The Lotus Cars Community banner

1 - 10 of 10 Posts
Q

·
Guest
Joined
·
0 Posts
Discussion Starter #1
I'd like to add a page to my website whereby someone can fill out a form... name, address, e-mail, etc.

I need a simple php script to e-mail a file (attachment) to the supplied address.

I'm relatively new to php, so I need some guidance on how to invoke the script from the site (how to add it to the html code).

Thanks,

Karl
 

·
Registered
Joined
·
2,591 Posts
PHP:
<?php

require 'nav.html';

if ($_POST['isPost'] == 'yes')
{

  if ($_POST['pw'] != 'notmypassword')
  {
    echo "<p>Wrong password!</p>";
    require 'foot.html';
    exit;
  }
  //sanity check
  if (!$_POST['comment'])
  {
    echo "<p>You must make a comment! <a href=\"addcomment.php\">Go and try again.</a></p><p> </p>";
    require 'foot.html';
    exit;
  }
  if (substr_count($comment, "<") > 0)
  {
    echo "<p>HTML tags (i.e. < and >) not allowed!</p>";
    require 'foot.html';
    exit;
  }
  if (substr_count($comment, "@") > 0)
  {
    echo "<p>Email addresses (or any @s) not allowed!</p>";
    require 'foot.html';
    exit;
  }
  if (substr_count($comment, "http") > 0)
  {
    echo "<p>No web addresses allowed!</p>";
    require 'foot.html';
    exit;
  }
  if (strlen($comment) < 20)
  {
    echo "<p>Comments should be at least 20 characters long! Sorry, just battling blog spam.</p>";
    require 'foot.html';
    exit;    
  }
  //Accept the input and prepare to insert into db
  echo "<p>Thank you. If you included an email address in your response, we may get back to you.</p>";
  if (!$_POST['name'])
  { 
    $name = "Anonymous";
  }
  else
  {
    $name = $_POST['name'];
  }
  if (!$_POST['email'])
  {
    $email = "[email protected]";
  }
  else
  {
    $email = $_POST['email'];
  }
  $comment = $_POST['comment'];
  if ($_POST['public'])
  {
    $public = 1;
  }
  else
  {
    $public = 0;
  }
  $date = date("l - M j, Y");

  $formail = "$name\n$date\n$email\n\n$comment\n\n$REMOTE_ADDR";

  //Ok, put it into the database
  $dbh = mysql_connect("localhost", "dbuser", "password") or die ('I cannot connect to the database because: ' . mysql_error());
  mysql_select_db ("austinfo_notes");

  $sql = "INSERT INTO comments
          VALUES (null, \"$name\", \"$email\", \"$comment\", \"$date\", $public);";

  mysql_query ($sql, $dbh);
  mysql_close ($dbh);

  mail ("[email protected]", "Website comment", $formail, "From: $email");
}
else
{
  echo "<p>You can use this form to inquire about reservations, leave feedback about the stay you already enjoyed, or anything else :^) We reserve the right to display comments in our <a href=\"notes.php\" title=\"What our guests have said\">comments section</a>.</p>";
  echo "<table width=\"66%\" align=\"center\">";
  echo "<form action=\"addcomment2.php\" method=\"POST\" name=\"comments\">";
  echo "<tr>";
  echo "<td><label for=\"name\">Your Name:</label></td>";
  echo "<td><input type=\"text\" name=\"name\" maxlength=\"32\" size=\"32\"></td>";
  echo "</tr><tr>";
  echo "<td><label for=\"email\">Password: (will not be abused)</label></td>";
  echo "<td><input type=\"text\" name=\"pw\" maxlength=\"32\" size=\"32\"></td>";
  echo "</tr><tr>";
  echo "<td><label for=\"comment\">Feedback: (required)</label></td>";
  echo "<td><textarea name=\"comment\" rows=\"16\" cols=\"32\"></textarea></td>";
  echo "</tr><tr>";
  echo "<td><label for=\"public\">Intended for Display in Comments:</label></td>";
  echo "<td><input type=\"checkbox\" name=\"public\"></td>";
  echo "</tr><tr>";
  echo "<td colspan=\"2\"><p align=\"center\"><input type=\"submit\" value=\"Submit\"><input type=\"hidden\" name=\"isPost\" value=\"yes\"></p></td>";
  echo "</tr></table></form>";
}
echo "<p> </p>";

require 'foot.html';

?>
 

·
Registered
Joined
·
10,000 Posts
i'd take out that email address too, if its valid, otherwise the spam bots will be all over .

oh and the username/password if its a valid one ;)
 
1 - 10 of 10 Posts
Top