Posting information from form goes wrong.

Hi Expert,

I've got an old guest book functionality that is written for PHP 4.x But now I've moved it to PHP 5 it does not work. The user entered values are not arriving in the post file. I've been looking for problems in the code but was not able to determine what goes wrong.

The error I get is the validation in the "voegtoe.php" telling me I did not fil in a value.

Both files are attached

Your help is highly appreciated

-----index.php------------
<?php
 
if(!$start) {
$start="0";} else{
$start=$start;}
?>
 
 
<html>
<head>
<?php
include("include/config.php");
include("include/style.inc.php");
include("include/functies.inc.php");
 
?>
 
 
<title>Mijn gastenboek</title>
 
<script type="text/javascript"> 
// ADDTEXT 
function addtext(veld,text) 
{ 
    document.gastenboek.elements[veld].value += " "+text+" "; 
    document.gastenboek.elements[veld].focus(); 
} 
</script>
 
<script>
 
function submitonce(theform){
//if IE 4+ or NS 6+
if (document.all||document.getElementById){
//screen thru every element in the form, and hunt down "submit" and "reset"
for (i=0;i<theform.length;i++){
var tempobj=theform.elements[i]
if(tempobj.type.toLowerCase()=="submit"||tempobj.type.toLowerCase()=="reset")
//disable em
tempobj.disabled=true
}
}
}
</script>
 
 
</head>
 
<body>
 
<?php
 
include("bekijk.php");
?></p>
<p>&nbsp;</p>
 
<form method="POST" name="gastenboek" action="voegtoe.php" onSubmit="submitonce(this)">
 
<div align="center">
  <center>
  <table border="0" cellpadding="2" width="100%">
    <tr>
      <td width="19%">Naam:</td>
      <td width="81%"><input type="text" name="naam" size="30"></td>
    </tr>
    <tr>
      <td width="19%">E-mail:</td>
      <td width="81%"><input type="text" name="email" size="30"></td>
    </tr>
    <tr>
      <td width="19%">Lid van onze club:</td>
      <td width="81%"><input type="checkbox" name="lid" value="ON">ja</td>
    </tr>
    <tr>
      <td width="19%" valign="top">Jouw bericht:</td>
      <td width="81%">
 
<?php
if ($UBB=="true") {
UBBinc(bericht);
}
?>  
 
<textarea rows="4" name="bericht" cols="40" class="tekstvak"></textarea><br>
 
<?php
if ($smilie=="true") {
smilieinc(bericht);
}
?> 
 
</td>
    </tr>
    <tr>
      <td width="19%"></td>
      <td width="81%"><input type="submit" value="Verzenden" name="B1" class="knop"> <input type="reset" value="Invoer wissen" name="B2" class="knop"></td>
    </tr>
  </table>
  </center>
</div>
</form>
<?php
//copyright
//if($Copyrightnr11) {
//copyright ();}
?> 
</body>
 
</html>
-----------------------end of index.php------------------
 
-------------------voegtoe.php----------------------
 
<?php 
// Boven aan je pagina 
ob_start(); 
 
include("include/config.php");
include("include/style.inc.php");
include("include/functies.inc.php");
 
session_start(); 
$verlooptijd = 0; //tijd in seconden waarna er weer gepost mag worden 
 
if($_SESSION['tijd'] + $verlooptijd > time()){ 
$wachten = $_SESSION['tijd'] + $verlooptijd - time(); 
echo "U heeft zojuist al een bericht geplaatst, over ".$wachten." seconden kunt u weer posten."; 
} 
else{ 
$_SESSION['tijd'] = $tijd;
 
$datum=date("d-m-Y @ H:i:s",time());
$id=date("dmyHis",time());
 
 
//check lege velden
if (strlen($naam)<1) {
echo "<b>U heeft uw naam (nog) niet ingevuld ...</b><br><br><A href=\"javascript: history.go(-1);\" target=\"_self\"><blockquote>Klik hier om terug te gaan en vult u alsnog uw naam in !!!</blockquote></A>";
}
elseif (strlen($bericht)<1) {
echo "<br><br><b><br>U heeft (nog) geen bericht achtergelaten ...</b></font><br><br><A href=\"javascript: history.go(-1);\" target=\"_self\"><blockquote>Klik hier om terug te gaan en schrijft u alsnog een leuk <img border=\"0\" src=\"img/smile/knipoog.gif\"> bericht !!!</blockquote></a>";
}
else {
 
//html-tags verwijderen
$naam  = strip_tags($naam);
$email = strip_tags($email);
$bericht = strip_tags($bericht);
$bericht = stripslashes($bericht);
 
//Toevoegen IP gelogd
$iplog="J";
 
//vervangen van de smilies-codes door html codes ...
$bericht=smilie($bericht);
 
if ($scheldwoorden=="true") {
$bericht = scheldwoorden($bericht);
}
 
//vervangen van de UBB codes door html codes ...
$bericht=UBB($bericht);
 
$bericht = nl2br($bericht); 
$bericht = eregi_replace("\n", "", $bericht); 
      
 
//wegschrijven naar een bestand
$logfile = fopen("$bestand","a"); 
fputs($logfile, $id."||".$datum."||".$email."||".$lid."||".$iplog."||".$bericht."||".$naam."||\n"); 
fclose($logfile); 
 
//bestand voor de IP adressen van berichten in het gastenboek
$ipbestand ="ipadressen.txt";
 
//initialiseren IP
$ip = $REMOTE_ADDR; 
 
//wegschrijven naar een bestand
$logfileip = fopen("$ipbestand","a"); 
fputs($logfileip, $ip."||".$datum."||".$naam."||\n"); 
fclose($logfileip);
 
 
?>
 
<html>
 
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta http-equiv="refresh" content="0;URL=index.php">
 
<title>ZFC Zuidlaren</title>
</head>
 
<body>
</body>
</html>
 
<?php
} } 
 
 
// Onder aan je pagina 
ob_end_flush(); 
?> 
-----------------end of voegtoe.php---------------------

Open in new window

LVL 1
SteynskAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hube02Commented:
The problem is here:

$naam  = strip_tags($naam);
$email = strip_tags($email);
$bericht = strip_tags($bericht);
$bericht = stripslashes($bericht);


You need to change all the references to $_POST variables to use the $_POST global. Example

$naam  = strip_tags($_POST['naam']);
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Hube02Commented:
Noticed that you have these references all through the code. Your other choice is to turn register globals on, but I'd fix the code.
0
Hube02Commented:
Another solution, at the beginning of your "voegtoe.php" file add the following:
<?php
 
  foreach($_POST as $key => $value) {
    $$key = $value;
  }
 
?>

Open in new window

0
Learn SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

Hube02Commented:
Or the below.

But the best solution is to correct the problem which is that the script was written for a PHP with register_globals = On, which was determined to be a security risk and is not Off by default.
<?php
 
  extract($_POST);
 
?>

Open in new window

0
SteynskAuthor Commented:
Hube02,
Many thanks
0
Hube02Commented:
That should be:

 "it is NOW of by default"

sorry for the typo that completely changes the meaning of the sentence :S
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.