Problems with a form using PHP

I built a website for the pharmacy I work at (www.xyz.com) and wanted to have a form where people could request Rx refills that would be sent to our email address ([email protected]). I used a free PHP formmail code I found online, but I cannot get it to work (when I fill out the form and click send I do get an email, but it is blank. I will include my PHP and HTML. Thanks for any help you can give!!!

Justin

This is the PHP:

// for ultimate security, use this instead of using the form
$recipient = "[email protected]"; // [email protected]

// bcc emails (separate multiples with commas (,))
$bcc = “”;

// referers… domains/ips that you will allow forms to
// reside on.
$referers = array (‘xyz.com’,‘http://www.xyz.com’,‘216.69.185.1’);

// banned emails, these will be email addresses of people
// who are blocked from using the script (requested)
$banlist = array (’*@somedomain.com’, ‘[email protected]’, ‘[email protected]’);

// field / value seperator
define(“SEPARATOR”, ($separator)?$separator:": ");

// content newline
define(“NEWLINE”, ($newline)?$newline:"\n");

// formmail version (for debugging mostly)
define(“VERSION”, “5.0”);

// our mighty error function…
function print_error($reason,$type = 0) {
build_body($title, $bgcolor, $text_color, $link_color, $vlink_color, $alink_color, $style_sheet);
// for missing required data
if ($type == “missing”) {
if ($missing_field_redirect) {
header(“Location: $missing_field_redirect?error=$reason”);
exit;
} else {
?>
The form was not submitted for the following reasons:


    <?
    echo $reason."\n";
    ?>

Please use your browser’s back button to return to the form and try again.<?
}
} else { // every other error
?>
The form was not submitted because of the following reasons:


<?
}
echo “

\n”;
echo “This form is powered by <a href=“http://www.dtheatre.com/scripts/”>Jack’s Formmail.php “.VERSION.”\n\n”;
exit;
}

// function to check the banlist
// suggested by a whole lot of people… Thanks
function check_banlist($banlist, $email) {
if (count($banlist)) {
$allow = true;
foreach($banlist as $banned) {
$temp = explode("@", $banned);
if ($temp[0] == “*”) {
$temp2 = explode("@", $email);
if (trim(strtolower($temp2[1])) == trim(strtolower($temp[1])))
$allow = false;
} else {
if (trim(strtolower($email)) == trim(strtolower($banned)))
$allow = false;
}
}
}
if (!$allow) {
print_error(“You are using from a banned email address.”);
}
}

// function to check the referer for security reasons.
// contributed by some one who’s name got lost… Thanks
// goes out to him any way.
function check_referer($referers) {
if (count($referers)) {
$found = false;

  $temp = explode("/",getenv("HTTP_REFERER"));
  $referer = $temp[2];
  
  if ($referer=="") {$referer = $_SERVER['HTTP_REFERER'];
     list($remove,$stuff)=split('//',$referer,2);
     list($home,$stuff)=split('/',$stuff,2);
     $referer = $home;
  }
  
  for ($x=0; $x < count($referers); $x++) {
     if (eregi ($referers[$x], $referer)) {
        $found = true;
     }
  }
  if ($referer =="")
     $found = false;
  if (!$found){
     print_error("You are coming from an <b>unauthorized domain.</b>");
     error_log("[FormMail.php] Illegal Referer. (".getenv("HTTP_REFERER").")", 0);
  }
     return $found;
  } else {
     return true; // not a good idea, if empty, it will allow it.

}
}
if ($referers)
check_referer($referers);

if ($banlist)
check_banlist($banlist, $email);

// This function takes the sorts, excludes certain keys and
// makes a pretty content string.
function parse_form($array, $sort = “”) {
// build reserved keyword array
$reserved_keys[] = “MAX_FILE_SIZE”;
$reserved_keys[] = “required”;
$reserved_keys[] = “redirect”;
$reserved_keys[] = “require”;
$reserved_keys[] = “path_to_file”;
$reserved_keys[] = “recipient”;
$reserved_keys[] = “subject”;
$reserved_keys[] = “sort”;
$reserved_keys[] = “style_sheet”;
$reserved_keys[] = “bgcolor”;
$reserved_keys[] = “text_color”;
$reserved_keys[] = “link_color”;
$reserved_keys[] = “vlink_color”;
$reserved_keys[] = “alink_color”;
$reserved_keys[] = “title”;
$reserved_keys[] = “missing_fields_redirect”;
$reserved_keys[] = “env_report”;
$reserved_keys[] = “submit”;
if (count($array)) {
if (is_array($sort)) {
foreach ($sort as $field) {
$reserved_violation = 0;
for ($ri=0; $ri<count($reserved_keys); $ri++)
if ($array[$field] == $reserved_keys[$ri]) $reserved_violation = 1;

        if ($reserved_violation != 1) {
           if (is_array($array[$field])) {
              for ($z=0;$z<count($array[$field]);$z++)
                 $content .= $field.SEPARATOR.$array[$field][$z].NEWLINE;
           } else
              $content .= $field.SEPARATOR.$array[$field].NEWLINE;
        }
     }
  }
  while (list($key, $val) = each($array)) {
     $reserved_violation = 0;
     for ($ri=0; $ri<count($reserved_keys); $ri++)
        if ($key == $reserved_keys[$ri]) $reserved_violation = 1;

     for ($ri=0; $ri<count($sort); $ri++)
        if ($key == $sort[$ri]) $reserved_violation = 1;

     // prepare content
     if ($reserved_violation != 1) {
        if (is_array($val)) {
           for ($z=0;$z<count($val);$z++)
              $content .= $key.SEPARATOR.$val[$z].NEWLINE;
        } else
           $content .= $key.SEPARATOR.$val.NEWLINE;
     }
  }

}
return $content;
}

// mail the content we figure out in the following steps
function mail_it($content, $subject, $email, $recipient) {
global $attachment_chunk, $attachment_name, $attachment_type, $attachment_sent, $bcc;

$ob = “----=_OuterBoundary_000”;
$ib = “----=_InnerBoundery_001”;

$headers = “MIME-Version: 1.0\r\n”;
$headers .= “From: “.$email.”\n”;
$headers .= “To: “.$recipient.”\n”;
$headers .= “Reply-To: “.$email.”\n”;
if ($bcc) $headers .= “Bcc: “.$bcc.”\n”;
$headers .= “X-Priority: 1\n”;
$headers .= “X-Mailer: DT Formmail”.VERSION."\n";
$headers .= “Content-Type: multipart/mixed;\n\tboundary=”".$ob.""\n";

$message = “This is a multi-part message in MIME format.\n”;
$message .= “\n–”.$ob."\n";
$message .= “Content-Type: multipart/alternative;\n\tboundary=”".$ib.""\n\n";
$message .= “\n–”.$ib."\n";
$message .= “Content-Type: text/plain;\n\tcharset=“iso-8859-1”\n”;
$message .= “Content-Transfer-Encoding: quoted-printable\n\n”;
$message .= $content."\n\n";
$message .= “\n–”.$ib."–\n";
if ($attachment_name && !$attachment_sent) {
$message .= “\n–”.$ob."\n";
$message .= “Content-Type: $attachment_type;\n\tname=”".$attachment_name.""\n";
$message .= “Content-Transfer-Encoding: base64\n”;
$message .= “Content-Disposition: attachment;\n\tfilename=”".$attachment_name.""\n\n";
$message .= $attachment_chunk;
$message .= “\n\n”;
$attachment_sent = 1;
}
$message .= “\n–”.$ob."–\n";

mail($recipient, $subject, $message, $headers);
}

// take in the body building arguments and build the body tag for page display
function build_body($title, $bgcolor, $text_color, $link_color, $vlink_color, $alink_color, $style_sheet) {
if ($style_sheet)
echo “<LINK rel=STYLESHEET href=”$style_sheet" Type=“text/css”>\n";
if ($title)
echo “$title\n”;
if (!$bgcolor)
$bgcolor = “#FFFFFF”;
if (!$text_color)
$text_color = “#000000”;
if (!$link_color)
$link_color = “#0000FF”;
if (!$vlink_color)
$vlink_color = “#FF0000”;
if (!$alink_color)
$alink_color = “#000088”;
if ($background)
$background = “background=”$background"";
echo “<body bgcolor=”$bgcolor" text="$text_color" link="$link_color" vlink="$vlink_color" alink="$alink_color" $background>\n\n";
}

// check for a recipient email address and check the validity of it
// Thanks to Bradley miller ([email protected]) for pointing
// out the need for multiple recipient checking and providing the code.
$recipient_in = split(’,’,$recipient);
for ($i=0;$i<count($recipient_in);$i++) {
$recipient_to_test = trim($recipient_in[$i]);
if (!eregi("^[_\.0-9a-z-][email protected]([0-9a-z][0-9a-z-]+\.)+[a-z]{2,6}$", $recipient_to_test)) {
print_error(“I NEED VALID RECIPIENT EMAIL ADDRESS ($recipient_to_test) TO CONTINUE”);
}
}

// This is because I originally had it require but too many people
// were used to Matt’s Formmail.pl which used required instead.
if ($required)
$require = $required;
// handle the required fields
if ($require) {
// seperate at the commas
$require = ereg_replace( " +", “”, $require);
$required = split(",",$require);
for ($i=0;$i<count($required);$i++) {
$string = trim($required[$i]);
// check if they exsist
if((!(${$string})) || (!(${$string}))) {
// if the missing_fields_redirect option is on: redirect them
if ($missing_fields_redirect) {
header (“Location: $missing_fields_redirect”);
exit;
}
$require;
$missing_field_list .= “Missing: $required[$i]
\n”;
}
}
// send error to our mighty error function
if ($missing_field_list)
print_error($missing_field_list,“missing”);
}

// check the email fields for validity
if (($email) || ($EMAIL)) {
$email = trim($email);
if ($EMAIL) $email = trim($EMAIL);
if (!eregi("^[_.0-9a-z-][email protected]([0-9a-z][0-9a-z-]+.)+[a-z]{2,6}$", $email))
print_error(“your email address is invalid”);
$EMAIL = $email;
}

// check zipcodes for validity
if (($ZIP_CODE) || ($zip_code)) {
$zip_code = trim($zip_code);
if ($ZIP_CODE) $zip_code = trim($ZIP_CODE);
if (!ereg("(^[0-9]{5})-([0-9]{4}$)", trim($zip_code)) && (!ereg("^[a-zA-Z][0-9][a-zA-Z][[:space:]][0-9][a-zA-Z][0-9]$", trim($zip_code))) && (!ereg("(^[0-9]{5})", trim($zip_code))))
print_error(“your zip/postal code is invalid”);
}

// check phone for validity
if (($PHONE_NO) || ($phone_no)) {
$phone_no = trim($phone_no);
if ($PHONE_NO) $phone_no = trim($PHONE_NO);
if (!ereg("(^(.)[0-9]{3})(.)([0-9]{3})(.*)([0-9]{4}$)", $phone_no))
print_error(“your phone number is invalid”);
}

// check phone for validity
if (($FAX_NO) || ($fax_no)) {
$fax_no = trim($fax_no);
if ($FAX_NO) $fax_no = trim($FAX_NO);
if (!ereg("(^(.)[0-9]{3})(.)([0-9]{3})(.*)([0-9]{4}$)", $fax_no))
print_error(“your fax number is invalid”);
}

// sort alphabetic or prepare an order
if ($sort == “alphabetic”) {
uksort($HTTP_POST_VARS, “strnatcasecmp”);
} elseif ((ereg(’^order:.,.’, $sort)) && ($list = explode(’,’, ereg_replace(’^order:’, ‘’, $sort)))) {
$sort = $list;
}

// prepare the content
$content = parse_form($HTTP_POST_VARS, $sort);

// check for an attachment if there is a file upload it
if ($attachment_name) {
if ($attachment_size > 0) {
if (!$attachment_type) $attachment_type = “application/unknown”;
$content .= “Attached File: “.$attachment_name.”\n”;
$fp = fopen($attachment, “r”);
$attachment_chunk = fread($fp, filesize($attachment));
$attachment_chunk = base64_encode($attachment_chunk);
$attachment_chunk = chunk_split($attachment_chunk);
}
}

// check for a file if there is a file upload it
if ($file_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$file_name;
if (file_exists($path_to_file.$file_name))
$location = $path_to_file.rand(1000,3000).".".$file_name;
copy($file,$location);
unlink($file);
$content .= “Uploaded File: “.$location.”\n”;
}
}

// second file (see manual for instructions on how to add more.)
if ($file2_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$file2_name;
if (file_exists($path_to_file.$file2_name))
$location = $path_to_file.rand(1000,3000).".".$file2_name;
copy($file2,$location);
unlink($file2);
$content .= “Uploaded File: “.$location.”\n”;
}
}

// if the env_report option is on: get eviromental variables
if ($env_report) {
$env_report = ereg_replace( " +", “”, $env_report);
$env_reports = split(",",$env_report);
$content .= “\n------ eviromental variables ------\n”;
for ($i=0;$i<count($env_reports);$i++) {
$string = trim($env_reports[$i]);
if ($env_reports[$i] == “REMOTE_HOST”)
$content .= “REMOTE HOST: “.$REMOTE_HOST.”\n”;
if ($env_reports[$i] == “REMOTE_USER”)
$content .= “REMOTE USER: “. $REMOTE_USER.”\n”;
if ($env_reports[$i] == “REMOTE_ADDR”)
$content .= “REMOTE ADDR: “. $REMOTE_ADDR.”\n”;
if ($env_reports[$i] == “HTTP_USER_AGENT”)
$content .= “BROWSER: “. $HTTP_USER_AGENT.”\n”;
}
}

// send it off
mail_it(stripslashes($content), ($subject)?stripslashes($subject):“Form Submission”, $email, $recipient);
if (file_exists($ar_file)) {
$fd = fopen($ar_file, “rb”);
$ar_message = fread($fd, filesize($ar_file));
fclose($fd);
mail_it($ar_message, ($ar_subject)?stripslashes($ar_subject):“RE: Form Submission”, ($ar_from)?$ar_from:$recipient, $email);
}

// if the redirect option is set: redirect them
if ($redirect) {
header(“Location: $redirect”);
exit;
} else {
echo “Thank you for your submission\n”;
echo “

\n”;
echo “\n\n”;
exit;
}

This is the HTML:

Prescription Refill Request #form_container { background: #e2eff3;font-family: arial; color: #144c5f; font-size: 13px; font-weight:bold;letter-spacing: 0.0005em; line-height: 1.15em; overflow:auto; margin-top:0px;} body { background:; color: #000; font: normal normal 12px Verdana, Geneva, Arial, Helvetica, sans-serif; margin: 0px; padding: 0} table, td, a { color: #000; font: normal normal 12px Verdana, Geneva, Arial, Helvetica, sans-serif} div.tableContainer { clear: both; border:; height: 303px; overflow: auto; width: 640px} html>body div.tableContainer { overflow: hidden; width: 640px} div.tableContainer table { float: left; width: 620px} html>body div.tableContainer table { width: 640px} html>body tbody.scrollContent { display: block; height: 303px; overflow-x: hidden; overflow-y: auto; width: 100%} tbody.scrollContent tr.alternateRow td { background: blue; border-bottom: none; border-left: none; border-right: 1px solid #CCC; border-top: 1px solid #DDD; padding: 2px 3px 3px 4px} html>body tbody.scrollContent td {width: 639px} html>body tbody.scrollContent td {width: 639px}
<div id="form_container"> 

	<form id="form_11071" class="appnitro"  method="post" action=""> 
				<div class="form_description"> 

Prescription Refill Request

Beat the rush, and send us a list of your prescriptions to be filled in advance.
(Press "tab" to continue down the form)

				<li id="li_1" > 
	<label class="description" for="element_1">Name </label> 
	<span> 
		<input id="element_1_1" name="element_1_1" class="element text" maxlength="255" size="8" value=""/> 
		<label>First</label> 
	</span> 
	<span> 
		<input id="element_1_2" name= "element_1_2" class="element text" maxlength="255" size="14" value=""/> 
		<label>Last</label> 
	</span> 
	</li>		<li id="li_2" > 
	<label class="description" for="element_2">Phone Number (optional) </label> 
	<div> 
		<input id="element_2" name="phone_no" class="element text medium" type="text" maxlength="255" value=""/> 
	</div> 
	</li>		<li id="li_9" > 
	<label class="description" for="element_9"> </label> 
	<span> 
		<input id="element_9_1" name="element_9_1" class="element checkbox" type="checkbox" value="1" /> 

Check if you’d like to be notified when your Rx(s) have been filled.

	</span> 
	</li>		<li id="li_3" > 
	<label class="description" for="element_3">Prescription 1 </label> 
	<div> 
		<input id="element_3" name="email" class="element text small" type="text" maxlength="255" value=""/> 
	</div> 
	</li>		<li id="li_4" > 
	<label class="description" for="element_4">Prescription 2 </label> 
	<div> 
		<input id="element_4" name="element_4" class="element text small" type="text" maxlength="255" value=""/> 
	</div> 
	</li>		<li id="li_7" > 
	<label class="description" for="element_7">Prescription 3 </label> 
	<div> 
		<input id="element_7" name="element_7" class="element text small" type="text" maxlength="255" value=""/> 
	</div> 
	</li>		<li id="li_6" > 
	<label class="description" for="element_6">Prescription 4 </label> 
	<div> 
		<input id="element_6" name="element_6" class="element text small" type="text" maxlength="255" value=""/> 
	</div> 
	</li>		<li id="li_5" > 
	<label class="description" for="element_5">Prescription 5 </label> 
	<div> 
		<input id="element_5" name="element_5" class="element text small" type="text" maxlength="255" value=""/> 
	</div> 
	</li>		<li id="li_8" > 
	<label class="description" for="element_8">Prescription 6 </label> 
	<div> 
		<input id="element_8" name="element_8" class="element text small" type="text" maxlength="255" value=""/> 
	</div> 
	</li> 
		
				<li class="buttons"> 
		    <input type="hidden" name="form_id" value="11071" /> 
		    
			<input type="submit"><input type="reset">
	</li> 
		</ul> 
	</form>	
	
</div> 
</body> 

Help! Someone! Anyone! PLEASSSE

Hi. You posted a lot of code here. If you are receiving email from your form, but it is blank, you need to debug to find what is wrong. In your code you seem rely on register_globals = On. Check if this option is On in your php.ini (but need to mention, this is deprecated practice).

Hey, thanks for your suggestion. it was set to off, and I changed it to on, but still no luck. Any other ideas I might try? Thanks again for your help!

Justin

Sponsor our Newsletter | Privacy Policy | Terms of Service