Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Posting information from form goes wrong.

Posted on 2009-07-08
6
Medium Priority
?
277 Views
Last Modified: 2013-12-13
Hi Expert,

I've got an old guest book functionality that is written for PHP 4.x But now I've moved it to PHP 5 it does not work. The user entered values are not arriving in the post file. I've been looking for problems in the code but was not able to determine what goes wrong.

The error I get is the validation in the "voegtoe.php" telling me I did not fil in a value.

Both files are attached

Your help is highly appreciated

-----index.php------------
<?php
 
if(!$start) {
$start="0";} else{
$start=$start;}
?>
 
 
<html>
<head>
<?php
include("include/config.php");
include("include/style.inc.php");
include("include/functies.inc.php");
 
?>
 
 
<title>Mijn gastenboek</title>
 
<script type="text/javascript"> 
// ADDTEXT 
function addtext(veld,text) 
{ 
    document.gastenboek.elements[veld].value += " "+text+" "; 
    document.gastenboek.elements[veld].focus(); 
} 
</script>
 
<script>
 
function submitonce(theform){
//if IE 4+ or NS 6+
if (document.all||document.getElementById){
//screen thru every element in the form, and hunt down "submit" and "reset"
for (i=0;i<theform.length;i++){
var tempobj=theform.elements[i]
if(tempobj.type.toLowerCase()=="submit"||tempobj.type.toLowerCase()=="reset")
//disable em
tempobj.disabled=true
}
}
}
</script>
 
 
</head>
 
<body>
 
<?php
 
include("bekijk.php");
?></p>
<p>&nbsp;</p>
 
<form method="POST" name="gastenboek" action="voegtoe.php" onSubmit="submitonce(this)">
 
<div align="center">
  <center>
  <table border="0" cellpadding="2" width="100%">
    <tr>
      <td width="19%">Naam:</td>
      <td width="81%"><input type="text" name="naam" size="30"></td>
    </tr>
    <tr>
      <td width="19%">E-mail:</td>
      <td width="81%"><input type="text" name="email" size="30"></td>
    </tr>
    <tr>
      <td width="19%">Lid van onze club:</td>
      <td width="81%"><input type="checkbox" name="lid" value="ON">ja</td>
    </tr>
    <tr>
      <td width="19%" valign="top">Jouw bericht:</td>
      <td width="81%">
 
<?php
if ($UBB=="true") {
UBBinc(bericht);
}
?>  
 
<textarea rows="4" name="bericht" cols="40" class="tekstvak"></textarea><br>
 
<?php
if ($smilie=="true") {
smilieinc(bericht);
}
?> 
 
</td>
    </tr>
    <tr>
      <td width="19%"></td>
      <td width="81%"><input type="submit" value="Verzenden" name="B1" class="knop"> <input type="reset" value="Invoer wissen" name="B2" class="knop"></td>
    </tr>
  </table>
  </center>
</div>
</form>
<?php
//copyright
//if($Copyrightnr11) {
//copyright ();}
?> 
</body>
 
</html>
-----------------------end of index.php------------------
 
-------------------voegtoe.php----------------------
 
<?php 
// Boven aan je pagina 
ob_start(); 
 
include("include/config.php");
include("include/style.inc.php");
include("include/functies.inc.php");
 
session_start(); 
$verlooptijd = 0; //tijd in seconden waarna er weer gepost mag worden 
 
if($_SESSION['tijd'] + $verlooptijd > time()){ 
$wachten = $_SESSION['tijd'] + $verlooptijd - time(); 
echo "U heeft zojuist al een bericht geplaatst, over ".$wachten." seconden kunt u weer posten."; 
} 
else{ 
$_SESSION['tijd'] = $tijd;
 
$datum=date("d-m-Y @ H:i:s",time());
$id=date("dmyHis",time());
 
 
//check lege velden
if (strlen($naam)<1) {
echo "<b>U heeft uw naam (nog) niet ingevuld ...</b><br><br><A href=\"javascript: history.go(-1);\" target=\"_self\"><blockquote>Klik hier om terug te gaan en vult u alsnog uw naam in !!!</blockquote></A>";
}
elseif (strlen($bericht)<1) {
echo "<br><br><b><br>U heeft (nog) geen bericht achtergelaten ...</b></font><br><br><A href=\"javascript: history.go(-1);\" target=\"_self\"><blockquote>Klik hier om terug te gaan en schrijft u alsnog een leuk <img border=\"0\" src=\"img/smile/knipoog.gif\"> bericht !!!</blockquote></a>";
}
else {
 
//html-tags verwijderen
$naam  = strip_tags($naam);
$email = strip_tags($email);
$bericht = strip_tags($bericht);
$bericht = stripslashes($bericht);
 
//Toevoegen IP gelogd
$iplog="J";
 
//vervangen van de smilies-codes door html codes ...
$bericht=smilie($bericht);
 
if ($scheldwoorden=="true") {
$bericht = scheldwoorden($bericht);
}
 
//vervangen van de UBB codes door html codes ...
$bericht=UBB($bericht);
 
$bericht = nl2br($bericht); 
$bericht = eregi_replace("\n", "", $bericht); 
      
 
//wegschrijven naar een bestand
$logfile = fopen("$bestand","a"); 
fputs($logfile, $id."||".$datum."||".$email."||".$lid."||".$iplog."||".$bericht."||".$naam."||\n"); 
fclose($logfile); 
 
//bestand voor de IP adressen van berichten in het gastenboek
$ipbestand ="ipadressen.txt";
 
//initialiseren IP
$ip = $REMOTE_ADDR; 
 
//wegschrijven naar een bestand
$logfileip = fopen("$ipbestand","a"); 
fputs($logfileip, $ip."||".$datum."||".$naam."||\n"); 
fclose($logfileip);
 
 
?>
 
<html>
 
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta http-equiv="refresh" content="0;URL=index.php">
 
<title>ZFC Zuidlaren</title>
</head>
 
<body>
</body>
</html>
 
<?php
} } 
 
 
// Onder aan je pagina 
ob_end_flush(); 
?> 
-----------------end of voegtoe.php---------------------

Open in new window

0
Comment
Question by:Steynsk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
6 Comments
 
LVL 18

Accepted Solution

by:
Hube02 earned 2000 total points
ID: 24805065
The problem is here:

$naam  = strip_tags($naam);
$email = strip_tags($email);
$bericht = strip_tags($bericht);
$bericht = stripslashes($bericht);


You need to change all the references to $_POST variables to use the $_POST global. Example

$naam  = strip_tags($_POST['naam']);
0
 
LVL 18

Expert Comment

by:Hube02
ID: 24805091
Noticed that you have these references all through the code. Your other choice is to turn register globals on, but I'd fix the code.
0
 
LVL 18

Expert Comment

by:Hube02
ID: 24805276
Another solution, at the beginning of your "voegtoe.php" file add the following:
<?php
 
  foreach($_POST as $key => $value) {
    $$key = $value;
  }
 
?>

Open in new window

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 18

Expert Comment

by:Hube02
ID: 24805331
Or the below.

But the best solution is to correct the problem which is that the script was written for a PHP with register_globals = On, which was determined to be a security risk and is not Off by default.
<?php
 
  extract($_POST);
 
?>

Open in new window

0
 
LVL 1

Author Closing Comment

by:Steynsk
ID: 31601175
Hube02,
Many thanks
0
 
LVL 18

Expert Comment

by:Hube02
ID: 24805344
That should be:

 "it is NOW of by default"

sorry for the typo that completely changes the meaning of the sentence :S
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this. Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it i…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question