Thank you both so much for your time! Unfortunately it didn’t solve the problem and I have still no clue what’s causing it… Now I get a sytax error (Parse error: syntax error, unexpected $end in /usr/home/deb22928/domains/dccl.nl/public_html/process_form.php on line 209 - line 209 being the php end line ?>) trying both with and without the # (and text). I’ve now copied the whole php code below, should somebody have time to look at what’s wrong with it. I’m sorry, I feel like a baby but I really appreciate your help with this! Thank you, again, in advance…
http://www.phphelp.com/images/php.png<?php
<?php
include 'config.php';
// set-up redirect page
if($send_back_to_form == "yes") {
$redirect_to = $form_page_name."?done=1";
} else {
$redirect_to = $success_page;
}
if(isset($_POST['enc'])) {
/* THIS IS THE NEW FORM VALIDATION SECTION */
include 'validation.class.php';
/* SET REQUIRED */
$reqobj = new required;
// ADD ALL REQUIRED FIELDS TO VALIDATE!
$reqobj->add("naam","NOT_EMPTY");
$reqobj->add("email","EMAIL");
$reqobj->add("bericht","NOT_EMPTY");
$reqobj->add("answer_out","NUMERIC");
$out = $reqobj->out();
$val = new validate($out, $_POST);
if($val->error) {
$er = $val->error_string;
function error_found($var1, $var2, $var3){
echo "Error: $var1
";
echo "Failure message: $var2
";
echo "Failure Page: $var3
";
}
// check for any human hacking attempts
class clean {
function comments($message) {
$this->naughty = false;
$this->message = $message;
$bad = array("content-type","bcc:","to:","cc:","href");
$for = array( "\r", "\n", "%0a", "%0d");
foreach($bad as $b) {
if(preg_match($b, $this->message)) {
$this->naughty = true;
}
}
$this->message = str_replace($bad,"#removed#", $this->message);
$this->message = stripslashes(str_replace($for, ' ', $this->message));
// check for HTML/Scripts
$length_was = strlen($this->message);
$this->message = strip_tags($this->message);
if(strlen($this->message) < $length_was) {
$this->naughty = true;
}
}
} // class
// function to handle errors
function error_found($mes,$failure_accept_message,$failure_page) {
if($failure_accept_message == "yes") {
$qstring = "?prob=".urlencode(base64_encode($mes));
} else {
$qstring = "";
}
$error_page_url = $failure_page."".$qstring;
header("Location: $error_page_url");
die();
}
/* validate the encrypted strings */
$dec = false;
$valid = false;
$dec = valEncStr(trim($_POST['enc']), $mkMine);
if($dec == true) {
$valid = true;
} else {
$er = "De ingevulde gegevens zijn incorrect.
$dec";
error_found($er,$failure_accept_message,$failure_page);
die();
}
// check the spam question has the correct answer
$ans_one = $_POST['answer_out'];
$fa = new encdec;
$ans_two = $fa->decrypt($_POST['answer_p']);
if($ans_one === $ans_two) {
$valid = true;
} else {
$er ='Uw spam preventie antwoord is incorrect.';
error_found($er,$failure_accept_message,$failure_page);
die();
}
if($valid) {
$email_from = $_POST['email'];
$email_message = "Het volgende bericht is verstuurd op ".date("d-m-Y")." om ".date("H:i")."\n\n";
// loop through all form fields submitted
// ignore all fields used for security measures
foreach($_POST as $field_name => $field_value) {
if($field_name == "answer_out" || $field_name == "answer_p" || $field_name == "enc") {
// do not email these security details
} else {
// run all submitted content through string checker
// removing any dangerous code
$ms = new clean;
$ms->comments($field_value);
$is_naughty = $ms->naughty;
$this_val = $ms->message;
$email_message .= $field_name.": ".$this_val."\n\n";
}
}
if($is_naughty) {
if($accept_suspected_hack == "yes") {
// continue
} else {
// pretend the email was sent
header("Location: $redirect_to");
die();
}
$email_subject = $email_suspected_spam;
}
// create email headers
$headers = 'From: '.$email_from."\r\n" .
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
// send the email
@mail($email_it_to, $email_subject, $email_message, $headers);
// redirect
header("Location: $redirect_to");
die();
}
} else {
extract($_POST);
if(isset($enc)) {
echo "register globals may be on, please switch this setting off (look at php.net for details, specifically the ini_set() function )";
} else {
die('There was an error, please check the form was configured properly.');
}
}
?>