This is my first experience with PHP... I was given a site to put a contact form on this morning and I don't have any access to the server etc so this is somewhat difficult, plus I know nothing of PHP...
So I decided to try DBFormmailer since it looked like the "easiest" one I could find via my google search.
The form data gets set to my email address just fine, but I get a lot of errors after hitting the submit button. I would appreciate it if you could give it a try and perhaps clue me in on what the errors mean... from my reading of the errors it seems I can't really do much unless I have access to the server?
The test form is erdkampconstruction.com/form.php

Thanks

The messages are simply warnings of sloppy PHP coding. Errors should not be displayed to the user anyway, but most hosts get this wrong. Add the following to the top of the PHP to hide the messages:

ini_set('display_errors',false);

The messages are simply warnings of sloppy PHP coding. Errors should not be displayed to the user anyway, but most hosts get this wrong. Add the following to the top of the PHP to hide the messages:

ini_set('display_errors',false);
WOW... I wouldn't have thought that dbmailer has sloppy code, since I've seen it mentioned in a number of forums as the "preferred" method to use.
In the meantime I found another application to use that doesn't give any errors and seems to work... not the optimal application however.
erdkampconstruction.com/contact-erdkamp-construction-company.htm
Thanks for your reply and I'll see what I can do about suppressing the errors to the user with dbform mailer

FWIW, I've tried it and ran into an issue (couldn't reply to mails sent by the form) and the guy who made the program couldn't solve it. [http://www.dbmasters.net/forum.php?id=3&tid=914 ]

I downloaded this script (http://www.arkie.net/~scripts/mailme/view_enhanced_source.php) and modified it to suit my needs.

I've never seen it spit back errors, for what it's worth. Guys, I'm intimately familiar with the software. I've even done some HEAVY modifying to turn it into various things, like a quote generator, and I've added my own post data to the existing application. If you guys could post a text version of your scripts, give me links (you can do it via PM) and I'll see what I can find.

Thanks for looking into this, Paul.
The issue I have ( as described in the dbmasters forum : http://www.dbmasters.net/forum.php?id=3&tid=914 )is still there.

Like I wrote in that thread, I only changed the "To" address ( $tomail[0]="me@myserver.com"; ) in the original script. The script works fine but since the email address of the sender is not being copied to the from field in the email, hitting reply won't work.

When the author gave up on my issue, I gave up on the script and moved on. If you can solve it that would be great!

Could you post your config[0] settings here? Without email addresses, of course. There may be a piece of information missing that would make a difference, but I would need to see your settings so I know the names of your form elements and how you have them filled in.

Mornin' Paul,,
Here are the settings - like I wrote before, I only put in my email address.:


$charset[0]="iso-8859-1";
$tomail[0]="me@myserver.com";
$cc_tomail[0]="";
$bcc_tomail[0]="";
// Mail contents config
$subject[0]="Subject of Email";
$reply_to_field[0]="Email";
$reply_to_name[0]="Name";
$required_fields[0]="Name,Comments";
$required_email_fields[0]="Email";
$attachment_fields[0]="";
$return_ip[0]="yes";
$mail_intro[0]="The following are form results from your web site:";
$mail_fields[0]="Name,Email,Comments";
$mail_type[0]="text";
$mail_priority[0]="1";
$allow_html[0]="no";
// Send back to sender config
$send_copy[0]="no";
$send_copy_format[0]="vert_table";
$send_copy_fields[0]="Name,Comments";
$send_copy_attachment_fields[0]="";
$copy_subject[0]="Subject of Copy Email";
$copy_intro[0]="Thanks for your inquiry, the following message has been delivered.";
$copy_from[0]="noreply@yourdomain.com";
$copy_tomail_field[0]="Email";
// Result options
$header[0]="";
$footer[0]="";
$error_page[0]="";
$thanks_page[0]="";
// Default Error and Success Page Variables
$error_page_title[0]="Error - Missed Fields";
$error_page_text[0]="Please use your browser's back button to return to the form and complete the required fields.";
$thanks_page_title[0]="Message Sent";
$thanks_page_text[0]="Thank you for your inquiry";

For the test form I used the unaltered form.php from the package:

<?php
////////////////////////////////////////////////////////////////////////////
// dB Masters' PHP FormM@iler, Copyright (c) 2005 dB Masters Multimedia
// http://scripts.dbmasters.net/
// FormMailer comes with ABSOLUTELY NO WARRANTY
// Licensed under the AGPL
// See license.txt and readme.txt for details
////////////////////////////////////////////////////////////////////////////
?>
<html>
<head>
<title>dB Masters FormM@iler</title>
</head>
<body>
<form id="form" method="post" action="formmailer.php">
<p>Your Name<br /><input type="text" name="Name" value=""/></p>
<p>Your Email<br /><input type="text" name="Email" value="" /></p>
<p>Comments and/or Questions<br /><textarea name="Comments" rows="5" cols="40"></textarea></p>
<p>
<input type="submit" name="submit" value="Submit" />
<input type="reset" name="Reset" value="Clear Form" />
<input type="hidden" name="config" value="0" />
</p>
</form>
<p>Powered by <a href="http://www.dbmasters.net/">dB Masters Multimedia</a> <a href="http://www.dbmasters.net/index.php?id=19">FormM@iler</a></p>
</body>
</html>

Ok Fred, here's what I'm seeing.

The first error: Notice: Undefined variable: check_referrer in /var/www/vhosts/erdkampconstruction.com/httpdocs/formmailer.php on line 276Is saying the variable $check_referrer is not defined earlier in the script. I'm at a loss for why it would say this, given that he very first line of markup is $check_referrer="no";. MichaelJohn, do you know offhand why a script would call a variable undefined when it appears to be clearly defined? The variable is never referenced outside of these two instances. So it doesn't appear to be nullified in any way.

Because you're not using the checkReferer() function, you could simply remove your general variables (the two at the top of the script) and remove the entire function that checks referrers (lines 273-293). That would at least kill the error :)

Also, you'd need to replace lines 392-393 with $domains_chk="yes";, which is a variable that gets set and gets a value in the script I told you to remove.

This is untested (keep a backup), but it should work.

The second error: Notice: Undefined index: E in /var/www/vhosts/erdkampconstruction.com/httpdocs/formmailer.php on line 395To be honest, I'm not sure what to do with this. Here's the line of code it's referencing:$security_filter=headerInjectionFilter ($_POST[$reply_to_field[$config]], $_POST[$reply_to_name[$config]], $header_injection_regex);It seems pretty clear what the code is doing (calling functions that do filtering for injections. But since whatever PHP knowledge I have comes purely from digging through scripts, I can't say for sure what's taking place in the error message. I'll leave this for someone more experienced than I.

The third error:Notice: Undefined variable: debug in /var/www/vhosts/erdkampconstruction.com/httpdocs/formmailer.php on line 298Again, I'm not sure about this one, because $debug is defined very early on in the script. I can't find anything in the script that would change debug from 0 to 1, which tells me this is included to allow someone to manually debug the script themselves. This also tells me you could probably remove all references to $debug (they're all if-statements, so you could simply remove the "iffy" part). Or, you could go to line 96, set $debug to 1, and see what happens :)

I guess these aren't the best answers, but perhaps the information will be enough to someone to fill in the gaps!

I'll give that a try, thanks.

The strange thing is that the above is running without errors in a test setup: http://gerrit.biz/test/form.php
(PHP 4.4.7 - http://gerrit.biz/phpinfo.php )

The only issue I have is that I can't reply to an email sent form the form because somehow the email address doesn't show up in the 'reply to' field of the email.

Oh and don't spend too much time on it. I already moved on to (good working) other solutions after I didn't get an answer from the author of the script. :)

Gerrit, find$extra="From: ".$_POST[$reply_to_name[$config]]."<".$_POST[$reply_to_field[$config]].">\r\n";
And change it to:$extra="From: ".$_POST[$reply_to_field]."\n";This should essentially bypass the From name completely. If it works, then there's something about how that line is blending the name and email that's causing the email part to crap out. If it doesn't work, try:$extra="From: ".$_POST[$reply_to_field[$config]]."\n";I'm not 100% sure of my syntax on that latter one :oops: but it's worth a try!

Comment out the original so you can revert back :)

Gerrit, find$extra="From: ".$_POST[$reply_to_name[$config]]."<".$_POST[$reply_to_field[$config]].">\r\n";
And change it to:$extra="From: ".$_POST[$reply_to_field]."\n";This should essentially bypass the From name completely. If it works, then there's something about how that line is blending the name and email that's causing the email part to crap out.

This works - thanks!

The second error: To be honest, I'm not sure what to do with this. Here's the line of code it's referencing:$security_filter=headerInjectionFilter ($_POST[$reply_to_field[$config]], $_POST[$reply_to_name[$config]], $header_injection_regex);It seems pretty clear what the code is doing (calling functions that do filtering for injections. But since whatever PHP knowledge I have comes purely from digging through scripts, I can't say for sure what's taking place in the error message. I'll leave this for someone more experienced than I.


I'm pretty sure that the problem with the 'reply to' thingy originates form this error.
Hopefully one of our PHP gurus will find it.

Running the script with 'display_errors' on and 'error_reporting' set to E_ALL|E_STRICT shows 11 messages, including one on line 119 where the programmer apparently forgot to put quotes around a string. These are all notice-level messages which means they will not show up in a default PHP installation; you must specifically turn on full error reporting to see them. This is because none of these are necessarily errors, they are matters of style. For example, some programmers will intentionally use uninitialized variables, relying on the default PHP behavior. This may be bad style, but it's not necessarily an error. Looking more closely, in this case these messages do seem to indicate genuine mistakes.

The "Undefined index: E" error on line 395 is because $reply_to_field[$config] and $reply_to_name[$config] are both being used as index into the $_POST array, and apparently one of those must have the value "E" at that point in the script, though without reading the rest of the script I can't say why.

The undefined variables 'check_referrer', 'debug', 'config', and 'allow_html' are all due to an apparent failure on the part of the programmer to understand variable scope rules in PHP. You can't reference a variable that was declared outside of a function from inside that function unless you declare it as global. So all of those referenced lines are effectively nonsense, and whatever they may be doing, it's probably not what the programmer intended.

Sorry to say this Paul, but based on what I've seen so far I would not recommend anyone use this script.

You're not breaking my heart :) It was the best script I could find from a functional standpoint that would allow sending/receiving attachments as well as text (or HTML).

Soooooo... another form handler script that can be trashed, huh?

Inimino, question: Could you program a form handler script from scratch?

That might be a nice IWDN project: the first real good form handler script!

You could distribute it via IWDN. It could be shareware - I would gladly pay something like 30 - 50 dollars for a good script and I'm sure I'm not the only one.

I have been trying many form handling scripts and I never found one that is working 100% without errors and security holes.

It would really be something if IWDN could offer a good form handler!

I am been working with dbmailer as well as was able to fix some errors with suggestions from the forum. The new beta version posted recently seems to run well. I am playing with multiple to address which is working. I can get the thanks page working but the autoresponse is not being sent out.

I looked around at several formmailers and this was clean and easy to work with. There are a few paid scripts out that work pretty well. But I was trying to find an open source to work with.

It could be a nice IWDN project. If I did something like that I'd want it to be open source. However, I'd like to avoid re-inventing the wheel, and I can't help but think there must be some good software already out there to do this, though I haven't looked into it. There is enough low-quality PHP code out there that sifting through it all often takes longer than writing what you need from scratch.

If anyone else thinks this would be good idea for IWDN to pursue, I'm certainly willing to consider it.

What features would you want it to have?

Are there any existing projects in this category that have a lot of users and at least one active developer?

Is the need too broad to be filled by any one script?

Let me take some time for writing an answer - 'll come back to you tomorrow.

Already thanks for considering doing this!

Unless I missed something in the last years, there is no good form handler script around. I had high hopes for the formmailer script which we originally discussed in this thread, but it seems to have too many bugs/errors.

I am sure that many web designers would welcome a good form handling script.

FWIW I ended up using the script from http://formtoemail.com/ it's not ideal but it worked right out of the box and doesn't throw up any errors

I just ran across these... any comments or recommendations
http://green-beast.com/blog/?page_id=71
http://www.dagondesign.com/articles/secure-php-form-mailer-script/

Before I start on a features list, are there any more people who think it would be a plan to ask MJ to program a form handler?

I could see where there's always a need for good form handlers. As I recall, I never did find any email form handlers I liked with the features I needed, though for anything other than email forms, I think it would be best to do a custom script on a per-project basis. So, maybe a good email form handler would be nice. I would like to see it more flexible than the one I saw with formm@iler.

This one looks alright but still uses some JS
http://green-beast.com/blog/?page_id=71.

I will take a better look at this one. I think I may using the WP plugin already.
http://www.dagondesign.com/articles/secure-php-form-mailer-script/#customize

The pro version of formtoemail looks interesting.
http://formtoemail.com/formtoemail_pro_version.php

I agree that a good mailer can be useful. There are several good mailers out but it is hard to find one that is clean, easy to use, and has all the features I like without doing mods.

I would LOVE to see something like this made available to the world via IWDN! I was going to respond yesterday, but I held back because we (Equentity) are actually commissioning something similar, but probably a little more robust and less universal than what we're talking about here.

Dan Luria is creating a form handler that operates via an administrative interface and database, with all sorts of bells and whistles included. I think a concrete form handler with less administrative functionality would be just what the Internet ordered.

This discussion really deserves its own thread, and given it's public nature, I think it should be a sticky.

Viva l'community! I'll stay away from starting the new thread, and I'll await it's creation so I can stick it. Whoever gets it going first will...well...have his or her name first in a sticky :)

It may as well be me, I suppose.

Let's get this discussion going! :)

http://iwdn.net/showthread.php?t=6638