# PHP expert help needed



## rkselby98 (May 6, 2000)

I have a submit form on a web site I am doing for a local Pizza place. http://www.dinospizzausa.com/.

I have this form set up using PHP and the fields set to be validated and because this wasnt enough to block spammers from hacking into the form to submit their ads I added a Captcha script to it.

Now I went back to the site where I got the Captcha script and asked them if they could help me but they said they didnt know why my problem was happening but it most likely was due to the PHP submission code. I went to the site tools4php.com where I brought their form wizard and also their Captcha programs figuring they would work together but didnt work together and they couldnt solve the problems so I got the free one I am using now but it wont work either.

The problem is since adding the Captcha to the php script nothing works. The redirect page for the Captcha is blank at this time because I was trying to get it to work with or without the redirect but I just finally gave up. When this happens it is suppose to take them to a page telling them the code entered was incorrect but it takes them to a blank page. If the code is inserted correctly, it did submit the form but no more. I need to get this to open a page telling them the code was wrong and to retry.

Can someone help me with this? This web page for the submission form is http://www.dinospizzausa.com/contact.htm and attached are the files that work or suppose to work with this form. The email address is incorrect for obvious reasons.

Next question and sorry this is getting long but Id like to learn PHP but I cant afford to pay so I am looking for a site that I can learn from. I have searched and found a lot but most just give you examples of how to do things but Id like to know why you do these things. What do the brackets do, what is a colon or semi colon for, what does the forward slash do and so on. Examples I love but I also need to understand what does what to be able to write the script. Any one know of a free site that can help me with this?

One other thing as I look at the php file. The following line when sending the email to Dinos puts in the city, but for state and zip it enters state and zip instead of the correct state and zip. Is this code incorrect?
"City: $city, State: state, Zip: zip\\n"\par

Now the next thing is I need help but I need help so I can understand what I did wrong. I need to know how to fix it because I have other sites I do to help others. I would like to use this on those sites too but if I do not understand, what I am doing or how to correct this problem then I cant set them up.

Thanks to all of you who help and as always thanks to this great site that do help us dummies.


----------



## colinsp (Sep 5, 2007)

Rick,

Sorry I can't help with why the PHP & Captcha aren't working as I am trying to learn PHP now. I found the tutorials at http://www.freewebmasterhelp.com/tutorials very good as primers. There is a little issue with the Pizza site if you view it on a widescreen monitor all the images in the header separate rathere than joining together just FYI.

Colin


----------



## rkselby98 (May 6, 2000)

Thank you, I will have to check the pictures separating on a wide screen. I don't have a wide screen, just 15 inch screen and it is people like you when seeing a mistake or problem who let me know that make a big difference in web designs. Most people like me have no way of checking all the different browsers or screens and your input is really appreciate. THANKS

I will check the link you provided too, I have searched and searched the web but most site just give examples of how to do things but I would like to know why and by know why I can resolve my problems I HOPE...


Thanks for the input and have a great day.


----------



## rkselby98 (May 6, 2000)

Colin,

I don't have a wide screen so I can't see what you mean as to the separation of images in the heading. Do you have any idea how to solve this problem? Seems as we get more technology the harder things get than easier.

I have the width set in percentages for the web page so it fills the monitors on I guess (hope) on all monitors. But it seems the percentage could be what is causing this problem. Do you think if I removed the percentage width for this table and center the table that would solve the problem?

And seeing as how I am asking, is there a way anyone knows of that would create a wide screen on a 15 inch monitor so I would have a way to check this. Sounds like a stupid question I know but if not asked if there would be a way I would never know so I ask....


----------



## MMJ (Oct 15, 2006)

There are numerous things wrong with the contact script. I suggest that you look for as simple a contact script as possible.

Also when editing the script or opening it use a plain text editor (notepad, etc.) not WordPad or Microsoft Word.


----------



## tomdkat (May 6, 2006)

FormMail by Tectite supports CAPTCHA and has other mechanisms built-in to prevent spammers from exploiting the form.

Peace...


----------



## rkselby98 (May 6, 2000)

Thanks for the reply, I looked at FormMail and even e-mailed them, I tried their Captcha code but it did not work either and as for the FormMail I looked at it but my budget won't allow it.

I've looked at so many of these that I actually got confused as to the ones I did look at.

If I use the form by itself it works but I can't find a Captcha script that will work with it and the ones I do that look like they will charge for them.

If I keep trying and experimenting with these programs and scripts I am going to have to format this drive because of files left behind from installing and uninstalling. I figured it is time to see if there is anyone who can help without having to spend money I don't have. Seems the big oil companies want all I have and on a very small fixed income buying is out of the question.

BUT THANK YOU FOR THE SUGGESTIONS, I do appreciate any and all suggestions because we can learn from them all...

Have a great day,


----------



## tomdkat (May 6, 2006)

rkselby98 said:


> Thanks for the reply, I looked at FormMail and even e-mailed them, I tried their Captcha code but it did not work either and as for the FormMail I looked at it but my budget won't allow it.


How can your budget not allow free? What did their CAPTCHA function not do for you? I haven't used it yet, personally.

Did you try to "borrow" their CAPTCHA code or did you use the FormMail form and configure the CAPTCHA function?

Peace...


----------



## rkselby98 (May 6, 2000)

To be truthful I forgot exactly what the problem was. Just about all wouldn't allow the form to submit and resulted in errors appearing in a new page. What I have now is the best it have gotten, it will submit just that now if the code is incorrect it won't redirect to the error page but to the PHP page which is blank. 

My mine must be losing for I was thinking FormMail wasn't free. Right FormMail was free but it didn't have the Captcha included when I looked at the example and all sites I maintain are getting spammed a lot.

Forgive me but I think that is how it was with FormMail. Tried so many I am not sure anymore. I'm just looking for a way to solve this problem without redoing a lot of files. I think I finally got to the point on this one that I am actually getting lazy or close to giving up...and that is something I don't do...


----------



## Mudley (Apr 7, 2008)

hackers were spamming the contact form?

are you sure?


----------



## rkselby98 (May 6, 2000)

Sure are, well spammers are for each contact form I set up is getting emails from the contact form sending ads for all sorts of stuff including pron and one of the sites I do is for a church and they are very unhappy about this and want an end put to it.


----------



## tomdkat (May 6, 2006)

Well, if you would be willing to give the latest FormMail a try (since it now supports CAPTCHA), I would be willing to assist you. 

Peace...


----------



## Mudley (Apr 7, 2008)

interesting.

there may be some simpler solutions.
on the php page that sends the email, check to see if the referring page is indeed the form page.
if its not, don't send the email.


----------



## rkselby98 (May 6, 2000)

colinsp, tomdkat, MMJ, Mudley,

Thanks folks, With the help of tomdkat I have a form up and working using FormMail and their CAPTCHA software.

Have a few problems and tomdkat has been helping me via email but simply the problems are changing the script to a successful redirect page instead of the default page that was set up using FormMail. Another problem I am having is the successful submit page showing the fields that were submitted do not fill in the fields.

I will attached the html field for that error. BTW, before causing problems on the Dino's site I am using my site for experimenting purposes so no one will kill me for the time this has been taking me.

Here is the url of the submit page. http://www.rselby.net/_prayer_request.htm

I haven't gotten to the bad or error redirect page but once I do then I will keep this forum up to date on that so others can learn from this too.

One thing I want to say, FormMail has a wizard that does the hard work for you, but once you get the files don't let them scare you because they are large and looking at them is scary. BUT with a little help I think almost anyone can work with them. They aren't as bad as they seem or look.

Everyone have a great day and thanks again. In the attached zip file are the submit form and the success page. I believe this is where the problem lies with the fields not being filled in on the success page.


----------



## tomdkat (May 6, 2006)

rkselby98 said:


> Another problem I am having is the successful submit page showing the fields that were submitted do not fill in the fields.


This is because I believe you need to use a template for the success page. The template will allow those values to be filled in.

EDIT: Read the "Template pages" section at the bottom of this page. One of the links will take you to a forum thread on creating a HTML template you can use for successful form submissions.

Peace...


----------



## rkselby98 (May 6, 2000)

The template may be what is needed.

I've been testing this and the CAPTCHA isn't working. If I don't put in a code it submits the form, if I put in an incorrect code I get the following.

The following error occurred in FormMail :
verify_failed
**********
Error=Image verification string missing. This is probably a fault on the server.

I've recopied the code to the submit form, redownloaded the verifying files from www.tectite.com. just to be sure they wern't corrupt and uploaded them to the server and still the same error.

Maybe I am getting too tired to see the simple mistakes at this point...


----------



## tomdkat (May 6, 2006)

rkselby98 said:


> I've been testing this and the CAPTCHA isn't working. If I don't put in a code it submits the form, if I put in an incorrect code I get the following.


Here is a quote from the CAPTCHA page:


> Of course, to enforce the input of the imgverify field, you should specify that field name in required or conditions.


Look at the "required" hidden field in your form and see if anything is missing. 

Peace...


----------



## rkselby98 (May 6, 2000)

Tom,

I don't see anything missing, here is what is listed, email address changed







I'm not sure what I am looking for but it looks good to me...but again I don't know anything either...


----------



## tomdkat (May 6, 2006)

Let's look a bit further:





* 

*


Which fields are listed in the *required* section? Which fields should be listed in the *required* section? 

Peace...


----------



## rkselby98 (May 6, 2000)

The fields listed are the ones required. Only 4 fields in the form and all 4 are listed.

I had a probem with this earlier and I had a field listed incorrectly and it generated an error and wouldn't submit. So I played with these fields until I got rid of the error and the form submitted.

BUT while I was doing this I was putting in the CAPTCHA code correctly and it worked.

What I didn't realize was if I lef the code blank it submitted the form but also generated the following error.

*Error=Image verification string missing. This is probably a fault on the server*


----------



## tomdkat (May 6, 2006)

tomdkat said:


> Here is a quote from the CAPTCHA page:
> 
> 
> 
> > Of course, to *enforce the input of the imgverify field, you should specify that field name in required* or conditions.





rkselby98 said:


> The fields listed are the ones required. Only 4 fields in the form and all 4 are listed.


So, based on the quote above, I would think you would need to *add* the imgverify field to the required field list:

Or description like that. The CAPTCHA stuff is working fine. You just haven't made the CAPTCHA field required in your form.

Try that and see what happens. 

Peace...


----------



## rkselby98 (May 6, 2000)

Give me a minute and I will give that a try. Then I will get back real quick. Like you I am sure this has been a very long day for you and about time to call it quits for this day.


----------



## rkselby98 (May 6, 2000)

That is what it was, I would never have thought about that. Once I put the verify in the required it works.

Thanks, that is enough for one day, In 3 hours I have to get up and start over again so Good nite to all and to all thanks a bunch.

Expecailly you tomdkat for all your help.


----------



## tomdkat (May 6, 2006)

Great! Glad it's working for you. 

Peace...


----------



## rkselby98 (May 6, 2000)

Things are going pretty good today, got the form working the redirect page is getting closer, just need to figure out how to get the what was submitted to show on the Redirect page or as they call it the Good URL page.

I have a post on a thread on the http://tectite.com/ site to see if anyone there can shed some light on the problem but it seems they work and most aren't on until late night but that is okay. I'm up all hours of the day and night as it looks you are too.

If I do get a solution from them I will post it here so we all can learn because this is a good FormMail program once you figure it out and with a little help it is easy to do and that comes from me someone who hasn't a clue as to what the code or script is.

Once I get the Good URL fixed then I will work on the error page but that could be a day or two till I get that far. I have learned that when doing this only do one step at a time and don't try doing something else while you are waiting for answers, just doesn't work.

So again thanks for the help and a good day to all.


----------



## tomdkat (May 6, 2006)

tomdkat said:


> This is because I believe you need to use a template for the success page. The template will allow those values to be filled in.
> 
> EDIT: Read the "Template pages" section at the bottom of this page. One of the links will take you to a forum thread on creating a HTML template you can use for successful form submissions.


Did you read the above mentioned page on templates? On that page is a link to an HTML template that you could probably use as a base for your "good_url" page.

Peace...


----------



## rkselby98 (May 6, 2000)

I took a look at it last night/early morning and at that time it blew my mind as what to do. I am looking at another page there on an ini file and blocking bots but I have to take a break or try because this looks like it is a bit over my head or it did last night.

Once I step away and come back maybe it won't look so bad....They say the hardest part is taking the first step... I have to agree...

The following gets into bad from handlers and and creating an ini file. But these I am just looking at right now. NOT doing anything with them.

http://www.tectite.com/vbforums/showthread.php?t=1926

But maybe someone else is interested in these...


----------



## tomdkat (May 6, 2006)

Well, go back to the template pages page I linked to above. Click the "Sample Good Template" link and download the sample. On the sample good template page, download the sample form. Between the sample form and the sample HTML template page, you should be able to figure out how to modify your "good_url" page to have the fields from the form inserted where you want them.

Peace...


----------



## rkselby98 (May 6, 2000)

That is where I am now but I was just getting ready to post how to create a template because I didn't see anyplace t o create one. Now that you mention what to look for maybe I will see it now.

Maybe you can explain this to me while we are on the subject to quote them they say if you don't create a f older to store the templates hackers can have access to all your files, what differecne would creating a special folder for the templated make? Sounds stupid, yeah but stupid questions is how I learn...


----------



## rkselby98 (May 6, 2000)

I finally found it, may I am losing my mind or something, don't see how i missed it. After looking at the sample that is what i have in my good redirect page so if I am correct then all I should have to do is create a template folder and place the file in it.

Then change the code and this is where I am having a probem again I must be blind for I just saw it and can't find it now. Where to change the path to the temp directory and template...

Okay I found it in the php file but I am not sure what to change.

Here is where I think the changes are made but not sure what to edit. 


or do I remove the following and replace it with what is above?


----------



## rkselby98 (May 6, 2000)

I added the following to my submit form



and it returned the following error. I am not sure where this is suppose to be changed.

The following error occurred in FormMail :
You must set either TEMPLATEDIR or TEMPLATEURL in formmail.php before you can specify templates in your forms. 

and

The following error occurred in FormMail :
template_failed
**********
Error=Failed to process template "http://www.rselby.net/ok/name of template.htm"


----------



## rkselby98 (May 6, 2000)

tomdkat,

Finally got it.

Had to take the form and put it in a directory I created. Then I had to add the following line to the form itself.



After that I had to open the* Php File *and add the directory location to the following
*$TEMPLATEDIR = "";*

To make it like so
$TEMPLATEDIR = "http://www.rselby.net/ok/";

Next I had to edit the following and add the path to the template itself
*$TEMPLATEURL = "";*

To read 
$TEMPLATEURL = "http://www.rselby.net/ok/name of template.htm";

Then saved all files and uploaded them.

This all sounded complicated when I was reading it and if they would have given more specific directions as where to find what and what to add would have helped but after playing with it the above works for me.


----------



## tomdkat (May 6, 2006)

rkselby98 said:


> Maybe you can explain this to me while we are on the subject to quote them they say if you don't create a f older to store the templates hackers can have access to all your files, what differecne would creating a special folder for the templated make?


By storing templates in directory on the server, you must configure the FormMail *script* with the location of that directory and that location will be kept "secret". If hackers had knowledge of the location of the templates, they could try to exploit the templates to inject malicious code and use the FormMail script to do almost whatever they want.

Peace...


----------



## tomdkat (May 6, 2006)

rkselby98 said:


> Had to take the form and put it in a directory I created. Then I had to add the following line to the form itself.


That should be the page that is displayed _after_ the form is submitted, not the form itself.



> After that I had to open the* Php File *and add the directory location to the following
> *$TEMPLATEDIR = "";*
> 
> To make it like so
> $TEMPLATEDIR = "http://www.rselby.net/ok/";


Nope, that's wrong. That is NOT a valid entry for TEMPLATEDIR. You should leave this setting blank, like it used to be. More on this in a sec.



> Next I had to edit the following and add the path to the template itself
> *$TEMPLATEURL = "";*
> 
> To read
> ...


Cool. Now, let's look at the error message you got above:

The following error occurred in FormMail :
*You must set either TEMPLATEDIR or TEMPLATEURL in formmail.php before you can specify templates in your forms*.

This means you must set ONE of the template options in your FormMail script before you can use templates. You must choose one. Since your TEMPLATEDIR setting was incorrectly specified, TEMPLATEURL is being used since it IS correctly specified.

So you are using TEMPLATEURL for your HTML template which will be filled in by FormMail and sent in response to a successful form submission, as indicated by the "good_url" setting in your HTML form. 

The doc is a bit scattered but all of the info you need is there and the FormMail script is very well documented with URLs to pages for each option in the script you can configure.

Peace...


----------



## rkselby98 (May 6, 2000)

Looks like we were both working on posting at the same time and overlapped each other. Main thing is the problem is solved and with what you posted and what I posted I think anyone should be able to set up a good redirect page without any trouble.

Well only one thing left to do and that is create the error page but that is going to wait for a bit, seen enough clouds, cold and in the two and a half hours sleep I got last night I must have over slept for when I went to bed I thought it was summer and had the windows open but when I got up frost was on the grass so it looks like I slept through summer and back to winter again so before I miss Spring today I want to get outside for a bit.

Thanks for all the great help and when i get some rest I will start the error page and with what was posted here I don't think that will be much of a problem.

Everyone have a great day and enjoy what God has given you, me he gave you good people to help me keep my sanity....

Have a great day and THANK YOU....


----------



## rkselby98 (May 6, 2000)

> Originally Posted by rkselby98
> Had to take the form and put it in a directory I created. Then I had to add the following line to the form itself.
> 
> That should be the page that is displayed after the form is submitted, not the form itself.


The above line was added to in Step 2 of the submit form, it is the path to the good URL template page.



> After that I had to open the Php File and add the directory location to the following
> $TEMPLATEDIR = "";
> 
> To make it like so
> ...


Don't know, I set up my form this way and another site and both work with the setting like this, it may be wrong but it is working. I will have to see what you have below and try it. Maybe the way i have it the form will not work with all browsers.



> Cool. Now, let's look at the error message you got above:
> 
> The following error occurred in FormMail :
> You must set either TEMPLATEDIR or TEMPLATEURL in formmail.php before you can specify templates in your forms.
> ...


This error doesn't appear since I set it using what I have above. I got this error before I created the temp folder.

I am going to remove the path to the directory as you suggest to see what happens and I will get back to you. The way I have it now may only work on IE Explorer.


----------



## rkselby98 (May 6, 2000)

tomdkat.

I removed the path in the $TEMPLATEDIR = and uploaded to the server. I tried the form and it didn't take me to the good submittion template but my server redirected me to my home page which it is set to do when a 404 code is issued.

I then added the path again to the $TEMPLATEDIR = and it opens the good template page and fills in the fields showing what was submitted.


----------



## tomdkat (May 6, 2006)

rkselby98 said:


> tomdkat.
> 
> I removed the path in the $TEMPLATEDIR = and uploaded to the server. I tried the form and it didn't take me to the good submittion template but my server redirected me to my home page which it is set to do when a 404 code is issued.
> 
> I then added the path again to the $TEMPLATEDIR = and it opens the good template page and fills in the fields showing what was submitted.


The thing is, you're NOT adding a path to TEMPLATEDIR, you're adding a URL to TEMPLATEDIR, which is not correct.

Of course, next I'm going to ask you to remove the URL from TEMPLATEDIR, re-upload the script, and e-mail me a copy so I can confirm the template settings you actually have. 

If you removed the entry for TEMPLATEDIR and the script didn't behave the way you wanted, that means something else is still not quite right. I would want to know which URL generated the 404 error you received when you removed the URL you put in the TEMPLATEDIR variable. It's obvious you're close but not quiet 100% yet. 

Peace...


----------



## rkselby98 (May 6, 2000)

Give me a few minutes and I will remove the path and see what happens this time. Strange this is....


----------



## rkselby98 (May 6, 2000)

tomdkat,

On the Tectite site they have detailed instructions on using FormMail and CAPTCHA. Below is a link to the instructions on site.

http://www.tectite.com/terry_allen_guide/web-content/index.html

Here is a link to download the instructions in a zip format.

http://www.tectite.com/vbforums/attachment.php?attachmentid=191&d=1173488176

I hope this will help others set up FormMail and not have to go through all I did. These are the basic instructions for a beginner to help you get a form up and working.


----------



## tomdkat (May 6, 2006)

Well, rkselby98 and I have made yet more progress on this. This is where we are currently at:

We've changed his FormMail script to have ONLY the TEMPLATEURL option set and not both options set, per for FormMail instructions. We then made a minor change to the form where the fully qualified URLs for the FormMail script and the CAPTCHA image script were removed. We then found out that the CAPTCHA image problems rkselby98 reported previously was related to him having browser cookies disabled.

So, the configuration we managed to get working, including his HTML template being properly used, looks like this:

In the FormMail script:

$TEMPLATEDIR = "";
$TEMPLATEURL = "http://www.rselby.net/good";

In the actual form:

and

and










********************************

The combination of the above changes and rkselby98's enabling of browser cookies allowed him to see a fully function form work as he wanted.

Peace...


----------



## rkselby98 (May 6, 2000)

I would never have guess that the url would be the path to the directory considering that the DIR is listed just above the URL.. I was thinking by the way or order they had them listed that the DIR would be the location of the directory the file was actually in and not the URL being the path.

I never would have figured this one out.

Thanks a bunch, I know there are others who will appreciate all the work you put into this as I do for there has to be many that have had this problem. 

Now that this is worked out I can continue and having seen how they are doing things it should get much easier....


----------



## tomdkat (May 6, 2006)

rkselby98 said:


> I would never have guess that the url would be the path to the directory considering that the DIR is listed just above the URL.. I was thinking by the way or order they had them listed that the DIR would be the location of the directory the file was actually in and not the URL being the path.
> 
> I never would have figured this one out.


Well, the descriptions of those options are pretty straightforward:

TEMPLATEDIR:


> Set TEMPLATEDIR to the directory/folder on your server where template files are stored.
> 
> If you want to specify "good_template", "bad_template", "HTMLTemplate" or "PlainTemplate" in your forms, the templates must be found in the directory/folder you specify with this configuration setting (or the alternative setting TEMPLATEURL). This is a necessary step to prevent security problems. For example, without this measure, an attacker might be able to gain access to any file on your server.
> 
> Example: $TEMPLATEDIR = "/home/mysite/public_html/templates";


--------------------------------------------------
TEMPLATEURL:


> Set TEMPLATEURL to the URL where template files can be fetched. If you set TEMPLATEDIR too, that takes precedence and TEMPLATEURL is ignored.
> 
> TEMPLATEURL is analogous to TEMPLATEDIR, but allows for templates to be read from a web server. This is useful for cases where you want the template to be generated dynamically via a PHP script, for example.
> 
> Example: $TEMPLATEURL = "http://www.mysite.com/templates";


---------------------------------------------------

In your case, if you wanted to use the TEMPLATEDIR option correctly, you would have to know the full path to the location of the template directory. A full path isn't the same as a URL. Since you're using TEMPLATEURL, you don't need to know the actual path to the location of the template directory on the server. This can be easier to deal with since the TEMPLATEURL will point to the "website relative" location of the templates.

One advantage of using TEMPLATEDIR is you can have your templates located OUTSIDE of your website directory tree.

One advantage of using TEMPLATEURL is you can possibly have templates located on other servers (like with the test we conducted today). However, this would probably be viewed as a security risk.

Peace...


----------

