Form Submission Error - form hanlder stuck

Armitage2k · February 16, 2015, 12:19pm

Hi,

I am regularly getting a timeout with my feedback form. Once the user hits submit, it is supposed to call up the form handler which then checks on the content, attachment, etc and then puts it all together into an email which is supposed to be sent to me.

Following symptoms appear:

user presses submit button which causes time-out in the browsers. Both Chrome and IE return “No data” error
I traced the progress step by step and can confirm that the script works accurately until after uploading the attachment to my server.
the error(s) must be somewhere in the handler between connecting to my MySQL database and sending the actual email.
i am suspicious of my as I was playing around with several buttons and actually want to disable the submit button after it is pressed once, as i found many submissions double and triple in my database

I am really at my witts end and have no clue anymore… any help for this newbie would be GREATLY appreciated!!

Thank you,
A2k

HTML submit form:
[php]

<?php include './scripts/MySQL/connect_db.php'; $server = $_SERVER['SERVER_NAME']; ?>

<body>
	<table id="GPA_table" width="100%" bgcolor="#DDD9C4" align="center">
	<p>
		<tr>
			<td bgcolor="#D9D9D9">
				<img src="./images/iclogo_big3.jpg" style="width: 100%"/><br />
				<b><center>GPA</center></b>
			</td>
		</tr>					
		<tr>
			<td>
				<form method="POST" name="Guest Problem Alert" action="<?php echo 'http://' . $server . '/QCI/scripts/GPA/email_parser.php' ?>" enctype="multipart/form-data">
					<div>
						<label for="property"><b>Property:</b></label><br />
							<select name="property" style="width: 100%">
								<option value="DADHA">My Property</option>
							</select>
					</div>
				<br /><hr />
					<div>
						<label for="name">Staff name (*):</label><br />
						<input type="text" name="staff_name" size="30"/>
					</div>
				<br />
					<div>
						<label for="department">Department:</label><br />
							<select name="staff_department" style="width: 100%">
								<option value="blank"> </option>
								<option value="A&G">A&G</option>
							</select
					</div>
				<br /><br />
					<div>
						<label for="problem">Problem (*):</label><br />
						<?php
							//query problems from GPA_problems
							$sql="SELECT PID, Problem FROM GPA_problems"; 
							$result=mysql_query($sql); 
							$options=""; 

							while ($row=mysql_fetch_array($result)) 
							{ 
								$PID=$row["PID"]; 
								$problem=$row["Problem"]; 
								$options.="<OPTION VALUE=\"$PID\">".$problem; 
							} 
						?>
							<SELECT NAME=problem> 
									<OPTION VALUE=0>Select Problem 
									<?=$options?> 
							</SELECT>
					</div>
				<br /><hr />
					<div>
						<label for="gst_name">Guest Name:</label><br />
						<input type="text" name="gst_name" size="30"/>
					</div>
				<br />
					<div>
						<label for="gst_room">Guest Room:</label><br />
						<input type="text" name="gst_room" size="30"/>
					</div>
				<br />
					<div>
						<label for="incident">Incident (*):</label><br />
						<textarea style="width: 100%; height: 150px;" name="incident"></textarea>
					</div>
				<br />
					<div>
						<label for="action">Action taken:</label><br />
						<textarea style="width: 100%; height: 150px;" name="action"></textarea>
					</div>
				<br />
					<div>
						<label for="action">Follow up action (by whom)?:</label><br />
						<textarea style="width: 100%; height: 75px;" name="followup"></textarea>
					</div>
				<br />
					<div>
						<label for="uploaded_file">Attachment <i>(max. filesize 5 MB)</i></label><br />
						<input type="file" name="uploaded_file">
					</div>
				<br />
					<div>
						<label for="gst_temp">Case resolved? (*)</label><br />
							<select name="case_status" style="width: 100%">
								<option value=""> </option>
								<option value="YES">YES</option>
								<option value="NO">NO</option>
							</select>
					</div>
				<br />
					<div align="center">
						<input type="submit" value="Submit"> <input type='reset' value='Reset'>
						<!-- <input type="submit" value="Submit"> <input type='reset' value='Reset'> -->
						<!-- <input type="submit" value="Submit" onclick="this.disabled=true; this.value = 'Wait...'; this.form.submit(); return true;" /> -->						
				</form>
			</td>
		</tr>
		<tr>
			<?php include './scripts/css/GPA_footer.php'; ?>
		</tr>
	</p>
	</table>

</body>

[/php]

form handler
[php]

<?php require("../PHPMailer-master/class.phpmailer.php"); // load the PHPmailer script date_default_timezone_set('Etc/UTC'); // set timezone in PHP.ini,required by SMTP ini_set('display_errors', 'On'); // show all errors $edit_url="http://".$_SERVER['HTTP_HOST']."/QCI/scripts/GPA/edit.php"; // edit.php location and $id value link error_reporting(E_ALL); // VARIABLES HANDED OVER FROM GPA FORM $id = uniqid(); // Unique ID for identification purposes $property = $_POST['property']; // Property Holidex Code $date = date("Y-m-d", strtotime('+7 hours')); // Add 7 hours to date $time = date("H:i:s", strtotime('+7 hours')); // Add 7 hours to time $staff_name = $_POST['staff_name']; // required $staff_department = $_POST['staff_department']; // not required $problem = $_POST['problem']; // required //$priority = $_POST['priority']; // not required - expired $gst_name = $_POST['gst_name']; // not required $gst_room = $_POST['gst_room']; // not required $incident = $_POST['incident']; // required $action = $_POST['action']; // not required $followup = $_POST['followup']; // not required //$gst_temp = $_POST['gst_temp']; // not required - expired $case_status = $_POST['case_status']; // required //$gst_profile = $_POST['gst_profile']; // not required - expired // CHECK IF ALL NECESSARY FIELDS HAVE BEEN FILLED if ($staff_name == "" OR $problem == "" OR $incident == "" OR $case_status == "") { echo "
ERROR
You did not enter a valid Staff Name, Guest Problem, Incident Message or Case Status.

Please [Go Back] and fix this.

"; exit; } // DRAFT EMAIL MESSAGE $email_message = " logo

An alert has been raised:

Item	Details
Property	$property
Date & Time	$date - $time
Staff Name	$staff_name
Staff Department	$staff_department
Problem	$problem
Guest Name	$gst_name
Guest Room	$gst_room
Incident	$incident
Action	$action
Follow up	$followup
Case closed?	$case_status

All OPEN CASES must be followed up within 1 hour from now.

$edit_url?id=$id

Kind regards,

"; // GET UPLOADED FILE INFORMATION $name_of_uploaded_file = basename($_FILES['uploaded_file']['name']); //get the file extension and size of the file $type_of_uploaded_file = substr($name_of_uploaded_file, strrpos($name_of_uploaded_file, '.') + 1); $size_of_uploaded_file = $_FILES["uploaded_file"]["size"]/1024; //size in KBs // UPLOAD SETTINGS $max_allowed_file_size = 5120; // set max file size limit - size in KB $allowed_extensions = array("jpg", "jpeg", "gif", "bmp", "png"); //Validations if($size_of_uploaded_file > $max_allowed_file_size ) { $errors .= "\n Size of file should be less than $max_allowed_file_size"; } //------ Validate the file extension ----- $allowed_ext = false; for($i=0; $iisSMTP(); // Set connection type to SMTP $mail->SMTPDebug = 0; // Enable SMTP debugging, 0 = off (for production use), 1 = client messages, 2 = client and server messages $mail->Debugoutput = 'html'; // Set the output format for SMTP Debug $mail->Host = "mail.server.com"; // Mail Host Server $mail->Port = 25; // SMTP Port (usually 25) $mail->SMTPAuth = true; // Authentication needed? true/false $mail->Username = "username"; // Login Username $mail->Password = "password"; // Login Password $mail->setFrom('[email protected]'); // Sent FROM $mail->addReplyTo('[email protected]'); // Add REPLY-TO address $mail->addAddress('[email protected]'); // Send TO $mail->Subject = $property . ' - Subject line'; $mail->Body = $email_message; $mail->isHTML(TRUE); // HTML body? true/false $mail->AddEmbeddedImage('../../images/iclogo_small3.jpg', 'ic_logo'); $mail->addAttachment($path_of_uploaded_file); // Attachment //send the message, check for errors if (!$mail->send()) { echo "Mailer Error: " . $mail->ErrorInfo; } else { echo " Guest Problem Alert - ERROR
MESSAGE SENT!
Thank you very much for your submission!
"; } ?>

[/php]

ErnieAlex · February 16, 2015, 4:46pm

It might be the last

that you never closed. It might be having issues with closing the form due
to that? Not sure, but, start with that…

Also, in this line: ini_set(‘display_errors’, ‘On’); Do you have “On” set somewhere to be "1’?
To set it to display the errors, the second arg should be ‘1’ not ‘On’…

Lastly, who are you sending the email to? You code says to:

$mail->setFrom('[email protected]'); // Sent FROM $mail->addReplyTo('[email protected]'); // Add REPLY-TO address $mail->addAddress('[email protected]');

Who is [email protected], [email protected] and [email protected] ?????? Are these real addresses? I doubt it. You need to change these to be your correct email addresses. So, it would be your FROM, REPLY-TO and ADDRESS to where you want to send it. I usually set the REPLY-TO to be the ADMIN of the site so when the email is sent, if the person getting that replies it goes to the site's ADMIN.

Bet that is the issue… Fix em up and let us know after that… Hope this helps…

Armitage2k · February 17, 2015, 2:14pm

Thank for the reply ErnieAlex.

What?? [email protected] is NOT a valid email address?? YOU ARE MY HERO!

I am well aware that the variables need to be adjusted, but I am also certain that you guys will sign me up for lots of spam if I post my email addresses here

I closed the

and also find that a was missing a “<” so that should help. Additionally, I changed the ini_set(‘display_errors’, ‘On’) to ini_set(‘display_errors’, ‘1’) but did not return any error message along the way.

Funny side-effect however, right after I fixed this, the handler did not write into my MySQL database anymore, but I found that this was due to me not adding enough columns for all the data in the query. Still, shouldnt PHP return an error if that happens?

It is working for now, but I am wary of my mail server as it seems to have connectivity issues (a landline in my country is being fixed, so there is a high chance of connection errors), but lets see if that changes anything.

Thanks for pointing me in the right direction! Will come back here if it stops working again.

Cheers,
A2k

ErnieAlex · February 17, 2015, 2:52pm

Well, of course you do not want to put your email addresses here…

Normally at those points you dummy them out like ****@somewhere.com Or you make a note so we know
you dummied them out. You would be surprised how many people do enter addresses from a sample code
that they found online.

Now, To you last issue… You do not have any error checking in your queries. Therefore, you will not see
any displayed! Your code:

mysql_query("INSERT INTO `GPA` VALUES ('$id','$property','$date','$time','$staff_name','$staff_department','$problem','PRIORITY','$gst_name','$gst_room','$incident','$action','$followup','GST_TEMP','$case_status','GST_PROFILE','$name_of_uploaded_file')");

Well, this code is badly formed. (A programming term, nothing really bad there! LOL) So, before I explain, you should remember that MySQL is not going to be supported at some time in the future. You should look into how to update to MySQLi as that is the current version. It is easy for your simple SQL commands.

Now, to alter the above to show errors, you can do a quick fix and change it this way:
[php]
mysql_query(“INSERT INTO GPA VALUES (’$id’,’$property’,’$date’,’$time’,’$staff_name’,’$staff_department’,’$problem’,‘PRIORITY’,’$gst_name’,’$gst_room’,’$incident’,’$action’,’$followup’,‘GST_TEMP’,’$case_status’,‘GST_PROFILE’,’$name_of_uploaded_file’)”) or die(“INSERT error! Error updating GPA data, error value=” . mysql_error());
[/php]
As you see, this inserts the data or it dies with the error message. Normally, you would not do it that way,
but, it will work on your site. Note it will die if the error happens. Not really the correct way to do SQL
error-checking. Normally, you would do something loosely like this:
$results=mysql_query(“insert query…”);
if ( !$results ) {
handle your errors here as 0=success >0 is an error… Display a message in the normal page
somehow, usually inside a

tag with red colors and tell the user the insert failed, etc and
send a note to the programmer or admin to tell them a page has an error… Whatever…
}

As you see, this attempts the insert and then tests the results to see if it failed. If so, handle the error…
Hope that helps…

Armitage2k · February 18, 2015, 3:00am

thanks a lot for the feedback. I was looking into your suggestions but am still experiencing the same “No data received” error as before…

MySQL formatting
As suggested, I updated the query format and added your error message. Still, I am wondering if there is (as suggested) an alternative for “die”?
[php]

<?php $result = mysql_query("INSERT INTO `GPA` VALUES ('$id','$property','$date','$time','$staff_name','$staff_department','$problem','PRIORITY','$gst_name','$gst_room','$incident','$action','$followup','GST_TEMP','$case_status','GST_PROFILE','$name_of_uploaded_file')") or die("INSERT error! Error updating GPA data, error value=" . mysql_error()); if (!$result) { die('Invalid query: ' . mysql_error()); } ?>

[/php]

MySQLi
I am reading up on this, but have so far put the following together. Again, the main question of if there is an alternative to “die” remains?
[php]
// MySQLi interaction
//connect to database
$link = new mysqli($dbhost,$dbuser,$dbpass,$dbname);

if($link->connect_errno > 0){
die(‘Unable to connect to database [’ . $link->connect_error . ‘]’);
}

//query
mysqli_query($link,“INSERT INTO ‘GPA’ VALUES(’$id’,’$property’,’$date’,’$time’,’$staff_name’,’$staff_department’,’$problem’,‘PRIORITY’,’$gst_name’,’$gst_room’,’$incident’,’$action’,’$followup’,‘GST_TEMP’,’$case_status’,‘GST_PROFILE’,’$name_of_uploaded_file’)”)
or die(mysqli_error($link));

//close connection
$link->close();
[/php]
Remaining problems
As mentioned, I am still experiencing errors across all browsers, citing a “no data received error”. This seems a little random as it is sometimes working and sometimes not, which is why I am looking into moving my mail server (just a hunch). However, I would appreciate if I could have some feedback particularly on the table and the variable handover as the error has to be somewhere there.

[php]

Property:

DADHA - InterContinental Danang Sun Peninsula

Staff name ():

Department:

A&G
Activity
Engineering
FO - Concierge
FO - Front Desk
FO - GSC
FO - RAM
F&B - Barefoot
F&B - Citron
F&B - La Maison
F&B - Long Bar
F&B - M Club
F&B - Roomservice
Housekeeping
Human Resources
Owner Rep.
QCI
Recreation
Sales & Marketing

Problem ():

<?php
//initiate db connection
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
mysql_select_db($dbname);

							if(! $conn )
							{
							  die('Could not connect: ' . mysql_error());
							}
	
							//query problems from GPA_problems
							$sql="SELECT PID, Problem FROM GPA_problems"; 
							$result=mysql_query($sql); 
							$options=""; 

							while ($row=mysql_fetch_array($result)) 
							{ 
								$PID=$row["PID"]; 
								$problem=$row["Problem"]; 
								$options.="<OPTION VALUE=\"$PID\">".$problem; 
							} 
						?>
							<SELECT NAME=problem> 
									<OPTION VALUE=0>Select Problem 
									<?=$options?> 
							</SELECT>
					</div>
				<br /><hr />
					<div>
						<label for="gst_name">Guest Name:</label><br />
						<input type="text" name="gst_name" size="30"/>
					</div>
				<br />
					<div>
						<label for="gst_room">Guest Room:</label><br />
						<input type="text" name="gst_room" size="30"/>
					</div>
				<br />
					<div>
						<label for="incident">Incident (*):</label><br />
						<textarea style="width: 100%; height: 150px;" name="incident"></textarea>
					</div>
				<br />
					<div>
						<label for="action">Action taken:</label><br />
						<textarea style="width: 100%; height: 150px;" name="action"></textarea>
					</div>
				<br />
					<div>
						<label for="action">Follow up action (by whom)?:</label><br />
						<textarea style="width: 100%; height: 75px;" name="followup"></textarea>
					</div>
				<br />
					<div>
						<label for="uploaded_file">Attachment <i>(max. filesize 5 MB)</i></label><br />
						<input type="file" name="uploaded_file">
					</div>
				<br />
					<div>
						<label for="gst_temp">Case resolved? (*)</label><br />
							<select name="case_status" style="width: 100%">
								<option value=""> </option>
								<option value="YES">YES</option>
								<option value="NO">NO</option>
							</select>
					</div>
				<br />
					<div align="center">
						<input type="submit" value="Submit"> <input type='reset' value='Reset'>
						<!-- <input type="submit" value="Submit"> <input type='reset' value='Reset'> -->
						<!-- <input type="submit" value="Submit" onclick="this.disabled=true; this.value = 'Wait...'; this.form.submit(); return true;" /> -->
					</div>
				</form>

[/php]

Really no idea anymore what going wrong here…

thanks for all the help,
A2k

Armitage2k · February 18, 2015, 3:54am

Ok, as a follow up, I have figured that I can replace most "die"s with “trigger_error”, so that part is fine. What is not fine is that the MySQLi syntax is driving me nuts!!

So just to be correct, MySQLi now needs me to prepare the SQL statement, then bind the parameters before I can actually execute the insert? really?
[php]
//prepare sql query statement
$stmt = mysqli_prepare($mysqli, “INSERT INTO GPA ($id, $property, $date, $time, $staff_name, $staff_department, $problem, $priority, $gst_name, $gst_room, $incident, $action, $followup, $gst_temp, $case_status, $gst_profile, $name_of_uploaded_file) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)”);

	if ($stmt === false) {
	trigger_error('Statement failed! ' . htmlspecialchars(mysqli_error($mysqli)), E_USER_ERROR);
	}
	
	//bind parameters
	$bind = mysqli_stmt_bind_param($stmt, "sssssssssssssssss", $id, $property, $date, $time, $staff_name, $staff_department, $problem, $priority, $gst_name, $gst_room, $incident, $action, $followup, $gst_temp, $case_status, $gst_profile, $name_of_uploaded_file);

	if ($bind === false) {
		trigger_error('Bind param failed!', E_USER_ERROR);
	}

	// execute connection
	$exec = mysqli_stmt_execute($stmt);

	if ($exec === false) {
		trigger_error('Statement execute failed! ' . htmlspecialchars(mysqli_stmt_error($stmt)), E_USER_ERROR);	
	}

[/php]

I dont get it why I suddenly have to use spaceholders “(?)” and apparently my syntax has errors preventing me from writing into the database… Can anyone help telling me what wrong with the below syntax?
[php]
//prepare sql query statement
$stmt = mysqli_prepare($mysqli, “INSERT INTO GPA ($id, $property, $date, $time, $staff_name, $staff_department, $problem, $priority, $gst_name, $gst_room, $incident, $action, $followup, $gst_temp, $case_status, $gst_profile, $name_of_uploaded_file) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)”);[/php]

Thanks a lot!
A2k

ErnieAlex · February 18, 2015, 5:17pm

Armitage2K,
In programming, there is ALWAYS an alternative to EVERYTHING… You just have to find it.

Now, as i said in my previous post. Normally, you do not use DIE(). Instead, you capture the error in
the results variable of the query. Then, if there is an error in the query, you do not process the rest of
the code. At that point instead of dying or killing the page, you just display a warning with the error
message. Usually, something loosely like this will work:
$result = mysqli_query(SQL query…);
if (!$result) {
echo “

”;
echo "Your insert query failed with the following error!
";
echo "Invalid query: " . mysqli_error()) . “
”;
echo "

} else {
echo “Your insert query completed!”;
… Whatever you do if the insert is okay…
}

This is just a sample of how you would handle it. Just off the top of my mind. Not tested and not real code.
Note that what the first part does is stick in a new DIV with a class of error_message so you can add some
fancy styling to it. You can make the background light red and chars white so it all stands out. What will
happen is that it will either display an error message or you put in the rest of your code and it continues
with it. The “trigger_error” is a function of the PHPmailer library, I think. So, how that displays or is used
would be inside the library documentations. I don’t have that at hand, so, not sure, but, would think that
it should work instead of using the

set up I showed to you. but, wanted you to understand how
it would work. Hope that makes sense…

As far as the MySQLi statements, here is a link to a nice tutorial site that should help. Just look at your
code, pick one type of statement, such as “mysqli_stmt_execute”, just grabbed one, and select it on the
left side. Then, review the syntax and make sure your code matches how it is supposed to be set up. Do
any changes to that one type of statement and change all of your references to it to match. Then, go to
the next type of statement. Then, you should be all set. If not, post the lines that are in error and we can
help. http://www.w3schools.com/php/func_mysqli_stmt_init.asp Note: at the bottom of this
tutorial/explaination, you can click on the PHP-MySQLi-Reference link at the bottom of that page and you
will see all of the MySQLi commands on the left side and select the one you want to learn about. Nice
site and simple explainations. Should help you a lot. (Did help me in the past!)

Lastly, “space holders” ??? Well, if you prepare a query and tell the prepare text that you are inserting fields into a table, you tell it ALL of the fields you want to write to. Then, in the actual data where you bind
the variables to the query, you need to make sure you place the same fields in place. You have to use a
“space holder” if you do not have data for one of the fields, you still have to place in a blank data holder
such as just “” or just , … I like to use ,"", so it is more readable. Or, just do not place that fields into
the prepare list.

So, more info… Hope that helps… Let us know what’s next…

Armitage2k · February 19, 2015, 1:33am

Thanks alot for all the explaining, i at last managed to get the codes to run thanks to many tutorials on the web.

For people who are experiencing similar issues though, please note that there are two different approaches in MySqli for querying databases: Object-oriented and Procedural. Main difference is purely is the syntax, so depending on your server configuration you might have to play around with it.

In regards to variable handover, MySQLi does NOT support syntax where the variable are inserted directly. Instead every parameter needs to be bound to the statement before it allows to be written into the db. I find this highly bothersome as it involves more code than MySQL but what can we do…

A working example for everyone below, please note that is OK to write values directly into the database without binding them first.

MySQLi Procedural
[php]

<?php $servername = "localhost"; $username = "username"; $password = "password"; $dbname = "myDB"; // Create connection $conn = mysqli_connect($servername, $username, $password, $dbname); // Check connection if (!$conn) { die("Connection failed: " . mysqli_connect_error()); } $sql = "INSERT INTO MyGuests (firstname, lastname, email) VALUES ('John', 'Doe', '[email protected]')"; if (mysqli_query($conn, $sql)) { echo "New record created successfully"; } else { echo "Error: " . $sql . "
" . mysqli_error($conn); } mysqli_close($conn); ?>[/php]

Hope that helps others as well,

A2k