[RESOLVED] cookies

theknight

I have constructed the following form, however it doesn't seem to be working:

html

<html>
<body>

<form action="myform.php" method="post">
<p>Your Name: <input type="text" name="yourname" /><br />
E-mail: <input type="text" name="email" /></p>

<p>Do you like this website?
<input type="radio" name="likeit" value="Yes" checked="checked" /> Yes
<input type="radio" name="likeit" value="No" /> No
<input type="radio" name="likeit" value="Not sure" /> Not sure</p>

<p>Your comments:<br />
<textarea name="comments" rows="10" cols="40"></textarea></p>

<p><input type="submit" value="Send it!"></p>
</form>

</body>
</html>

php - my form.php

<?php
/* Prevent duplicate submissions */
if (isset($_COOKIE['FormSubmitted']){

show_error('You may only submit this form once per session!');
}

/* Set e-mail recipient */
$myemail  = "a@a.com";

/* Check all form inputs using check_input function */
$yourname = check_input($_POST['yourname'], "Enter your name");
$subject  = check_input($_POST['subject'], "Write a subject");
$email    = check_input($_POST['email']);
$website  = check_input($_POST['website']);
$likeit   = check_input($_POST['likeit']);
$how_find = check_input($_POST['how']);
$comments = check_input($_POST['comments'], "Write your comments");

/* If e-mail is not valid show error message */
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email))
{
    show_error("E-mail address not valid");
}

/* If URL is not valid set $website to empty */
if (!preg_match("/^(https?:\/\/+[\w\-]+\.[\w\-]+)/i", $website))
{
    $website = '';
}

/* Let's prepare the message for the e-mail */
$message = "Hello!

Your contact form has been submitted by:

Name: $yourname
E-mail: $email
URL: $website

Like the website? $likeit
How did he/she find it? $how_find

Comments:
$comments

End of message
";

/* Send the message using mail() function */
mail($myemail, $subject, $message);

/* Set a cookie to prevent duplicate submissions */
setcookie('FormSubmitted', '1');

/* Redirect visitor to the thank you page */
header('Location: thanks.htm');
exit();

/* Functions we used */
function check_input($data, $problem='')
{
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    if ($problem && strlen($data) == 0)
    {
        show_error($problem);
    }
    return $data;
}

function show_error($myError)
{
?>
    <html>
    <body>

<b>Please correct the following error:</b><br />
<?php echo $myError; ?>

</body>
</html>
<?php
exit();
}
?>

thanks.htm

Thanks

The cookies are used to test if it has already been filled in within a session, if the form has then the user unable to fill it in again. However when I click submit it comes up with a blank screen - why is this?

Thanks

bradgrafelman

theknight;10942962 wrote:
However when I click submit it comes up with a blank screen - why is this?

Because you have a parse error in your code, but haven't setup error reporting properly to help you debug your problem.

If this is being tested on a local (and/or) development server, set display_errors to On and set error_reporting to E_ALL in either php.ini or via .htaccess. If this is a live production server, set log_errors to On (and display_errors to Off) and use error_log to log all PHP errors for later review.

Once you get the error reporting sorted out, take a look at the line number referenced in the error message and you should spot the error. I'll give you a hint: make sure the number of ('s match the number of )'s on that line. 😉

theknight

Ok the error is

Parse error: parse error in C:\xampp\htdocs\MYPHP\myform.php on line 3

That is this line, it seems fine:

if (isset($_COOKIE['FormSubmitted']){

isset is a function - not sure where the problem is, btw I am using notepad ++

bradgrafelman

As I said, count the number of ('s and the number of )'s on that line; you have one more ( than you do ).

theknight

hmmm!

if(iset($_COOKIE['FormSubmitted']){

there is 1 s in the (FormSubmitted), there was two in "isset", so should it be "iset" - although it no longer works when I do this. :/

bradgrafelman

Erm, no.. I wasn't referring to the letter S, I was referring to the opening and closing parenthesis.

You have only one closing ")" in there, so your if() statement is never closed with a ")".

theknight

doh!

Thanks dude, I REALLY hate it when the errors are syntax based. By the way, what IDE is best for programming in php?

bradgrafelman

theknight;10942969 wrote:
By the way, what IDE is best for programming in php?

You can search the Echo Lounge for several threads that have discussed that topic (one or two in great length, IIRC). As for myself, I don't use an IDE - I just use Notepad2.

theknight

bradgrafelman;10942970 wrote:
You can search the Echo Lounge for several threads that have discussed that topic (one or two in great length, IIRC). As for myself, I don't use an IDE - I just use Notepad2.

I have decided to use Komodo Edit 5.2

By the way I have modified my code so that instead of emailing it stores a value in a database from the form, the field I have used to test this with is "your name":

(changes highlighted in bold)

<?php
/* Prevent duplicate submissions */
if(isset($_COOKIE['FormSubmitted'])){

show_error('You may only submit this form once per session!');
}

/* Set e-mail recipient */
$myemail  = "samsonknight2k@hotmail.com";

/* Check all form inputs using check_input function */
$yourname = check_input($_POST['yourname'], "Enter your name");
$subject  = check_input($_POST['subject'], "Write a subject");
$email    = check_input($_POST['email']);
$website  = check_input($_POST['website']);
$likeit   = check_input($_POST['likeit']);
$how_find = check_input($_POST['how']);
$comments = check_input($_POST['comments'], "Write your comments");

/* If e-mail is not valid show error message */
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email))
{
    show_error("E-mail address not valid");
}

/* If URL is not valid set $website to empty */
if (!preg_match("/^(https?:\/\/+[\w\-]+\.[\w\-]+)/i", $website))
{
    $website = '';
}

/* Let's prepare the message for the e-mail */
$message = "Hello!

Your contact form has been submitted by:

Name: $yourname
E-mail: $email
URL: $website

Like the website? $likeit
How did he/she find it? $how_find

Comments:
$comments

End of message
";

[B]
$conn = mysql_connect("localhost","a","test");
print("connected");
  $q1 = stripslashes(mysql_real_escape_string($_POST['yourname']));
    // the extra functions are to help clean the string up (if you have a text based input rather that multiple choice).
    // repeat for all questions.
  mysql_select_db("test") or die(mysql_error);
  mysql_query("INSERT INTO 'name' VALUES ('$q1')");
  Print "Your information has been successfully added to the database";
mysql_close($conn);
[/B]

/* Set a cookie to prevent duplicate submissions */
setcookie('FormSubmitted', '1');


/* Redirect visitor to the thank you page */
header('Location: thanks.htm');
exit();

/* Functions we used */
function check_input($data, $problem='')
{
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    if ($problem && strlen($data) == 0)
    {
        show_error($problem);
    }
    return $data;
}

function show_error($myError)
{
?>
    <html>
    <body>

<b>Please correct the following error:</b><br />
<?php echo $myError; ?>

</body>
</html>
<?php
exit();
}
?>

However I am getting the following error, why?

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\MYPHP\myform.php:53) in C:\xampp\htdocs\MYPHP\myform.php on line 64

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\MYPHP\myform.php:53) in C:\xampp\htdocs\MYPHP\myform.php on line 68

halojoy

Each output to browser with echo or print will send a HTML header.

setcookie() will give error if any other header is sent before it is executed.

Solution:
Try if you can move those echo/print you have before setcookie()
to after

theknight

halojoy;10943034 wrote:
Each output to browser with echo or print will send a HTML header.

setcookie() will give error if any other header is sent before it is executed.

Solution:
Try if you can move those echo/print you have before setcookie()
to after

That worked like a charm!

By the way it is not inserting anything to my table, does the SQL look right to you?

$q1 = stripslashes(mysql_real_escape_string($_POST['yourname']));
mysql_query("INSERT INTO 'name' VALUES ('$q1')");

Thanks guys. Starting to get the hang of this language with your help! 🙂

bradgrafelman

halojoy;10943034 wrote:
Each output to browser with echo or print will send a HTML header.

Ehh.. not each output... just the first output.

theknight wrote:
By the way it is not inserting anything to my table, does the SQL look right to you?
$q1 = stripslashes(mysql_real_escape_string($_POST['yourname']));
mysql_query("INSERT INTO 'name' VALUES ('$q1')");

Why are you using [man]stripslashes/man? [man]mysql_real_escape_string/man adds slashes in front of characters that might disrupt your SQL query, causing errors or allow SQL injection attacks. By removing those slashes with stripslashes(), you're basically undoing everything mysql_real_escape_string() did.

As for your SQL query, you've surrounded the table name with single quotes, which are use to delimit strings. For databases/tables/columns/etc., you don't need to delimit them with anything... unless, of course, you used a reserved word, in which case you would use a backtick ( ` ) on MySQL servers.

halojoy

bradgrafelman;10943037 wrote:
Ehh.. not each output... just the first output.

I am sorry.
I was so wrong.
Now he did not get what I tried to tell. Probably.
🙂

halojoy

theknight;10943035 wrote:
That worked like a charm!

I am glad you got it working,
inspite of my awful mistake in trying telling you.
🙂

bradgrafelman

Eh... it wasn't an awful mistake; you still got the point across that modifying HTTP headers (e.g. to add a cookie to them) can't be done once you've started outputting data.

theknight

bradgrafelman;10943043 wrote:
Eh... it wasn't an awful mistake; you still got the point across that modifying HTTP headers (e.g. to add a cookie to them) can't be done once you've started outputting data.

Seem to have run into another problem:

<?php
/* Prevent duplicate submissions */
if(isset($_COOKIE['FormSubmitted'])){

show_error('You may only submit this form once per session!');
}

if (isset($_POST['Submit'])) {

$selected_radio = $_POST['handset'];
$selected_radio1 = $_POST['role'];
$list_type = $_POST['utype'];

if($selected_radio1=='Und' && $list_type=='Please'){

print "Please text";
exit();

}

if($selected_radio=='Yes' && empty($_POST['mtype'])){

print "Text field is empty. Please enter your Handset model number";
exit();

}
}


$selected_radio = $_POST['handset'];
$selected_radio1 = $_POST['role'];
$list_type = $_POST['utype'];
/* Get all the inputs */
$mobilised  = $_POST['mobilised'];
$mchoice  = $_POST['mchoice'];
$useMobile    = $_POST['handset'];
$handsetType = $_POST['mtype'];
$buyData   = $_POST['dp'];
$haveData = $_POST['dpm'];
$upgradePhone = $_POST['upm'];
$prevTried = $_POST['prevDepart'];
$browseUni = $_POST['mobOften'];
$useNet   = $_POST['netMobile'];
$noneReason = $_POST['mwhy'];
$lectureTime  = $_POST['grp1'];
$relevantContact    = $_POST['grp2'];
$reportAbsences  = $_POST['grp3'];
$reportLate   = $_POST['grp4'];
$roomChange = $_POST['grp5'];
$newsfeed = $_POST['grp6'];
$job = $_POST['grp7'];
$examDate  = $_POST['grp8'];
$otherFunc    = $_POST['mfunc'];
$importance  = $_POST['speed'];
$persistance   = $_POST['compatible'];
$further = $_POST['mFin'];

/* Connect to the mySQL database */
$conn = mysql_connect("localhost","a","test");

  // repeat for all questions.
  mysql_select_db("test") or die(mysql_error);
mysql_query("INSERT INTO csd VALUES ('$selected_radio1','$list_type','$mobilised','$mchoice','$useMobile','$handsetType','$buyData','$haveData','$upgradePhone','$prevTried','$browseUni','$useNet','$noneReason','$lectureTime','$relevantContact','$reportAbsences','$reportLate','$roomChange','$newsfeed','$job','$examDate','$otherFunc','$importance','$persistance','$further')");
mysql_close($conn);

/* Set a cookie to prevent duplicate submissions */
setcookie('FormSubmitted', '1');

/* Redirect visitor to the thank you page */
header('Location: thanks.htm');
Print "Your information has been successfully added to the database";

exit();

   function show_error($myError)
{
?>
    <html>
    <body>

<b>Please correct the following error:</b><br />
<?php echo $myError; ?>

</body>
</html>
<?php
exit();
}

?>

This does not seem to be working. Seems to stop working as soon as I added the

f (isset($_POST['Submit'])

method

thanks

theknight

fixed it