Uhh ... Help Please!

General PHP Help
#1

Hello … And first … Thank you in advance for any help. I have built a page that has a pretty simple form, or so i thought. I need it to both send the submitted email WITHOUT a client and also trigger a .pdf download upon clicking submit (or in this case “Download Now!”).

My HTML code is as follows:

Your Email:

Now, I have read several different tutorial pages explaining how write .php (in this case I named mine “dbform”) code to make either the email happen or the download happen … but not both when submit is clicked. I have made so many guesses at it that now I am just plain confused. Is there anyone here that wouldn’t mind banging out the code for me real quick with inserts explaining how each section works? I know this is asking a lot … But I intend to use this type of form in the future and I really need to understand what it’s doing so I can manipulate it if need be.

Thanks again for any help!!
LOUDVOX ??? >:( :’(

#2

simple… use this script in the dbform.php (Remember to place this script at the very beginning of the page. no empty spaces before this script or it throws error.)

[php]

<?PHP // Define the path to file $file = 'ryboe_tag_cloud.zip'; // Set headers header("Cache-Control: public"); header("Content-Description: File Transfer"); header("Content-Disposition: attachment; filename=$file"); header("Content-Type: application/zip"); header("Content-Transfer-Encoding: binary"); // Read the file from disk readfile($file); // continue the rest of the php script u want in this dbform.php.. the script that deals with the post data of the form.. ?>

[/php]

#3

Thank you so much for your reply!!! I have been puling my dang hair out over something you would think is so simple.

Anyway, You said to place this at the top page … The purpose of the form is to get the visitors enter their email address in exchange for the file.
Wouldn’t putting the code you just gave me on top of the email function (which i still haven’t figured out either) give priority to that code without validating email syntax? i.e. when they click submit, won’t they get the file without having to enter an email address?

Thanks so much again,
Loudvox

#4

if i understand correctly, ur question is, “what if the email id is invalid? it still ends up giving away file to the user!!”… if this is ur question, u can deal with it in two ways.

  1. validate the email id using javascript before submitting the form. and then it makes sure that u get a valid email id

  2. u can do the email process first before the file sending process. but u have to make sure that email processing doesnt give any kind of output (not even a blank space). here is the reason why; headers functionality throws an error if there is any output before.

now u can choose how to deal with it.

cheers :slight_smile:

#5

Thank you again!!! I got it working perfectly. I still want to add some protection against injection and the like but this will serve the intended purpose in the meantime!! Your site rocks!! Thanks again!!

#6

glad it worked.

Regarding sql injection prevention, u can avoid it by sanitizing the post data before giving them into mysql query. You can do it like following.

$email = mysql_real_escape_string($_POST[‘emailid’]);
$query = myql_query("insert into emails values(’.$email.’…
// do the same for all variables in post / get

instead of doing this…
$query = mysql_query("insert into emails values(’.$_POST[‘emailid’].’…

Also, do not use extract($_POST) function as it is more weak for sql injection attacks.

Hope this info helps u.

P.S. : I am not a part of this site. I am just a user like you. :slight_smile:

Regards,

Sponsor our Newsletter | Privacy Policy | Terms of Service