i made a basic form to work as an 'email to a friend' entry on a blog but i am having trouble getting the url from the page the form was submitted on
doe sanyone know of the php command or hidden/enviroment variable to display and POST the url location that the form was submitted on
it is on the sidebar of a blog so it could be on included on any page in the blog so i can tmanually define a url ...
here are the forms html and php cripts if its of any help form html:
<? $refurl = $_SERVER['HTTP_REFERER']; ?><? print $refurl;?> <form name="tellafriend" action="http://play.clhmedia.com/tellafriend.php" method="post" onSubmit="return checkfields()"> <table border="0" cellpadding="0" cellspacing="0"><tr><td>*Your Name:</td><td><input size="18" name="name" maxlength="45"></td></tr><tr><td>*Your Email:</td><td> <input size="18" name="email" maxlength="45"></td></tr><tr><td>*Send To:</td><td><input size="18" name="fmail1" maxlength="50"> </td></tr></table><input onClick="validate();" type="button" value="Send"><input type=hidden name=refurl value="<? print $refurl;?>"> </form>
[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
php file
<?php if(count($_POST)) { # This part strips out nasty code that a malicious # person may try to inject into the form
foreach(array('fmail1','fmail2','fmail3','email','name') as $key) $_POST[$key] = strip_tags($_POST[$key]); if(!is_secure($_POST)) { die("Hackers begone");}
# This part submits a notification to you when # the form is submitted
// Email address for copies to be sent to - change to suit $emailto = "you@yoursite.com";
// Notification email subject text for copies $esubject = "Recommendation form submission";
// Email body text for notifications $emailtext = " $_POST[name] has used your recommendation form using an email address of $_POST[email]
The people the recommendation has been submitted to are:
$_POST[fmail1] $_POST[fmail2] $_POST[fmail3]
The page recommended:
$_POST[refurl]
";
# This function sends the email to you
@mail("$emailto", $esubject, $emailtext, "From: $_POST[email]");
# This part is the function for sending to recipients
// Page to display after successful submission // Change the thankyou.htm to suit
$thankyoupage = "http://clhmedia.com/upload/audio/done/";
// Subject line for the recommendation - change to suit
$tsubject = "A web page recommendation from $_POST[name]";
// Change the text below for the email // Be careful not to change anyt "$_POST[value]" bits
$ttext = " Hi,
$_POST[name], whose email address is $_POST[email] thought you may be interested in this web page.
$_POST[name] has used our Tell-a-Friend form to send you this note.
We look forward to your visit!
# This sends the note to the addresses submitted @mail("$_POST[fmail1],$_POST[fmail2],$_POST[fmail3]", $tsubject, $ttext, "FROM: $_POST[email]");
# After submission, the thank you page header("Location: $thankyoupage"); exit;
}
# Nothing further can be changed. Leave the below as is
function is_secure($ar) { $reg = "/(Content-Type|Bcc|MIME-Version|Content-Transfer-Encoding)/i"; if(!is_array($ar)) { return preg_match($reg,$ar);} $incoming = array_values_recursive($ar); foreach($incoming as $k=>$v) if(preg_match($reg,$v)) return false; return true; }
function array_values_recursive($array) { $arrayValues = array(); foreach ($array as $key=>$value) { if (is_scalar($value) || is_resource($value)) { $arrayValues[] = $value; $arrayValues[] = $key; } elseif (is_array($value)) { $arrayValues[] = $key; $arrayValues = array_merge($arrayValues, array_values_recursive($value)); } } return $arrayValues; }
?>
thanks in advance for any help i can get
chris h
You are doing the right thing, you just can't always rely on it. Here is a couple liks explaining the use of this variable.
http://forums.digitalpoint.com/showthread.php?t=835
http://www.w3.org/WAI/GL/WCAG20/WD-WCAG20-TECHS/SVR3.html
Log in to post a comment.
i made a basic form to work as an 'email to a friend' entry on a blog but i am having trouble getting the url from the page the form was submitted on
doe sanyone know of the php command or hidden/enviroment variable to display and POST the url location that the form was submitted on
it is on the sidebar of a blog so it could be on included on any page in the blog so i can tmanually define a url ...
here are the forms html and php cripts if its of any help
form html:
<? $refurl = $_SERVER['HTTP_REFERER']; ?><? print $refurl;?>
<form name="tellafriend" action="http://play.clhmedia.com/tellafriend.php" method="post" onSubmit="return checkfields()">
<table border="0" cellpadding="0" cellspacing="0"><tr><td>*Your Name:</td><td><input size="18" name="name" maxlength="45"></td></tr><tr><td>*Your Email:</td><td>
<input size="18" name="email" maxlength="45"></td></tr><tr><td>*Send To:</td><td><input size="18" name="fmail1" maxlength="50">
</td></tr></table><input onClick="validate();" type="button" value="Send"><input type=hidden name=refurl value="<? print $refurl;?>"> </form>
[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
php file
<?php
if(count($_POST)) {
# This part strips out nasty code that a malicious
# person may try to inject into the form
foreach(array('fmail1','fmail2','fmail3','email','name') as $key) $_POST[$key] = strip_tags($_POST[$key]);
if(!is_secure($_POST)) { die("Hackers begone");}
# This part submits a notification to you when
# the form is submitted
// Email address for copies to be sent to - change to suit
$emailto = "you@yoursite.com";
// Notification email subject text for copies
$esubject = "Recommendation form submission";
// Email body text for notifications
$emailtext = "
$_POST[name] has used your recommendation form using an email address of $_POST[email]
The people the recommendation has been submitted to are:
$_POST[fmail1]
$_POST[fmail2]
$_POST[fmail3]
The page recommended:
$_POST[refurl]
";
# This function sends the email to you
@mail("$emailto", $esubject, $emailtext, "From: $_POST[email]");
# This part is the function for sending to recipients
// Page to display after successful submission
// Change the thankyou.htm to suit
$thankyoupage = "http://clhmedia.com/upload/audio/done/";
// Subject line for the recommendation - change to suit
$tsubject = "A web page recommendation from $_POST[name]";
// Change the text below for the email
// Be careful not to change anyt "$_POST[value]" bits
$ttext = "
Hi,
$_POST[name], whose email address is $_POST[email] thought you may be interested in this web page.
$_POST[refurl]
$_POST[name] has used our Tell-a-Friend form to send you this note.
We look forward to your visit!
";
# This sends the note to the addresses submitted
@mail("$_POST[fmail1],$_POST[fmail2],$_POST[fmail3]", $tsubject, $ttext, "FROM: $_POST[email]");
# After submission, the thank you page
header("Location: $thankyoupage");
exit;
}
# Nothing further can be changed. Leave the below as is
function is_secure($ar) {
$reg = "/(Content-Type|Bcc|MIME-Version|Content-Transfer-Encoding)/i";
if(!is_array($ar)) { return preg_match($reg,$ar);}
$incoming = array_values_recursive($ar);
foreach($incoming as $k=>$v) if(preg_match($reg,$v)) return false;
return true;
}
function array_values_recursive($array) {
$arrayValues = array();
foreach ($array as $key=>$value) {
if (is_scalar($value) || is_resource($value)) {
$arrayValues[] = $value;
$arrayValues[] = $key;
}
elseif (is_array($value)) {
$arrayValues[] = $key;
$arrayValues = array_merge($arrayValues, array_values_recursive($value));
}
}
return $arrayValues;
}
?>
thanks in advance for any help i can get
chris h
You are doing the right thing, you just can't always rely on it. Here is a couple liks explaining the use of this variable.
http://forums.digitalpoint.com/showthread.php?t=835
http://www.w3.org/WAI/GL/WCAG20/WD-WCAG20-TECHS/SVR3.html