Form no longer works after adding security

Hi everyone,

I used CSSFormBuilder to create a form and then used universal email to get it working. Everything was going great, ie. I was receiving the contents of the form etc. but then I decided to put some security on the form using form builder. After I did that, I no longer receive the emails. I don't get any error and I can submit the form ok - I just don't receive anything.

I wondered if anyone knows what's happening here?

Appreciate any help.

Sorry for the false alarm - it seems it's working now. I must have forgotten to upload something.

Just one further question though if that's ok: I noticed that if I type an apostrophe in the form, when I receive this in the email, I'm also receiving the backslashes that php is putting in. Is there a way to avoid this?

Before sending the email, you would want to call strip slashes on the email:
function.stripcslashes.php

Originally Said By: Jimmy Wu

  Before sending the email, you would want to call strip slashes on the email:
function.stripcslashes.php  

Hi,

I used stripslashes on the following line of code that generates the comment in the html email that's sent:

<td><?php echo (stripslashes(isset($_POST["Contact_us_group_Comments"]))?$_POST["Contact_us_group_Comments"]:"")?></td>

This didn't work though, ie. I'm still getting the slashes.

Do you know what I might be doing wrong?

To check if the strip slashes is working correctly or not, change the echo to die, so that the value will be printed out and you can check the value. Also run through with the strip slashes not put in to see if there is a difference.

Originally Said By: Jimmy Wu

  To check if the strip slashes is working correctly or not, change the echo to die, so that the value will be printed out and you can check the value. Also run through with the strip slashes not put in to see if there is a difference.  

Hi,

I changed the line so that it was as follows:

<td><?php die (stripslashes(isset($_POST["Contact_us_group_Comments"]))?$_POST["Contact_us_group_Comments"]:"")?></td>

But I got the following error and the form wouldn't submit at all:

Parse error: syntax error, unexpected T_VARIABLE in /home/site/www/test/WA_Universal_Email/WAUE_contact_1.php on line 65

I also tried:

<td><?php die ((isset($_POST["Contact_us_group_Comments"]))?$_POST["Contact_us_group_Comments"]:"")?></td>

and still got the above error.

When I changed it back to the echo, it submitted but I'm still getting the backslash.

Also when I originally added the stripslashes, when I saved I got the following warning:

''This document contains JavaScript code for a widget that no longer exists. I fyou don't remove the code, the browser might display JavaScript errors when loading the page. Would you like Dreamweaver to find all instances of this code for you?

Widget: var Contact_us_group_nbsp_Spry = new
Spry.Widget.ValidationTextField("Contact_us_group_nbsp_Spry",
"none",{validateOn:["blur"});''

The above warning no longer appears now that I've taken the stripslashes out though.

Do you know what's happening or why it's not working?

It looks like you left out some parenthesis and semicolons in this:
<td><?php echo (stripslashes(isset($_POST["Contact_us_group_Comments"]))?$_POST["Contact_us_group_Comments"]:"")?></td>

It should look like this:
<td><?php echo (stripslashes((isset($_POST["Contact_us_group_Comments"]))?$_POST["Contact_us_group_Comments"]:"");)?></td>

or with the die statement:
<td><?php die (stripslashes((isset($_POST["Contact_us_group_Comments"]))?$_POST["Contact_us_group_Comments"]:"");)?></td>

  It looks like you left out some parenthesis and semicolons in this  

I can see where I left out the parenthesis but not the semi-colon?

Ok I changed the line so it's now:

<td><?php echo (stripslashes((isset($_POST["Contact_us_group_Comments"]))?$_POST["Contact_us_group_Comments"]:"")?></td>

But when I test I get the following error:

Parse error: syntax error, unexpected ';' in /home/site/www/test/WA_Universal_Email/WAUE_contact_1.php on line 64

Line 64 is:

$MailBody = $MailBody . (stripslashes((isset($_POST["Contact_us_group_Comments"]))?$_POST["Contact_us_group_Comments"]:"");

Any other ideas appreciated.

It seems I needed another backslash at the end. All working now. Only problem is when I close the file down and open it up again, I'm getting the same warning as mentioned in a previous post, ie.

''This document contains JavaScript code for a widget that no longer exists. I fyou don't remove the code, the browser might display JavaScript errors when loading the page. Would you like Dreamweaver to find all instances of this code for you?

Widget: var Contact_us_group_nbsp_Spry = new
Spry.Widget.ValidationTextField("Contact_us_group_ nbsp_Spry",
"none",{validateOn:["blur"});''

Is this because I added the custom stripslashes code?

I don't think it should be because of the added customization. Make a backup of your site and hit ok, to see what code is modified and then test it. If it doesn't cause any issues, then you should be safe to use those pages. Make sure all the fields are validated correctly and the email is sent. Otherwise, I'll look into it more carefully.