Urgent help with contact forms


#1

Hi, I have been using a basic html_form_send contact form on my site for over year and it has worked fine. Here is the code:

index.php

<form name="htmlform" method="post" action="html_form_send.php"> <table width="460" border="0" cellspacing="1" cellpadding="5"> <tr> <td valign="top"> <label for="first_name"><span class="asterisk">*</span><b>Name</b></label> </td> <td valign="top"> <input type="text" name="first_name" maxlength="50" size="40"> </td> </tr> <tr> <td valign="top"> <label for="email"><span class="asterisk">*</span><b>Email Address</b></label> </td> <td valign="top"> <input type="text" name="email" placeholder="name@example.com" maxlength="80" size="40"> </td> </tr> <tr> <td valign="top"> <label for="title"><span class="asterisk">*</span><b>Photo Caption</b></label> </td> <td valign="top"> <input type="text" name="title" maxlength="80" size="40"> </td> </tr> <tr> <td valign="top"> <label for="collector"><span class="asterisk">*</span><b>Are you a collector</b><a href="#test-popup" class="open-popup-link" style="cursor: help;"><span><sup>?</sup></span></a></label> </td> <td valign="top"> <select name="collector"> <option value="Blank">Select One</option> <option value="Yes">Yes</option> <option value="No">No</option> </select> </td> </tr> <tr> <td valign="top"> <label for="comments"><span class="asterisk">*</span><b>Message</b></label> </td> <td valign="top"> <textarea name="comments" placeholder="Please include specific information to help us with your request (size, dimensions, paper, finish, mounting, lamination, etc.)" maxlength="1000" cols="35" rows="8"></textarea> </td> </tr> <tr> <td> <input type="hidden" name="ipaddress" value="<?php echo $_SERVER['REMOTE_ADDR'] ?> "> <td colspan="2"> <input type="submit" value="Submit"> <input type="reset" value="Reset Form" name="submit"> </td> </tr> </table> </form>

html_form_send.php

[code]<?php
if(isset($_POST[‘email’])) {

   // CHANGE THE TWO LINES BELOW
   $email_to = "chris@exploringlightphotography.com";
    
   $email_subject = "Quote Request";
    
    
   function died($error) {
       // your error code can go here
       echo "We are very sorry, but there were error(s) found with the form you submitted. ";
       echo "These errors appear below.<br /><br />";
       echo $error."<br /><br />";
       echo "Please go back and fix these errors.<br /><br />";
       die();
   }
    
   // validation expected data exists
   if(!isset($_POST['first_name']) ||
       !isset($_POST['email']) ||
       !isset($_POST['comments'])) {
       died('We are sorry, but there appears to be a problem with the form you submitted.');       
   }
    
   $first_name = $_POST['first_name']; // required
   $email_from = $_POST['email']; // required
   $ipaddress = $_POST['ipaddress']; // not required
   $comments = $_POST['comments']; // required
   $title = $_POST['title']; // required
   $collector = $_POST['collector']; // not required
    
   $error_message = "";
   $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
 if(!preg_match($email_exp,$email_from)) {    
   echo '<META HTTP-EQUIV="Refresh" Content="0; URL=error.php">';    
   exit;    

}
$string_exp = “/^[A-Za-z .’-]+$/”;
if(!preg_match($string_exp,$first_name)) {
echo ‘’;
exit;
}

 if(strlen($comments) < 2) {    
   echo '<META HTTP-EQUIV="Refresh" Content="0; URL=error.php">';    
   exit;    

}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = “Form details below.\n\n”;

   function clean_string($string) {
     $bad = array("content-type","bcc:","to:","cc:","href");
     return str_replace($bad,"",$string);
   }
    
   $email_message .= "First Name: ".clean_string($first_name)."\n";
   $email_message .= "Email: ".clean_string($email_from)."\n";
   $email_message .= "Collector: ".clean_string($collector)."\n";
   $email_message .= "Photo Caption: ".clean_string($title)."\n";
   $email_message .= "Comments: ".clean_string($comments)."\n";
   $email_message .= "IP Address: ".clean_string($ipaddress)."\n";

// create email headers
$headers = 'From: '.$email_to."\r\n".
'Reply-To: '.$email_from."\r\n" .
‘X-Mailer: PHP/’ . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
?>

MY PAGE HTML HERE <?php } die(); ?>[/code]

That still works well. HOWEVER, For over a year, I have ALSO used the same form on external sites such as my blog, and instead of pointing towards “html_form_send.php” I have it point to "http://www.pathtomysite.com/html_form_send.php"
That has also worked perfectly for over a year. A few days ago I upgrade to php 5.6 and noticed it no longer works - I just get a blank page and the email is not sent. I reverted back to 5.4 about 12 hours ago and the problem is still there. Please help it is a major part of my website. Thank you so much.


#2

It looks like some of the other system packages breaking your site. It will be hard to find out by looking at the codes.

Do you see any errors in your log files?


#3

[quote]
I have ALSO used the same form on external sites such as my blog, and instead of pointing towards “html_form_send.php” I have it point to “http://www.pathtomysite.com/html_form_send.php
[/Quote]
If by “external” you mean sites not hosted at dreamhost then I’m surprised you got that to work at all. Wouldn’t it be better just to use the 3rd parties solution for formmail?


#4

Thanks for the replies. I made a test page on my site (mysite.com/test/) where I stripped all the styling and javascript, etc. The index file contains two forms, one with the form action “/test/html_form_send.php” and the other with form action “http:/www.example.com/test/html_form_send.php” The one with the relative path sends the message and I receive it just fine, the other one gives a blank html_form_send page and the message is not sent. The DH support team told me their security should not be blocking the message, and there is no record in the logs of it being attempted with the absolute path. So they concluded it was a problem with the code. What I found strange about their conclusion was that my forms on external sites (and even a couple on my own site where I used an absolute path) have worked great for over a year, then stopped working last week and I did not change the code at all. A couple of developer friends I asked said if the form transmits with the relative path, the code should be fine. So I’m stuck. I do have reasons for using my own form, but that is beyond the scope of this. So here are the three files on the test page. Only changes I made were to dummy the email address and site address. Thank you so much for trying to help me with this.

index

[code]

Request a Quote

Using relative path
*Name
*Email Address
*Photo Caption
*Are you a collector Select One Yes No
*Message

                       <h1>Request a Quote</h1>
                       Using full path
                       <form name="htmlform" method="post" action="http://www.mysite.com/test/html_form_send.php">
                          <table width="460" border="0" cellspacing="1" cellpadding="5">
                             <tr>
                                <td valign="top">
                                   <label for="first_name"><span class="asterisk">*</span><b>Name</b></label>
                                </td>
                                <td valign="top">
                                   <input  type="text" name="first_name" maxlength="50" size="40">
                                </td>
                             </tr>
                             <tr>
                                <td valign="top">
                                   <label for="email"><span class="asterisk">*</span><b>Email Address</b></label>
                                </td>
                                <td valign="top">
                                   <input  type="text" name="email" placeholder="name@example.com" maxlength="80" size="40">
                                </td>
                             </tr>
                             <tr>
                                <td valign="top">
                                   <label for="title"><span class="asterisk">*</span><b>Photo Caption</b></label>
                                </td>
                                <td valign="top">
                                   <input  type="text" name="title" maxlength="80" size="40">
                                </td>
                             </tr>
                             <tr>
                                <td valign="top">
                                   <label for="collector"><span class="asterisk">*</span><b>Are you a collector</b></label>
                                </td>
                                <td valign="top">
                                   <select name="collector">
                                      <option value="Blank">Select One</option>
                                      <option value="Yes">Yes</option>
                                      <option value="No">No</option>
                                   </select>
                                </td>
                             </tr>
                             <tr>
                                <td valign="top">
                                   <label for="comments"><span class="asterisk">*</span><b>Message</b></label>
                                </td>
                                <td valign="top">
                                   <textarea  name="comments" placeholder="Please include specific information to help us with your request (size, dimensions, paper, finish, mounting, lamination, etc.)" maxlength="1000" cols="35" rows="8"></textarea>
                                </td>
                             </tr>
                             <tr>
                                <td>
                                   <input type="hidden" name="ipaddress" value="<?php echo $_SERVER['REMOTE_ADDR'] ?> ">
                                <td colspan="2">
                                   <input type="submit" value="Submit">
                                   <input type="reset" value="Reset Form" name="submit">
                                </td>
                             </tr>
                          </table>
                       </form>
                       <p>
[/code]

html_form_send.php

[code]<?php
if(isset($_POST[‘email’])) {

   // CHANGE THE TWO LINES BELOW
   $email_to = "myemail@mysite.com";
    
   $email_subject = "Quote Request";
    
    
   function died($error) {
       // your error code can go here
       echo "We are very sorry, but there were error(s) found with the form you submitted. ";
       echo "These errors appear below.<br /><br />";
       echo $error."<br /><br />";
       echo "Please go back and fix these errors.<br /><br />";
       die();
   }
    
   // validation expected data exists
   if(!isset($_POST['first_name']) ||
       !isset($_POST['email']) ||
       !isset($_POST['comments'])) {
       died('We are sorry, but there appears to be a problem with the form you submitted.');       
   }
    
   $first_name = $_POST['first_name']; // required
   $email_from = $_POST['email']; // required
   $ipaddress = $_POST['ipaddress']; // not required
   $comments = $_POST['comments']; // required
   $title = $_POST['title']; // required
   $collector = $_POST['collector']; // not required
    
   $error_message = "";
   $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
 if(!preg_match($email_exp,$email_from)) {    
   echo '<META HTTP-EQUIV="Refresh" Content="0; URL=error.php">';    
   exit;    

}
$string_exp = “/^[A-Za-z .’-]+$/”;
if(!preg_match($string_exp,$first_name)) {
echo ‘’;
exit;
}

 if(strlen($comments) < 2) {    
   echo '<META HTTP-EQUIV="Refresh" Content="0; URL=error.php">';    
   exit;    

}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = “Form details below.\n\n”;

   function clean_string($string) {
     $bad = array("content-type","bcc:","to:","cc:","href");
     return str_replace($bad,"",$string);
   }
    
   $email_message .= "First Name: ".clean_string($first_name)."\n";
   $email_message .= "Email: ".clean_string($email_from)."\n";
   $email_message .= "Collector: ".clean_string($collector)."\n";
   $email_message .= "Photo Caption: ".clean_string($title)."\n";
   $email_message .= "Comments: ".clean_string($comments)."\n";
   $email_message .= "IP Address: ".clean_string($ipaddress)."\n";

// create email headers
$headers = 'From: '.$email_to."\r\n".
'Reply-To: '.$email_from."\r\n" .
‘X-Mailer: PHP/’ . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
?>

Success <?php } die(); ?>[/code]

error.php

[code]

Error [/code]

#5

Are the emails in all cases being sent FROM a valid email address @your_domain.com? Dreamhost does prevent spoofing.


#6

Yes, they are. Thanks.