03-12-10, 03:20 PM
|
|
Aspiring Coder
|
|
Join Date: Mar 2009
Location: North Carolina, USA
Posts: 516
Thanks: 5
Thanked 47 Times in 44 Posts
|
|
I think WireHopper is right.
But,
PHP Code:
<?php
//don't really need the next line as you are not using sessions.
session_start();
$name = (isset($_SESSION['name'])) ? $_SESSION['name'] : NULL;
$name = (isset($_POST['name'])) ? $_POST['name'] : $name;
$other = (isset($_SESSION['other'])) ? $_SESSION['other'] : NULL;
$other = (isset($_POST['other'])) ? strip_tags($_POST['other']) : $other;
$mainquestion = (isset($_SESSION['mainquestion'])) ? $_SESSION['mainquestion'] : NULL;
$mainquestion = (isset($_POST['mainquestion'])) ? $_POST['mainquestion'] : $mainquestion;
$today=time();
$today=date("Y-m-d",$today);
$ip=$_SERVER["REMOTE_ADDR"];
$root=$_SERVER["DOCUMENT_ROOT"];
If ($name == NULL) {
include("$root/cn/letters/salesletter.html");
exit;
}
$_SESSION['name'] = $name;
$_SESSION['other'] = $other;
$_SESSION['mainquestion'] = $mainquestion;
if(empty($other)) {
$fieldname="other"; //I do not know what fieldname is, as it isn't passed or declared.
$mainquestion="other";
}
//REPLACE THE "CASE" STRING WITH THE NAME OF YOUR SCRIPTS.
//switch is used for sanitation so someone cannot access files they are not suppose to.
/* SWITCH SANITATION
* pass variable $mainquestion
* if the variable matches a case,
* That block of code will run.
* If it doesn't match a case,
* Then the default block of code will
* run.
*/
switch($mainquestion) {
case 'business':
$file = 'business.html';
break;
case 'products':
$file = 'products.html';
break;
case 'affiliates':
$file = 'affiliates.html';
break;
default:
$file = 'other.html';
}
$input = file_get_contents("$root/cn/letters/$file");
echo str_replace("[name]", $name, $input);
include("$root/cn/settings.inc.php");
dbconnect();
if($mainquestion != NULL) {
$sql="INSERT INTO `isl_statistics` (`campid`,`optionname`,`fieldname`,`date`,`IP`) Values ('1','$mainquestion','mainquestion','$today','$ip')";
$result=mysql_query($sql);
$length=strlen($other);
if($length > 0)
{
$sql2="INSERT INTO `isl_othertrack` (`campid`,`optionname`,`userresponse`) Values ('1','mainquestion','$other')";
$result2=mysql_query($sql2);
}
$allotherwords=explode(" ",$other);
$allwordcount=count($allotherwords);
if($allwordcount > 0) {
$sql = 'INSERT INTO `isl_allwords`(`campid`,`word`) VALUES ';
for($x = 0; $x <= $allwordcount; $x++) {
$thisvalue = $allotherwords[$x];
$values[] = "('1','$thisvalue')";
}
$value = implode(',',$values);
$result3=mysql_query($sql.$value);
}
}
?>
I'm wondering how you are sending the $_POST variables from the perl script, or if you are.
I would set the action on the form to my php script, and then use the page like this:
*Note* email validation done with php-email-address-validation - Project Hosting on Google Code
PHP Code:
<?php
//don't really need the next line as you are not using sessions.
session_start();
$name = (isset($_SESSION['name'])) ? $_SESSION['name'] : NULL;
$name = (isset($_POST['name'])) ? $_POST['name'] : $name;
$from = (isset($_POST['from'])) ? $_POST['from'] : NULL;
$other = (isset($_SESSION['other'])) ? $_SESSION['other'] : NULL;
$other = (isset($_POST['other'])) ? strip_tags($_POST['other']) : $other;
$mainquestion = (isset($_SESSION['mainquestion'])) ? $_SESSION['mainquestion'] : NULL;
$mainquestion = (isset($_POST['mainquestion'])) ? $_POST['mainquestion'] : $mainquestion;
$today=time();
$today=date("Y-m-d",$today);
$ip=$_SERVER["REMOTE_ADDR"];
$root=$_SERVER["DOCUMENT_ROOT"];
If ($name == NULL) {
include("$root/cn/letters/salesletter.html");
exit;
}
$_SESSION['name'] = $name;
$_SESSION['other'] = $other;
$_SESSION['mainquestion'] = $mainquestion;
if(empty($other)) {
$fieldname="other"; //I do not know what fieldname is, as it isn't passed or declared.
$mainquestion="other";
}
include('validator.php');
$mail = new EmailAddressValidator;
$subject = 'Thanks for your request.';
$message = 'This is the message to be sent in the email.';
$email = $from;
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From:Wbste <publicrelations@mysite.com>'. "\r\n";
if($mail->check_email_address($email)) {
if(mail($email,$subject,$message,$headers)) echo "Mail sent to $email!";
else echo "Mail sent to $email failed!";
}
else {
echo 'You did not specify a valid email address.';
}
//REPLACE THE "CASE" STRING WITH THE NAME OF YOUR SCRIPTS.
//switch is used for sanitation so someone cannot access files they are not suppose to.
/* SWITCH SANITATION
* pass variable $mainquestion
* if the variable matches a case,
* That block of code will run.
* If it doesn't match a case,
* Then the default block of code will
* run.
*/
switch($mainquestion) {
case 'business':
$file = 'business.html';
break;
case 'products':
$file = 'products.html';
break;
case 'affiliates':
$file = 'affiliates.html';
break;
default:
$file = 'other.html';
}
$input = file_get_contents("$root/cn/letters/$file");
echo str_replace("[name]", $name, $input);
include("$root/cn/settings.inc.php");
dbconnect();
if($mainquestion != NULL) {
$sql="INSERT INTO `isl_statistics` (`campid`,`optionname`,`fieldname`,`date`,`IP`) Values ('1','$mainquestion','mainquestion','$today','$ip')";
$result=mysql_query($sql);
$length=strlen($other);
if($length > 0)
{
$sql2="INSERT INTO `isl_othertrack` (`campid`,`optionname`,`userresponse`) Values ('1','mainquestion','$other')";
$result2=mysql_query($sql2);
}
$allotherwords=explode(" ",$other);
$allwordcount=count($allotherwords);
if($allwordcount > 0) {
$sql = 'INSERT INTO `isl_allwords`(`campid`,`word`) VALUES ';
for($x = 0; $x <= $allwordcount; $x++) {
$thisvalue = $allotherwords[$x];
$values[] = "('1','$thisvalue')";
}
$value = implode(',',$values);
$result3=mysql_query($sql.$value);
}
}
?>
|