\">\n";
        echo "<font face=\"$font_name\" size=\"$font_size\">\n";
    }
} 
function include_dodosmail_footer($dodosmail_footer_file) {
    global $reserved_vars;
    foreach($reserved_vars as $reserved_var) {
        global $$reserved_var;//TODO $$[VARCONTROL]alert var is create by code
    }
    if(is_file($dodosmail_footer_file)) {
        include_once($dodosmail_footer_file);
        return;
    } else {
        echo "</font>\n</body>\n</html>";
    }
} 
function dodosmail_error_handle($msg) {
    global $highlight_color;
    if(isset($highlight_color)) {
        $extra_begin = "<font color=\"".$highlight_color."\">";
        $extra_end = "</font>";
    } else {
        $extra_begin = "<span class=\"DodosMailErrorHighLight\">";
        $extra_end = "</span>";
    }     return $extra_begin.$msg.$extra_end;
} // checking required fields
// in case they used comma and space, replace
/*if(strstr($required_fields, ", ")) {
    $required_fields = str_replace(", ", ",", $required_fields);
} else {
    $required_fields = $required_fields;
}*/
//TODO Check replace
$required_fields =(strstr($required_fields, ", "))? str_replace(", ", ",", $required_fields):$required_fields;

$required_fields = explode(",", $required_fields);
for($i = 0; $i < count($required_fields); $i++) {
    $required_var_name = $required_fields[$i];
    if(empty($$required_var_name)) {//TODO $$[VARCONTROL]alert var is create by code
        include_dodosmail_header($dodosmail_header_file);
        echo "<p class=\"DodosMailError\">Fout! - het verplichte veld ".dodosmail_error_handle($required_var_name)." is niet ingevuld.\n";
        echo "<br /><br /><a href=\"javascript:history.back(1)\">Terug</a>\n";
        echo "</p>\n";
        include_dodosmail_footer($dodosmail_footer_file);
        exit;
    }
}
if($check_email_address == "yes" && !empty($email)) {
    if(!check_email($email)) {
        include_dodosmail_header($dodosmail_header_file);
        echo "<p class=\"DodosMailError\">Fout - het adres ".dodosmail_error_handle($email)." is niet geldig.\n";
        echo "<br /><br /><a href=\"javascript:history.back(1)\">Terug</a>\n";
        echo "</p>\n";
        include_dodosmail_footer($dodosmail_footer_file);
        exit;
    }
}  
for($i = 0; $i < count($fields); $i++) {
    $actual_var = $fields[$i];
    if(in_array($actual_var, $reserved_vars)) {
        $inside_mail = $inside_mail;
    } else {
        if(is_array($$actual_var)) {//TODO $$[VARCONTROL]alert var is create by code
            $inside_mail.= "$actual_var: ";
            foreach($$actual_var as $actual_val) {//TODO $$[VARCONTROL]alert var is create by code
                $inside_mail.= "$actual_val ";
            }
            $inside_mail.= "\n";
        } else {
            $actual_val = stripslashes($$actual_var);//TODO $$[VARCONTROL]alert var is create by code
            $inside_mail.= "$actual_var: $actual_val\n";
        }
    }
} // getting other information from the form
$cname = gethostbyaddr($_SERVER[REMOTE_ADDR]);
$inside_mail.="
-----------------------------------------------------------------------
 SENDER INFO:
 IP: $_SERVER[REMOTE_ADDR]
 Computer Name: $cname
 Browser Type: $_SERVER[HTTP_USER_AGENT]
 Page Referer: $_SERVER[HTTP_REFERER]
-----------------------------------------------------------------------";      
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "X-Priority: 3\r\n";
$headers .= "X-MSMail-Priority: Normal\r\n";
$headers .= "X-Mailer: DodosMail 2.0 http://regretless.com/scripts/\r\n";
$headers .= "Content-type: text/plain; charset=\"iso-8859-1\"\r\n";
//$headers .= "Date: ".date("R")."\r\n";
$headers .= "From: $name <$email>\r\n";   $success = mail($your_email_address, $subject, $inside_mail, $headers);
if($success) {
    if($autoresponse == "yes") {
        $response_subject = stripslashes($response_subject);
        $response_mail = stripslashes($response_mail);
        mail($email, $response_subject, $response_mail, "From: $owner_name <$johny.neirinck@telenet.be>");
    }
    if($after_url == "") {
        // out put send info
        include_dodosmail_header($dodosmail_header_file);  
        echo "<p>\n";
        echo "Het formulier is verzonden!</p><ul>";
        for($i = 0; $i < count($fields); $i++) {
            $actual_var = $fields[$i];
            if(in_array($actual_var, $reserved_vars))
                echo "";
            else {
                if(is_array($$actual_var)) {//
                    echo "<li>$actual_var: ";
                    foreach($$actual_var as $actual_val) {//TODO $$[VARCONTROL]alert var is create by code
                        echo "$actual_val ";
                    }
                    echo "</li>\n";
                } else {
                    $actual_val = stripslashes($$actual_var);//TODO $$[VARCONTROL]alert var is create by code
                    echo "<li>$actual_var: $actual_val</li>\n";
                }
            }
        }
        echo "</ul>\n<p></p>";
        include_dodosmail_footer($dodosmail_footer_file);//TODO Not exist
        exit;
    } else {
        headfunction($after_url);
    }
} else {
    include_dodosmail_header($dodosmail_header_file);
    echo "<p class=\"DodosMailError\">Fout - Het formulier is tijdelijk niet bruikbaar, gebruik ".dodosmail_error_handle($your_email_address)." om contact op te nemen.\n";
    echo "<br /><br /><a href=\"javascript:history.back(1)\">Terug</a>\n";
    echo "</p>\n";
    include_dodosmail_footer($dodosmail_footer_file);
    exit;
}   function check_email($email) {
    if( (preg_match('/(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/', $email)) ||
        (preg_match('/^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/',$email)) ) {
        return true;//TODO clean return msg
    }
    return false;//TODO clean return msg
}
//Tunded by robot v3.1   
?>
 
inderdaad, ik ben er me van bewust hoor. Mijn kennis van php is miniem, ik heb hier gewoon gevonden php code samengeklutst in de hoop dat het zou werken ... :confused:
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan Onderaan