Which of the form handling actions are you using in these forms. Is there a difference between the one that works and the one that doesn’t? Not sending mail can also be a symptom of your hosting provider’s PHP or sendmail configuration.
Walter
On Jul 19, 2019, at 11:05 AM, Steve Gunther email@hidden wrote:
Arrrggghh. My active elements on my websites are the registration forms. Its very wierd.
One of my sites: this form works fine:
www.depth.net.au/Workshops/hobartretreats
The problem with EasiForm (and all the other products from this now-discontinued service) is that they obfuscate their code, in the mistaken belief that their implementation of this basic form handler is somehow valuable enough to hide from people. PHP is a scripting language, born of and for the Web, with the Web’s ethos that “view source” is how other people learn from what you’ve made – that we are all taller when we stand on each others’ shoulders.
My recommendation is that you re-do this page using the built in Send Form Action, which is known to work with PHP 7. Have your server person re-upgrade you to PHP 7.2, and use that combination. PHP 5 is not really practical (or ethical, as in, fair to the other users of your server) to run in a public Web site in this day and age.
Walter
On Jul 19, 2019, at 6:49 PM, Steve Gunther email@hidden wrote:
Its been working fine for many years. Then the server did a php upgrade. Then they downgraded it for me - stopped after that…
Thanks for your reply. I guess I am not sure if I can use Send Form, with all the elements that I want to have people register with.
And, I use the captcha as well. But maybe its safe enough that I can get people to submit the form without that.
Steve
freewaytalk mailing list
email@hidden
Update your subscriptions at:
One more question. My current form has multiple fields. But unless I misunderstand something, the Freeway Send Form action only has a few - first and last name, message, supplemental message. My current form has a dozen fields on it. I cant see anywhere where there are instructions as to how to use more fields and the send form will still work…
freewaytalk mailing list
email@hidden
Update your subscriptions at:
On 21 Jul 2019, at 2:35 pm, Steve Gunther email@hidden wrote:
One more question. My current form has multiple fields. But unless I misunderstand something, the Freeway Send Form action only has a few - first and last name, message, supplemental message. My current form has a dozen fields on it. I cant see anywhere where there are instructions as to how to use more fields and the send form will still work…
freewaytalk mailing list
email@hidden
Update your subscriptions at:
The Send Form Action will send ALL the fields in your form. It contains interface elements for special handling of some of the form elements. One of its features is allowing you to configure the form to send the e-mail as if it is coming from the person filling out the form, and it uses those interface elements to allow you to choose the fields that compose the name and the e-mail of the sender. I would urge you not to use that feature in this day and age, though. You have only to look through this mailing list’s archives to see how many times I have explained that your mail server (or your Web server) is probably not going to be able to impersonate a Gmail account successfully, owing to the military-grade anti-spam efforts that are spreading through the Internet.
Walter
On Jul 21, 2019, at 9:35 AM, Steve Gunther email@hidden wrote:
One more question. My current form has multiple fields. But unless I misunderstand something, the Freeway Send Form action only has a few - first and last name, message, supplemental message. My current form has a dozen fields on it. I cant see anywhere where there are instructions as to how to use more fields and the send form will still work…
Ok. I am figuring it out. But although I have reconstructed one of my pages with the SendForm action, here is the error message I get when testing it in my browser:
<?php
global $errorStrings;
global $errors;
// CONFIG
// Redirect pages
$successPage = "clientintakeform2.php"; // Relative path for page to redirect to on success
$errorPage = "../error.html"; // Relative path for page to redirect to on error, error numbers will be in a GET variable
// E-Mail
$recipient = "email@hidden"; // Address to deliver form to
$subject = "Disclosure agreement"; // Subject of the E-Mail
$from = ""; // From address if server requires it or if E-Mail address is optional
$name = ""; // The name of the sender, if required
$useRecipientList = "0"; // Should the recipient be matched against options?
$recipientList = array(
);
// Server
$allowsOtherDomains = TRUE;
// Variables
$input_vars = array(
'termination_agree' => array(
'title' => 'termination_agree',
'required' => '1'
),
'Email' => array(
'title' => 'Email',
'required' => '1',
'type' => 'from',
'filter' => 'email'
)
);
// Error strings
$errorStrings = array(
0 => 'Undefined error',
1 => 'No form submitted',
2 => 'Invalid E-Mail address',
3 => 'E-Mail could not be delivered',
4 => 'sendForm6701', // No real error message for this
);
// FUNCTIONS
// void appendError(int $errorNum [, string $errorString])
// Append error for processing at the end
function appendError($errorNum, $errorString = NULL)
{
global $errorStrings;
global $errors;
global $customErrorNum;
if (!$errors)
$errors = array();
if (!$customErrorNum)
$customErrorNum = 0;
if ($errorNum > 0 && array_key_exists($errorNum, $errorStrings))
$message = $errorStrings[$errorNum];
elseif ($errorString)
$message = $errorString;
else
$message = $errorStrings[0];
if ($errorNum == 0)
{
$errors["c$customErrorNum"] = $message;
$customErrorNum++;
}
else
{
$errors[$errorNum] = $message;
}
}
// PROCESSING
// Input
// Determine if a form has been submitted and whether it was via POST or GET
$input_type = INPUT_POST;
if ($_SERVER['REQUEST_METHOD'] === 'POST')
$input_type = INPUT_POST;
elseif ($_SERVER['REQUEST_METHOD'] === 'GET')
$input_type = INPUT_GET;
else
appendError(1);
// Are we in safe mode?
$safeMode = ini_get('safe_mode');
// safe_mode can be 'On' or true
$safeMode = ($safeMode == 'On' || $safeMode == true);
$recipientId = 0;
// Before we go anywhere, was the form submitted by a human?
if (($input_type == INPUT_POST && !empty($_POST['sendForm6701']) ||
($input_type == INPUT_GET && !empty($_GET['sendForm6701']))))
{
// Probably not
appendError(4);
}
if (!$errors)
{
$firstName = false;
$surname = false;
$parameters = "";
// A form has been submitted, iterate over the expected fields to
// produce a message body
$emailBody = '';
foreach($input_vars as $key => $var)
{
$field = NULL;
if (filter_has_var($input_type, $key) && ($input_type == INPUT_POST ? !empty($_POST[$key]) : !empty($_GET[$key])))
{
// If the field exists and isn't empty, sanitize the contents for security
if (array_key_exists('filter', $var))
{
switch ($var['filter'])
{
case 'email':
$sanitized = filter_input($input_type, $key, FILTER_SANITIZE_EMAIL);
if (filter_input($input_type, $key, FILTER_VALIDATE_EMAIL))
{
$field = $sanitized;
if ($var['type'] == 'recipient')
{
$recipient = $field;
$field = '';
}
elseif ($var['type'] == 'from' && $allowsOtherDomains)
$from = $field;
}
else
appendError(2);
break;
case 'integer':
$sanitized = filter_input($input_type, $key, FILTER_SANITIZE_NUMBER_INT);
if (!empty($sanitized))
{
if ($var['type'] == 'recipient')
$recipientId = $sanitized;
else
$field = $sanitized;
}
break;
default:
$field = filter_input($input_type, $key, FILTER_SANITIZE_MAGIC_QUOTES);
}
}
else
{
$group = filter_input(INPUT_POST, $key, FILTER_SANITIZE_MAGIC_QUOTES, FILTER_REQUIRE_ARRAY);
if(is_Array($group))
{
for($i = 0; $i < count($group); $i++)
{
$field .= "$group[$i]";
if($group[$i+1])
$field .= ", ";
}
if(count($group) > 1)
$field = "[$field]";
}
else
$field = filter_input($input_type, "$key", FILTER_SANITIZE_MAGIC_QUOTES);
}
if ($field && array_key_exists('type', $var))
{
if ($var['type'] == 'firstName')
{
$firstName = $field;
}
elseif ($var['type'] == 'surname')
{
$surname = $field;
}
elseif ($var['type'] == 'subject')
{
$subject = $field;
continue;
}
}
}
elseif (array_key_exists('required', $var) && $var['required'])
{
// The field doesn't exist or is empty but is required
appendError(0, "$key is a required field");
}
if ($field)
{
// Add the field to the message body
$emailBody .= $var['title'] . ": $fieldn";
}
}
}
// Sending
if (!$errors)
{
// If we haven't had any errors up to this point, try to send the E-Mail
if ($firstName || $surname)
{
if ($firstName && $surname)
$name = $firstName . " " . $surname;
elseif ($firstName)
$name = $firstName;
else
$name = $surname;
}
if ($useRecipientList && isset($recipientList))
if (count($recipientList) > $recipientId && $recipientId >= 0)
$recipient = $recipientList[$recipientId];
$headers = 'MIME-Version: 1.0' . "rn" . 'Content-type: text/plain; charset=UTF-8' . "rn";
if ($name)
$fromHeader = "From: "$name" <$from>rn";
else
$fromHeader = "From: $fromrn";
if (!$allowsOtherDomains)
$parameters = "-f$from";
if ($safeMode)
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader);
else
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader, $parameters);
if (!$mailSuccess)
{
// Attempt to send from an address of the same domain as the server
if ($name)
$fromHeader = "From: "$name" rn";
else
$fromHeader = "From: no-reply@" . $_SERVER['HTTP_HOST'] . "rn";
if ($safeMode)
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader);
else
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader, $parameters);
if(!$mailSuccess)
appendError(3);
}
}
// Finishing up
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\');
if ((substr($errorPage, 0, 7) != 'http://') && (substr($errorPage, 0, 8) != 'https://'))
{
if (strpos($errorPage, "/") === 0)
$errorPage = "http://$host$errorPage";
else
$errorPage = "http://$host$uri/$errorPage";
}
if ((substr($successPage, 0, 7) != 'http://') && (substr($successPage, 0, 8) != 'https://'))
{
if (strpos($successPage, "/") === 0)
$successPage = "http://$host$successPage";
else
$successPage = "http://$host$uri/$successPage";
}
// If we have errors but the spam trap error is present, we pretend that we succeeded
if ($errors && !array_key_exists(4, $errors))
{
// We encountered errors so the E-Mail must not have been sent
$errorsUrlString = urlencode(implode(",", $errors));
header("Location: $errorPage?$errorsUrlString");
}
else
{
// E-Mail has been successfully accepted for delivery. This doesn't mean it will reach the
// destination but that is out of our control now so all we can do is hope for the best
header("Location: $successPage");
}
?>
freewaytalk mailing list
email@hidden
Update your subscriptions at:
The content of the form handler is showing up when you test it locally because you aren’t running a PHP server on your Mac. You shouldn’t need to – just pointing out why you see the code in your browser. On your server, I don’t see anything, which is more normal for PHP. The code is hidden to protect your server. It’s not redirecting to one of the exit pages, though. Did you configure it to have a success and failure page? And are those two different pages?
Walter
On Jul 22, 2019, at 6:11 AM, Steve Gunther email@hidden wrote:
Ok. I am figuring it out. But although I have reconstructed one of my pages with the SendForm action, here is the error message I get when testing it in my browser:
<?php
global $errorStrings;
global $errors;
// CONFIG
// Redirect pages
$successPage = "clientintakeform2.php"; // Relative path for page to redirect to on success
$errorPage = "../error.html"; // Relative path for page to redirect to on error, error numbers will be in a GET variable
// E-Mail
$recipient = "email@hidden"; // Address to deliver form to
$subject = "Disclosure agreement"; // Subject of the E-Mail
$from = ""; // From address if server requires it or if E-Mail address is optional
$name = ""; // The name of the sender, if required
$useRecipientList = "0"; // Should the recipient be matched against options?
$recipientList = array(
);
// Server
$allowsOtherDomains = TRUE;
// Variables
$input_vars = array(
'termination_agree' => array(
'title' => 'termination_agree',
'required' => '1'
),
'Email' => array(
'title' => 'Email',
'required' => '1',
'type' => 'from',
'filter' => 'email'
)
);
// Error strings
$errorStrings = array(
0 => 'Undefined error',
1 => 'No form submitted',
2 => 'Invalid E-Mail address',
3 => 'E-Mail could not be delivered',
4 => 'sendForm6701', // No real error message for this
);
// FUNCTIONS
// void appendError(int $errorNum [, string $errorString])
// Append error for processing at the end
function appendError($errorNum, $errorString = NULL)
{
global $errorStrings;
global $errors;
global $customErrorNum;
if (!$errors)
$errors = array();
if (!$customErrorNum)
$customErrorNum = 0;
if ($errorNum > 0 && array_key_exists($errorNum, $errorStrings))
$message = $errorStrings[$errorNum];
elseif ($errorString)
$message = $errorString;
else
$message = $errorStrings[0];
if ($errorNum == 0)
{
$errors["c$customErrorNum"] = $message;
$customErrorNum++;
}
else
{
$errors[$errorNum] = $message;
}
}
// PROCESSING
// Input
// Determine if a form has been submitted and whether it was via POST or GET
$input_type = INPUT_POST;
if ($_SERVER['REQUEST_METHOD'] === 'POST')
$input_type = INPUT_POST;
elseif ($_SERVER['REQUEST_METHOD'] === 'GET')
$input_type = INPUT_GET;
else
appendError(1);
// Are we in safe mode?
$safeMode = ini_get('safe_mode');
// safe_mode can be 'On' or true
$safeMode = ($safeMode == 'On' || $safeMode == true);
$recipientId = 0;
// Before we go anywhere, was the form submitted by a human?
if (($input_type == INPUT_POST && !empty($_POST['sendForm6701']) ||
($input_type == INPUT_GET && !empty($_GET['sendForm6701']))))
{
// Probably not
appendError(4);
}
if (!$errors)
{
$firstName = false;
$surname = false;
$parameters = "";
// A form has been submitted, iterate over the expected fields to
// produce a message body
$emailBody = '';
foreach($input_vars as $key => $var)
{
$field = NULL;
if (filter_has_var($input_type, $key) && ($input_type == INPUT_POST ? !empty($_POST[$key]) : !empty($_GET[$key])))
{
// If the field exists and isn't empty, sanitize the contents for security
if (array_key_exists('filter', $var))
{
switch ($var['filter'])
{
case 'email':
$sanitized = filter_input($input_type, $key, FILTER_SANITIZE_EMAIL);
if (filter_input($input_type, $key, FILTER_VALIDATE_EMAIL))
{
$field = $sanitized;
if ($var['type'] == 'recipient')
{
$recipient = $field;
$field = '';
}
elseif ($var['type'] == 'from' && $allowsOtherDomains)
$from = $field;
}
else
appendError(2);
break;
case 'integer':
$sanitized = filter_input($input_type, $key, FILTER_SANITIZE_NUMBER_INT);
if (!empty($sanitized))
{
if ($var['type'] == 'recipient')
$recipientId = $sanitized;
else
$field = $sanitized;
}
break;
default:
$field = filter_input($input_type, $key, FILTER_SANITIZE_MAGIC_QUOTES);
}
}
else
{
$group = filter_input(INPUT_POST, $key, FILTER_SANITIZE_MAGIC_QUOTES, FILTER_REQUIRE_ARRAY);
if(is_Array($group))
{
for($i = 0; $i < count($group); $i++)
{
$field .= "$group[$i]";
if($group[$i+1])
$field .= ", ";
}
if(count($group) > 1)
$field = "[$field]";
}
else
$field = filter_input($input_type, "$key", FILTER_SANITIZE_MAGIC_QUOTES);
}
if ($field && array_key_exists('type', $var))
{
if ($var['type'] == 'firstName')
{
$firstName = $field;
}
elseif ($var['type'] == 'surname')
{
$surname = $field;
}
elseif ($var['type'] == 'subject')
{
$subject = $field;
continue;
}
}
}
elseif (array_key_exists('required', $var) && $var['required'])
{
// The field doesn't exist or is empty but is required
appendError(0, "$key is a required field");
}
if ($field)
{
// Add the field to the message body
$emailBody .= $var['title'] . ": $fieldn";
}
}
}
// Sending
if (!$errors)
{
// If we haven't had any errors up to this point, try to send the E-Mail
if ($firstName || $surname)
{
if ($firstName && $surname)
$name = $firstName . " " . $surname;
elseif ($firstName)
$name = $firstName;
else
$name = $surname;
}
if ($useRecipientList && isset($recipientList))
if (count($recipientList) > $recipientId && $recipientId >= 0)
$recipient = $recipientList[$recipientId];
$headers = 'MIME-Version: 1.0' . "rn" . 'Content-type: text/plain; charset=UTF-8' . "rn";
if ($name)
$fromHeader = "From: "$name" <$from>rn";
else
$fromHeader = "From: $fromrn";
if (!$allowsOtherDomains)
$parameters = "-f$from";
if ($safeMode)
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader);
else
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader, $parameters);
if (!$mailSuccess)
{
// Attempt to send from an address of the same domain as the server
if ($name)
$fromHeader = "From: "$name" rn";
else
$fromHeader = "From: no-reply@" . $_SERVER['HTTP_HOST'] . "rn";
if ($safeMode)
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader);
else
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader, $parameters);
if(!$mailSuccess)
appendError(3);
}
}
// Finishing up
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\');
if ((substr($errorPage, 0, 7) != 'http://') && (substr($errorPage, 0, 8) != 'https://'))
{
if (strpos($errorPage, "/") === 0)
$errorPage = "http://$host$errorPage";
else
$errorPage = "http://$host$uri/$errorPage";
}
if ((substr($successPage, 0, 7) != 'http://') && (substr($successPage, 0, 8) != 'https://'))
{
if (strpos($successPage, "/") === 0)
$successPage = "http://$host$successPage";
else
$successPage = "http://$host$uri/$successPage";
}
// If we have errors but the spam trap error is present, we pretend that we succeeded
if ($errors && !array_key_exists(4, $errors))
{
// We encountered errors so the E-Mail must not have been sent
$errorsUrlString = urlencode(implode(",", $errors));
header("Location: $errorPage?$errorsUrlString");
}
else
{
// E-Mail has been successfully accepted for delivery. This doesn't mean it will reach the
// destination but that is out of our control now so all we can do is hope for the best
header("Location: $successPage");
}
?>