I created this site http://www.leadertours.ca and the client wanted me to create a submission form and paste into the existing contact form. I used the tutorial from css-tricks # 62, and changed and removed a fews things.
1. I had the existing contact.html which I re-saved as a php and added a code <?php include('contactform.php'); ?> to included the php form that i changed from the downloaded files from css-tricks # 62.
2. I posted to see if it works it doesn't so i placed it online http://www.leadertours.ca/contact.php.
3rd Problem is that I have i dont know where to put the js stuff into re-saved contact.html to php. What do I do with that. So the stylized, and the validation is included. I have no clue how to go about it.
Please help, this client needs by this weekend I already emailed Chris but I though to take two measures to fix this issue. And I tried to figure it out on my own.
Please find the
Code: contactform.php attached which is the one i re-named (from the downloaded files from css tricks)
<?php
session_start();
function getRealIp() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { //check ip from share internet $ip=$_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { //to check ip is pass from proxy $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip=$_SERVER['REMOTE_ADDR']; } return $ip; }
function writeLog($where) {
$ip = getRealIp(); // Get the IP from superglobal $host = gethostbyaddr($ip); // Try to locate the host of the attack $date = date(\"d M Y\");
// create a logging message with php heredoc syntax $logging = <<<LOG \n << Start of Message >> There was a hacking attempt on your form. \n Date of Attack: {$date} IP-Adress: {$ip} \n Host of Attacker: {$host} Point of Attack: {$where} << End of Message >> LOG; // Awkward but LOG must be flush left
// open log file if($handle = fopen('hacklog.log', 'a')) {
fputs($handle, $logging); // write the Data to file fclose($handle); // close the file
} else { // if first method is not working, for example because of wrong file permissions, email the data
// check if a session is started and a token is transmitted, if not return an error if(!isset($_SESSION[$form.'_token'])) { return false; }
// check if the form is sent with token in it if(!isset($_POST['token'])) { return false; }
// compare the tokens against each other if they are still the same if ($_SESSION[$form.'_token'] !== $_POST['token']) { return false; }
return true; }
function generateFormToken($form) {
// generate a token from an unique value, took from microtime, you can also use salt-values, other crypting methods... $token = md5(uniqid(microtime(), true));
// Write the generated token to the session variable to check it against the hidden field when the form is sent $_SESSION[$form.'_token'] = $token;
return $token; }
// VERIFY LEGITIMACY OF TOKEN if (verifyFormToken('form1')) {
// CHECK TO SEE IF THIS IS A MAIL POST if (isset($_POST['URL-main'])) {
// Building a whitelist array with keys which will send through the form, no others would be accepted later on $whitelist = array('token','req-name','req-email','typeOfChange','urgency','URL-main','addURLS', 'curText', 'newText', 'save-stuff', 'mult');
// Building an array with the $_POST-superglobal foreach ($_POST as $key=>$item) {
// Check if the value $key (fieldname from $_POST) can be found in the whitelisting array, if not, die with a short message to the hacker if (!in_array($key, $whitelist)) {
writeLog('Unknown form fields'); die(\"Hack-Attempt detected. Please use only the fields in the form\");
} }
// Lets check the URL whether it's a real URL or not. if not, stop the script
Tour Packages, Airfare, Accommodation, Tours, Sightseeing, whatever you need, we have the travel options available to suit your needs and budget. We are able to organize and personalize your Group Travel!
Local destination knowledge and itinerary planning can really make a difference between an ordinary holiday and a fantastic holiday!</h6></p>
[color=#FF0000][b]<?php include('contactform.php'); ?> [/b][/color] <p><h6>Our experienced and knowledgeable Group Travel Specialist Agents are able to assist you and enhance your holiday experience to the absolute maximum!</h6>
<p> <h7>Call today and discuss your Group Travel Plans. </h7><h1> 1-888-485-6589</h1> </p>
<p><h6><a href=\"mailto:enquired@leadertours.ca\">EMAIL US</a> – where you would like to travel on a GROUP Tour, we will see <br /> what can be arranged. </p></h6> </div> <!-- END left-col -->
Firstly, go to you contact us php file which is online, view the page source... Its missing loads compared to the code that you pasted here. Secondly what is this,
so i tried to put the site back up , but the same things is happening with it again, it stops showing code past this code
<?php include('contactform.php'); ?> i just move lower. So something lies with the php contact form. What about my validation and js query code? What am I doing wrong? Is there another submission I can create that will work simple and effectively?
Here is the site again. http://www.leadertours.ca/contact.php and the problem is that my contactform.php which included in the contact.php is not showing up? What do I do? Please help.
Tour Packages, Airfare, Accommodation, Tours, Sightseeing, whatever you need, we have the travel options available to suit your needs and budget. We are able to organize and personalize your Group Travel!
Local destination knowledge and itinerary planning can really make a difference between an ordinary holiday and a fantastic holiday!</h6></p>
<p><h6>Our experienced and knowledgeable Group Travel Specialist Agents are able to assist you and enhance your holiday experience to the absolute maximum!</h6>
<p> <h7>Call today and discuss your Group Travel Plans. </h7><h1> 1-888-485-6589</h1> </p>
<p><h6><a href=\"mailto:enquired@leadertours.ca\">EMAIL US</a> – where you would like to travel on a GROUP Tour, we will see <br /> what can be arranged. </p></h6> </div> <!-- END left-col -->
[b]the php ( include contact form should be here) but its not and the page code cuts off, because I have end page wrap, end body and it cuts off???)[/b]
I created this site http://www.leadertours.ca and the client wanted me to create a submission form and paste into the existing contact form. I used the tutorial from css-tricks # 62, and changed and removed a fews things.
1. I had the existing contact.html which I re-saved as a php and added a code <?php include('contactform.php'); ?>
to included the php form that i changed from the downloaded files from css-tricks # 62.
2. I posted to see if it works it doesn't so i placed it online http://www.leadertours.ca/contact.php.
3rd Problem is that I have i dont know where to put the js stuff into re-saved contact.html to php. What do I do with that.
So the stylized, and the validation is included. I have no clue how to go about it.
Please help, this client needs by this weekend I already emailed Chris but I though to take two measures to fix this issue.
And I tried to figure it out on my own.
Please find the
Code: contactform.php attached which is the one i re-named (from the downloaded files from css tricks)
Contact.php (which is the one that used to be html which I re-saved)
JS stuff I left the same.
Please help me and tell me what is wrong!
THANKS IN ADVANCE!!
RACHEL
Secondly what is this,
[color=#FF0000][b]<?php include('contactform.php'); ?>[/b][/color]
Should it not just be
<?php include('contactform.php'); ?>Also, i might be wrong but i am sure that these bits of code,
should be inside the <head> tags, not outside.
so i tried to put the site back up , but the same things is happening with it again, it stops showing code past this code
<?php include('contactform.php'); ?> i just move lower. So something lies with the php contact form. What about my validation and js query code? What am I doing wrong? Is there another submission I can create that will work simple and effectively?
Here is the site again. http://www.leadertours.ca/contact.php and the problem is that my contactform.php which included in the contact.php is not showing up? What do I do? Please help.
$headers = "From: 'rachellambo@gmail.com' ;
should be
$headers = "From: 'rachellambo@gmail.com' ";
see if that helps :)