Web Analytics Made Easy -
StatCounter can anyone help with a php script - CodingForum

Announcement

Collapse
No announcement yet.

can anyone help with a php script

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • can anyone help with a php script

    hi everyone

    was testing a php contact script was using it for a while but recently conatact form stopped working tested it on a scrip tester and it says FATAL ERROR syntax error, unexpected ':', expecting ',' or ')' on line number 17 can anyone help

    this is the line with the error.
    $success = mail($webMaster, $emailSubject, $body, $http://siteaddresscontact.co.uk.headers);

    <?php
    /* Email Variables */
    $emailSubject = 'dag!';
    $webMaster = 'i put my email address here';
    /* data variables */
    $email = $_POST['email'];
    $name = $_POST['name'];
    $message = $_POST['message'];
    $body = "
    Name: $name \n
    Email: $email \n
    Message: $message \n
    ";

    $headers ="From: $email\r\n";
    $headers .= "Content-type: text/html\r\n";
    $success = mail($webMaster, $emailSubject, $body, $%20form1.htmlheaders);
    /* Results rendered as HTML */
    $theResults = "
    <html>
    <head>
    <title>sent message</title>
    <meta http-equiv="refresh"
    content="3;URL=http:///contact%20form1.html">
    <style type="text/css">
    <!--
    body {
    background-color: #444;
    font-family: Verdana,Arial,Helvetica,sans-serif;
    font-size: 20px;
    font-style: normal;
    line-height: normal;
    font-weight: normal;
    color: #fec001;
    text-decoration: none;
    padding-top: 200px;
    margin-left: 150px;
    width: 800px;
    }
    -->
    </style>
    </head>
    <div align="center">your message has been successfully sent we will contact you shortly</div>
    </div>
    </body>
    </html>
    ";

    echo "$theResults";

  • #2
    So which of the lines in that huge security hole is line 17 and why is your code generating HTML 3.2 (given that it isn't 1997 any more)?
    Stephen
    Learn Modern JavaScript - http://javascriptexample.net/
    Helping others to solve their computer problem at http://www.felgall.com/

    Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

    Comment


    • #3
      hi felgall thanks for replying its something i found on the net a while back did not know about it generating html 3.2 this is what it says when i tested it Parse error: syntax error, unexpected '<' in /home/u464136278/public_html/contact form1.php on line 24

      Comment


      • #4
        $theResults = "
        <html>
        missing semicolon
        NO Limits!!
        ------------------------------------------------------------

        Comment


        • #5
          Originally posted by c1lonewolf View Post
          $theResults = "
          <html>
          missing semicolon
          Erm no.

          Lines 17 and 24 (as mentioned in the OP and followup reply) are these:

          $%20form1.htmlheaders);

          content="3;URL=http:///contact%20form1.html">

          Originally posted by fain View Post
          hi felgall thanks for replying its something i found on the net a while back did not know about it generating html 3.2 this is what it says when i tested it Parse error: syntax error, unexpected '<' in /home/u464136278/public_html/contact form1.php on line 24
          The first one... that is not correct php syntax as far as i know. IT should just be a variable - eg $htmlheaders not $something.else - thats typical of windows object orientated languages.

          The second one... that line has another double quote in it after content= which then closes the string - which has no semicolon but loads of html which will play tricks on php.

          If you need to use a double colon inside a double quoted string then you must escape it with a back slash like this: "This \"is a\" demonstration". The \ tells php to ignore the next characters usual function.
          "Tango says double quotes with a single ( ' ) quote in the middle"
          '$Name says single quotes with a double ( " ) quote in the middle'
          "Tango says double quotes ( \" ) must escape a double quote"
          '$Name single quotes ( \' ) must escape a single quote'

          Comment


          • #6
            hi everyone thanks for the time you taken out with helping i have changed the layout and after testing it i am not getting the error but i don`t seem to be getting any emails from the contact form find changed code below.does anyone have any ideas on what might be stopping contact form from sending email


            <?php





            /* Email Variables */
            $emailSubject = 'conatct!';
            $webMaster = '[email protected]';



            /* Data Variables */
            $email = $_POST['email'];
            $name = $_POST['name'];
            $comments = $_POST['comments'];



            $body = <<<EOD
            <br><hr><br>
            Name: $name <br>
            Email: $email <br>
            Comments: $comments <br>
            EOD;
            $headers = "From: $email\r\n";
            $headers .= "Content-type: text/html\r\n";
            $success = mail($webMaster, $emailSubject, $body,
            $headers);


            /* Results rendered as HTML */
            $theResults = <<<EOD
            <html>
            <head>
            <title>sent message</title>
            <meta http-equiv="refresh" content="3;URL=siteaddressl">
            <style type="text/css">
            <!--
            body {
            background-color: #444;
            font-family: Verdana, Arial, Helvetica, sans-serif;
            font-size: 20px;
            font-style: normal;
            line-height: normal;
            font-weight: normal;
            color: #fec001;
            text-decoration: none;
            padding-top: 200px;
            margin-left: 150px;
            width: 800px;
            }
            -->
            </style>
            </head>
            <div align="center">your message has been successfully sent we will contact you shortly</div>
            </div>
            </body>
            </html>
            EOD;
            echo "$theResults";
            ?>

            Comment


            • #7
              Have you looked in your spam folder?
              "Tango says double quotes with a single ( ' ) quote in the middle"
              '$Name says single quotes with a double ( " ) quote in the middle'
              "Tango says double quotes ( \" ) must escape a double quote"
              '$Name single quotes ( \' ) must escape a single quote'

              Comment


              • #8
                When are you going to fix all those security holes - there are more security holes in that code than there are useful commands.
                Stephen
                Learn Modern JavaScript - http://javascriptexample.net/
                Helping others to solve their computer problem at http://www.felgall.com/

                Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

                Comment


                • #9
                  Come on felgall, you know it won't happen. Newbies don't give a damn about security and all that nonsense until they get hit... and then they decide it's a problem.

                  Student hackers rely on people like this to learn their trade with. It keeps the hacking industry alive lol. The op is doing the world a service
                  "Tango says double quotes with a single ( ' ) quote in the middle"
                  '$Name says single quotes with a double ( " ) quote in the middle'
                  "Tango says double quotes ( \" ) must escape a double quote"
                  '$Name single quotes ( \' ) must escape a single quote'

                  Comment


                  • #10
                    Originally posted by tangoforce View Post
                    Come on felgall, you know it won't happen. Newbies don't give a damn about security and all that nonsense until they get hit
                    I guess you're right - after all they are also using HTML 3.2 and that has been dead since 1997.

                    Probably more important is that anyone who doesn't want their site hacked who just happens to have come across this page should not copy the code in this script that makes doing that much easier.
                    Stephen
                    Learn Modern JavaScript - http://javascriptexample.net/
                    Helping others to solve their computer problem at http://www.felgall.com/

                    Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

                    Comment


                    • #11
                      Try this ...

                      You already are putting the user's email address inside the body, so you know what it is.

                      Then, change this line ...
                      $headers = "From: $email\r\n";

                      To your email address that you use with your webhost domain name.
                      Or you can use any name, but the domain name part must be the same as your webhost.

                      So it looks like this, except it has your real domain name ...
                      $headers = "From: [email protected]\r\n";

                      When you get the email, the "from" will be from yourself, but you already know it is coming from your website. The user's email, you see in your body.

                      Why?

                      Because many webhosts don't allow your PHP script to send an email with someone else's email in the "from" part. The "from" must be from your domain name. This keeps spammers from spoofing your email scripts in the event of hacking. All emails getting sent from your website (PHP script) must have your own domain name as the "from".

                      Comment


                      • #12
                        mlseim thanks that worked but when the email comes through its blank it only shows this.

                        Name: <br>
                        Email: 787 <br>
                        Comments: <br>

                        Comment


                        • #13
                          Now you'll have to show us the form too.
                          There must be a problem with your variable names.

                          Comment


                          • #14
                            here is the form.once again thanks to everything for helping out



                            <html>
                            <head>
                            <title>
                            test
                            </title>
                            <meta name="description" content=" ">
                            <meta name="keywords" content=",
                            <meta name="author"content="">
                            <meta name="robots"content="index, follow">
                            <meta name="revisit-after"content="3 days">
                            <style type="text/css">
                            body {
                            background-color: #069;
                            }
                            body,td,th {
                            font-size: large;
                            font-weight: bold;
                            color: #000;
                            }
                            </style>
                            <script type="text/javascript">
                            function MM_swapImgRestore() { //v3.0
                            var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
                            }
                            </script>
                            </head>
                            <body>
                            <p><img src="cooltext1931496504.png"width="966"height="86" ></p>
                            <p>&nbsp;</p>
                            <p><a href="index.html"><img src="Back button.png"width="139"height="40"></a></p>
                            <p>&nbsp; </p>
                            <form action="contact form1.php" method="post">
                            <p>&nbsp;</p>
                            <p>
                            <label for="name3">name</label>
                            <input name="name" type="text" id="name4"value=""size="50" />
                            <label for="jjjj"></label>
                            </p>
                            <p>&nbsp;</p>
                            <p>
                            <label for="Email">Email</label>
                            <input name="email"type="text"id="Email"size="50"maxlengt h="30" />
                            </p>
                            <p>&nbsp;</p>
                            <p>&nbsp;</p>
                            <p>
                            <label for="Message">Message</label>
                            <textarea name="message" cols="60"rows="10"id="Message"></textarea>
                            </p>
                            <p>&nbsp;</p>
                            <p>&nbsp;</p>
                            <p><input name="submit"type="submit"id="button"value="Send"> </p>
                            </a></p>
                            <p>&nbsp;</p>
                            </form>
                            <p><a href="button.png"></a><a href="#"onMouseOut="MM_swapImgRestore()"onMouseOve r="MM_swapImage('submit','','cooltext1926436576.pn g',1)"></a></p>
                            <p>&nbsp;</p>
                            <p>&nbsp; </p>
                            </body>
                            </html>

                            Comment


                            • #15
                              <textarea name="message" cols="60"rows="10"id="Message"></textarea>


                              $comments = $_POST['comments'];


                              "message" is not the same as "comments"

                              Comment

                              Working...
                              X