I'm using this Flash form on my site to have people send their messages to me. Using LoadVars, it sends the input to a php scripts. The php script checks the input for errors and if everything is ok, send the message to my email. Looking at my statistics however, I noticed that this php file is accessed more than I get emails. For example, my statistics page would say:
phpscripts/mailform.php 25
for this month, but in this month I only received 6 emails.
I've taken into account that users made mistakes filling in my form. That wouldn't lead to an email, but the php file would be accessed nevertheless. So let's say 5 people did that. I then would expect to have gotten 20 emails.
Is there something wrong with my actionscript or php script? Or is there some other reason for these extra hits on the php file? It's location isn't mentioned in the html, just in the Flash file.
Can someone give me an explanation?
The AS2:
stop();
//When using TAB key only input fields are allowed to
//be moved through
naam.tabIndex = 1;
email.tabIndex = 2;
bericht.tabIndex = 3;
//Scrolling arrows function
//In case of large text being typed into the message
//field, the text can be scrolled with the arrow buttons
Hoog.onRelease = function() {
bericht.scroll = bericht.scroll-1;
};
Laag.onRelease = function() {
bericht.scroll = bericht.scroll+1;
};
//When an error has been found in a field, the error
//message "Niet (goed) ingevuld" is put inside it and when
//clicked on that input field the field is cleared so it
//can be typed in again
naam.onSetFocus = function(oldFocus) {
if (naam.text == "Niet (goed) ingevuld") {
naam.text = "";
}
};
email.onSetFocus = function(oldFocus) {
if (email.text == "Niet (goed) ingevuld") {
email.text = "";
}
};
bericht.onSetFocus = function(oldFocus) {
if (bericht.text == "Niet ingevuld") {
bericht.text = "";
}
};
//Sending typed name, email address and message text
//variables to php mailform.php script
Versturen.onRelease = function() {
mySendVars = new LoadVars();
myLoadVars = new LoadVars();
mySendVars.naam = naam.text;
mySendVars.email = email.text;
mySendVars.bericht = bericht.text;
mySendVars.sendAndLoad("mailform.php", myLoadVars, "POST");
gotoAndStop(2);
//The returned variables indicate whether there
//was an error in one or more input fields
//In case of no error the email has already been
//sent by the php script and Flash goes to frame 3
//of the movieclip, showing the Thank-You screen
myLoadVars.onLoad = function(success) {
if (success) {
if ((myLoadVars.naam != "error") && (myLoadVars.email != "error") && (myLoadVars.bericht != "error")) {
gotoAndStop(3);
} else {
//In case of an error the error message
//is displayed in red characters in
//the input field(s) which has the error
gotoAndStop(1);
if (myLoadVars.naam != "error") {
naam.text = mySendVars.naam;
} else {
naam.text = "Niet (goed) ingevuld";
naamformat = new TextFormat();
naamformat.color = 0xFF0000;
naam.setTextFormat(naamformat);
}
if (myLoadVars.email != "error") {
email.text = mySendVars.email;
} else {
email.text = "Niet (goed) ingevuld";
emailformat = new TextFormat();
emailformat.color = 0xFF0000;
email.setTextFormat(emailformat);
}
if (myLoadVars.bericht != "error") {
bericht.text = mySendVars.bericht;
} else {
bericht.text = "Niet ingevuld";
berichtformat = new TextFormat();
berichtformat.color = 0xFF0000;
bericht.setTextFormat(berichtformat);
}
}
}
};
};
The php script mailform.php:
<?php
/* Email settings, doing some basic filtering */
/* Used by Flash form so utf8 decode neccessary for allowing international (accented) characters */
/* (utf8 decode turns everything to iso 8859-1) */
/* Using stripslashes so names like O'Brien don't get converted to O/'Brien when posted by Flash */
$to = "test@mail.nl";
$subject = "Request for information";
$naam = stripslashes(utf8_decode($_POST["naam"]));
$email = stripslashes(utf8_decode($_POST["email"]));
$bericht = stripslashes(utf8_decode($_POST["bericht"]));
/* Convert newline codes to correct newlines to that each paragraph starts on a new line */
$bericht = preg_replace('~\r(?!\n)|(?<!\r)\n~', "\r\n", $bericht);
/* To protect agains email injection, some regular expressions to validate inputed values */
/* Checking for a proper name, including accented characters, apostrophe, space and hyphen */
/* Hexadecimal codes used to allow accented characters */
if (!preg_match('~^[a-z\xC0-\xFF][a-z\xC0-\xFF \-\']*$~i', $naam)) {
$naam = "error";
/*echoes are used the send variables back to Flash again */
echo "&naam=error&";
} else {
echo "&naam=correct&";
}
/* Checking for properly formed email address*/
if (!preg_match('~^[a-z0-9][a-z0-9_.\-]*@([a-z0-9]+\.)*[a-z0-9][a-z0-9\-]+\.([a-z]{2,6})$~i', $email)) {
$email = "error";
echo "&email=error&";
} else {
echo "&email=correct&";
}
/* Has a message been filled in? */
if (!$bericht || $bericht == "Niet ingevuld") {
$bericht = "error";
echo "&bericht=error&";
} else {
echo "&bericht=correct&";
}
/* Everything is ok and mail will be sent as plain text mail */
/* When sending as html text mail, the use of htmlentities on the message is advised */
/* That way the message part can't be used to input malicious scripts */
if ($naam != "error" && $email != "error" && $bericht != "error") {
$message = "Naam:\r\n".$naam."\r\n\r\n";
$message .= "Emailadres:\r\n".$email."\r\n\r\n";
$message .= "Bericht:\r\n".$bericht."\r\n";
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/plain; charset=iso-8859-1\r\n";
$headers .= "From: ".mb_encode_mimeheader($naam, "iso-8859-1", "Q")." <".$email.">\r\n";
mail($to, $subject, $message, $headers);
}
?>
