We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Posting information from form goes wrong.

Steynsk
Steynsk asked
on
Medium Priority
312 Views
Last Modified: 2013-12-13
Hi Expert,

I've got an old guest book functionality that is written for PHP 4.x But now I've moved it to PHP 5 it does not work. The user entered values are not arriving in the post file. I've been looking for problems in the code but was not able to determine what goes wrong.

The error I get is the validation in the "voegtoe.php" telling me I did not fil in a value.

Both files are attached

Your help is highly appreciated

-----index.php------------
<?php
 
if(!$start) {
$start="0";} else{
$start=$start;}
?>
 
 
<html>
<head>
<?php
include("include/config.php");
include("include/style.inc.php");
include("include/functies.inc.php");
 
?>
 
 
<title>Mijn gastenboek</title>
 
<script type="text/javascript"> 
// ADDTEXT 
function addtext(veld,text) 
{ 
    document.gastenboek.elements[veld].value += " "+text+" "; 
    document.gastenboek.elements[veld].focus(); 
} 
</script>
 
<script>
 
function submitonce(theform){
//if IE 4+ or NS 6+
if (document.all||document.getElementById){
//screen thru every element in the form, and hunt down "submit" and "reset"
for (i=0;i<theform.length;i++){
var tempobj=theform.elements[i]
if(tempobj.type.toLowerCase()=="submit"||tempobj.type.toLowerCase()=="reset")
//disable em
tempobj.disabled=true
}
}
}
</script>
 
 
</head>
 
<body>
 
<?php
 
include("bekijk.php");
?></p>
<p>&nbsp;</p>
 
<form method="POST" name="gastenboek" action="voegtoe.php" onSubmit="submitonce(this)">
 
<div align="center">
  <center>
  <table border="0" cellpadding="2" width="100%">
    <tr>
      <td width="19%">Naam:</td>
      <td width="81%"><input type="text" name="naam" size="30"></td>
    </tr>
    <tr>
      <td width="19%">E-mail:</td>
      <td width="81%"><input type="text" name="email" size="30"></td>
    </tr>
    <tr>
      <td width="19%">Lid van onze club:</td>
      <td width="81%"><input type="checkbox" name="lid" value="ON">ja</td>
    </tr>
    <tr>
      <td width="19%" valign="top">Jouw bericht:</td>
      <td width="81%">
 
<?php
if ($UBB=="true") {
UBBinc(bericht);
}
?>  
 
<textarea rows="4" name="bericht" cols="40" class="tekstvak"></textarea><br>
 
<?php
if ($smilie=="true") {
smilieinc(bericht);
}
?> 
 
</td>
    </tr>
    <tr>
      <td width="19%"></td>
      <td width="81%"><input type="submit" value="Verzenden" name="B1" class="knop"> <input type="reset" value="Invoer wissen" name="B2" class="knop"></td>
    </tr>
  </table>
  </center>
</div>
</form>
<?php
//copyright
//if($Copyrightnr11) {
//copyright ();}
?> 
</body>
 
</html>
-----------------------end of index.php------------------
 
-------------------voegtoe.php----------------------
 
<?php 
// Boven aan je pagina 
ob_start(); 
 
include("include/config.php");
include("include/style.inc.php");
include("include/functies.inc.php");
 
session_start(); 
$verlooptijd = 0; //tijd in seconden waarna er weer gepost mag worden 
 
if($_SESSION['tijd'] + $verlooptijd > time()){ 
$wachten = $_SESSION['tijd'] + $verlooptijd - time(); 
echo "U heeft zojuist al een bericht geplaatst, over ".$wachten." seconden kunt u weer posten."; 
} 
else{ 
$_SESSION['tijd'] = $tijd;
 
$datum=date("d-m-Y @ H:i:s",time());
$id=date("dmyHis",time());
 
 
//check lege velden
if (strlen($naam)<1) {
echo "<b>U heeft uw naam (nog) niet ingevuld ...</b><br><br><A href=\"javascript: history.go(-1);\" target=\"_self\"><blockquote>Klik hier om terug te gaan en vult u alsnog uw naam in !!!</blockquote></A>";
}
elseif (strlen($bericht)<1) {
echo "<br><br><b><br>U heeft (nog) geen bericht achtergelaten ...</b></font><br><br><A href=\"javascript: history.go(-1);\" target=\"_self\"><blockquote>Klik hier om terug te gaan en schrijft u alsnog een leuk <img border=\"0\" src=\"img/smile/knipoog.gif\"> bericht !!!</blockquote></a>";
}
else {
 
//html-tags verwijderen
$naam  = strip_tags($naam);
$email = strip_tags($email);
$bericht = strip_tags($bericht);
$bericht = stripslashes($bericht);
 
//Toevoegen IP gelogd
$iplog="J";
 
//vervangen van de smilies-codes door html codes ...
$bericht=smilie($bericht);
 
if ($scheldwoorden=="true") {
$bericht = scheldwoorden($bericht);
}
 
//vervangen van de UBB codes door html codes ...
$bericht=UBB($bericht);
 
$bericht = nl2br($bericht); 
$bericht = eregi_replace("\n", "", $bericht); 
      
 
//wegschrijven naar een bestand
$logfile = fopen("$bestand","a"); 
fputs($logfile, $id."||".$datum."||".$email."||".$lid."||".$iplog."||".$bericht."||".$naam."||\n"); 
fclose($logfile); 
 
//bestand voor de IP adressen van berichten in het gastenboek
$ipbestand ="ipadressen.txt";
 
//initialiseren IP
$ip = $REMOTE_ADDR; 
 
//wegschrijven naar een bestand
$logfileip = fopen("$ipbestand","a"); 
fputs($logfileip, $ip."||".$datum."||".$naam."||\n"); 
fclose($logfileip);
 
 
?>
 
<html>
 
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta http-equiv="refresh" content="0;URL=index.php">
 
<title>ZFC Zuidlaren</title>
</head>
 
<body>
</body>
</html>
 
<?php
} } 
 
 
// Onder aan je pagina 
ob_end_flush(); 
?> 
-----------------end of voegtoe.php---------------------

Open in new window

Comment
Watch Question

Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Commented:
Noticed that you have these references all through the code. Your other choice is to turn register globals on, but I'd fix the code.

Commented:
Another solution, at the beginning of your "voegtoe.php" file add the following:
<?php
 
  foreach($_POST as $key => $value) {
    $$key = $value;
  }
 
?>

Open in new window

Commented:
Or the below.

But the best solution is to correct the problem which is that the script was written for a PHP with register_globals = On, which was determined to be a security risk and is not Off by default.
<?php
 
  extract($_POST);
 
?>

Open in new window

Author

Commented:
Hube02,
Many thanks

Commented:
That should be:

 "it is NOW of by default"

sorry for the typo that completely changes the meaning of the sentence :S
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.