Problem with adding SiteWizard feedback form to Force9-hosted site
Hello there indium,
right, I am going to try and break this down as simpley as possible for you
From what I discover, you're on Force9?
if not, everything I quote with a Force9 Hostname,
can be inter-changed for PlusNet.
(eg: ccgi.plus.net / ccgi.force9.net ..)
from what I found, as Chris has also pointed out, ..
you have the 'feedback.php' file in the wrong place
It was trying to Send Data to the Server, which it couldn't do anything with.
I have also edited the PHP Script as it was basically wide open with Raw EMail Addresses and the works...
I found this was entirely readable from the WWW Server,
this file needs to be placed in the CCGI Server.
Looking at your form and code, you may want to add extended EMail Address Checking as well as string length limitations
Firstly you will need to edit the 'contact-us.html' file for any of this to get off the ground initially ...
'contact-us.html'
At Line 17 and onwards..
The Charater Limits on the Mail Address and Name is not very good, none of my own Mail Addresses would fit those fields. 30 is a good value to use I would have said.
Replace ~ with your Force9 Account Name. example:
http://ccgi.abcd123.force9.net/feedback.php
Save these changes,
and upload the file to your Webspace.
Delete the 'feedback.php'
I advise ..
you alter your 'feedback.php' script as follows -
This should add extra EMail Validation and alittle bit of Error Handeling and other stuff.
Please, find the line where I have blanked out and replace the original email address in the php file.
*
$to = "x@x.x";
*
Once you have this saved, you're ready upload.
If you use your FTP client to connect to:
ccgi.force9.net
Login with your Force9 Account Login
Upload the 'feedback.php' file to the folder you see initially.
(This is what we call our "root" or our "home" folder)
Once uploaded, That's the first stage done
Now, Linux / *NIX has file Permissions, what this means is,
our script will only work, if, we give the Permissiosn to,
read & run it (or execute it).
If you right click on the 'feedback.php' file in the FTP Browser,
you should have the Option of "Properties" or maybe
"File Permissions".
In there, you may see a series of 9/12 Check Boxes and/or
a longer text box underneath with:
0644
if you change the value
'0644' to '0755'
then click "Apply" / "OK".
That gives permissions for your username to execute the
'Server Side Script' (The PHP File in this case)
And, all should work
If I have missed anything out or gone too fast,
just ask again and I'll try and break that down.
Jim,
right, I am going to try and break this down as simpley as possible for you
From what I discover, you're on Force9?
if not, everything I quote with a Force9 Hostname,
can be inter-changed for PlusNet.
(eg: ccgi.plus.net / ccgi.force9.net ..)
from what I found, as Chris has also pointed out, ..
you have the 'feedback.php' file in the wrong place
It was trying to Send Data to the Server, which it couldn't do anything with.
I have also edited the PHP Script as it was basically wide open with Raw EMail Addresses and the works...
I found this was entirely readable from the WWW Server,
this file needs to be placed in the CCGI Server.
Looking at your form and code, you may want to add extended EMail Address Checking as well as string length limitations
Firstly you will need to edit the 'contact-us.html' file for any of this to get off the ground initially ...
'contact-us.html'
<form method="POST" action="http://ccgi.~.force9.net/feedback.php">
<input type="text" name="name" size="30"><br>
<br>
<input type="text" name="email" size="30"><br>
<br>
<textarea rows="9" name="message" cols="30"></textarea>
<br>
<br>
<input type="submit" value="Submit" name="submit">
</form>
At Line 17 and onwards..
The Charater Limits on the Mail Address and Name is not very good, none of my own Mail Addresses would fit those fields. 30 is a good value to use I would have said.
Replace ~ with your Force9 Account Name. example:
http://ccgi.abcd123.force9.net/feedback.php
Save these changes,
and upload the file to your Webspace.
Delete the 'feedback.php'
I advise ..
you alter your 'feedback.php' script as follows -
<?php
//CSV InString Search
function instring($String,$Search){
$Search = explode(',',$Search);
$true = 0;
for($j=0;$j<count($Search);$j++){
if($Search[$j] != ""){
for($i=0;$i<(strlen($String)-strlen($Search[$j])+1);$i++){
if(substr($String,$i,strlen($Search[$j])) == $Search[$j]){
$true = 1;
}
}
}
}
return $true;
}
// Display Page Function for Error Handeling & Sucessfull useage...
function display($StrError,$Form){
$HTML .= '
<HTML>
<HEAD>
<TITLE>Gary Crotaz and Ming Yuan | Contact Us</TITLE>
<LINK REL=StyleSheet HREF="http://www.garyandming.com/garyandming.css" TYPE="text/css" MEDIA=screen>
</HEAD>
<BODY>
<DIV CLASS="imagefloat">
</DIV>
<DIV CLASS="bodytext">
<BR>
<H1>Gary Crotaz and Ming Yuan | Contact Us</H1>
<H2>';
if($Form == 1){
$HTML .= '
<p>Please fill in the following form to contact Gary and Ming</p>
<p><B><FONT COLOR = "#FF0000">Error - '. $StrError. '</FONT></B></p>
<p>
<form method="POST" action="feedback.php">
<input type="text" name="name" size="25" value="'. $email_field. '"><br>
<br>
<input type="text" name="email" size="25" value="'. $name_field. '"><br>
<br>
<textarea rows="9" name="message" cols="30">'. $message. '</textarea>
<br>
<br>
<input type="submit" value="Submit" name="submit">
</form>
</p>';
}else{
$HTML .= '
<p>'. $StrError. '<p>';
}
$HTML .= '</H2>
<DIV CLASS="buttons">
<A HREF="http://www.garyandming.com/"><IMG SRC="http://www.garyandming.com/home.jpg" ALT="Gary Crotaz and Ming Yuan"></A>
</DIV>
</DIV>
</BODY>
</HTML>';
return $HTML;
}
// Your HTML FORM code has a value set which can partially help against
// anyone trying to flood the page with requests
if(isset($_POST['submit']) && $_POST['submit'] == "Submit"){
$to = "x@x.x";
$subject = "garyandming.com contact form";
$name_field = $_POST['name'];
$email_field = rawurldecode($_POST['email']);
$message = rawurldecode($_POST['message']);
//Replaces Enter Spaces(New Lines) with HTML New Line Tags and a trailing CR & LF
$message = str_replace(chr(13). chr(10),'<BR>'. chr(13). chr(10),$message);
$message = str_replace('"','\"'. chr(13). chr(10),$message);
//Validate EMail Address has an @ and . character after the @ character (Extra layer of security)
$Exp = explode('@',$email_field);
if(instring($email_field,'.') == 1 && instring($Exp[1],'.') == 1 && strlen($email_field) > 30){
// Only allow A to Z Characters, reguardless of Case (UPPER or lower)
if(instring(strtolower($name_field),'a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z') == 1 && strlen($name_field) > 30){
//Added HTML Mail Formatting
$body = "From: $name_field<BR>". chr(13). chr(10).
"E-Mail: $email_field<BR>". chr(13). chr(10).
"Message:<BR>". chr(13). chr(10). $message. chr(13). chr(10);
if(mail($to, $subject, $body)){
echo display("Your message has been submitted to GaryandMing!",0);
}else{
echo display("Unable to send message to GaryandMing at this time, Please try again later!",1);
}
}else{
if(strlen($name_field) > 30){
echo display("name field is too long",1);
}else{
echo display("invalid characters in name field",1);
}
}
}else{
if(strlen($email_field) > 30){
echo display("Email address is too long",1);
}else{
echo display("invalid Email address",1);
}
}
}else{
echo display("interal error, request incomplete",0);
}
?>
This should add extra EMail Validation and alittle bit of Error Handeling and other stuff.
Please, find the line where I have blanked out and replace the original email address in the php file.
*
$to = "x@x.x";
*
Once you have this saved, you're ready upload.
If you use your FTP client to connect to:
ccgi.force9.net
Login with your Force9 Account Login
Upload the 'feedback.php' file to the folder you see initially.
(This is what we call our "root" or our "home" folder)
Once uploaded, That's the first stage done
Now, Linux / *NIX has file Permissions, what this means is,
our script will only work, if, we give the Permissiosn to,
read & run it (or execute it).
If you right click on the 'feedback.php' file in the FTP Browser,
you should have the Option of "Properties" or maybe
"File Permissions".
In there, you may see a series of 9/12 Check Boxes and/or
a longer text box underneath with:
0644
if you change the value
'0644' to '0755'
then click "Apply" / "OK".
That gives permissions for your username to execute the
'Server Side Script' (The PHP File in this case)
And, all should work
If I have missed anything out or gone too fast,
just ask again and I'll try and break that down.
Jim,
Sorry i've been really busy with School and Guitar Practice this week again.
I've been trying to sort it out ...
found I've made numerous errors as usual 😕
here is the updated code (Should work now)
Hope all goes well!
Jim,
I've been trying to sort it out ...
found I've made numerous errors as usual 😕
here is the updated code (Should work now)
<?php
//CSV InString Search
function instring($String,$Search){
$Search = explode(',',$Search);
$true = 0;
for($j=0;$j<count($Search);$j++){
if($Search[$j] != ""){
for($i=0;$i<(strlen($String)-strlen($Search[$j])+1);$i++){
if(substr($String,$i,strlen($Search[$j])) == $Search[$j]){
$true = 1;
}
}
}
}
return $true;
}
// Display Page Function for Error Handeling & Sucessfull useage...
function display($StrError,$Form){
$HTML .= '
<HTML>
<HEAD>
<TITLE>Gary Crotaz and Ming Yuan | Contact Us</TITLE>
<LINK REL=StyleSheet HREF="http://www.garyandming.com/garyandming.css" TYPE="text/css" MEDIA=screen>
</HEAD>
<BODY>
<DIV CLASS="imagefloat">
</DIV>
<DIV CLASS="bodytext">
<BR>
<H1>Gary Crotaz and Ming Yuan | Contact Us</H1>
<H2>';
if($Form == 1){
$HTML .= '
<p>Please fill in the following form to contact Gary and Ming</p>
<p><B><FONT COLOR = "#FF0000">Error - '. $StrError. '</FONT></B></p>
<p>
<form action="feedback.php" method="POST">
<B>Name</B> <input type="text" name="name" size="25" value="'. $name_field. '"><br>
<br>
<B>EMail</B> <input type="text" name="email" size="25" value="'. $email_field. '"><br>
<br>
<textarea rows="9" name="message" cols="30">'. $message. '</textarea>
<br>
<br>
<input type="submit" value="Submit" name="submit">
</form>
</p>';
}else{
$HTML .= '
<p>'. $StrError. '<p>';
}
$HTML .= '</H2>
<DIV CLASS="buttons">
<A HREF="http://www.garyandming.com/"><IMG SRC="http://www.garyandming.com/home.jpg" ALT="Gary Crotaz and Ming Yuan"></A>
</DIV>
</DIV>
</BODY>
</HTML>';
return $HTML;
}
// Your HTML FORM code has a value set which can partially help against
// anyone trying to flood the page with requests
if($_POST['submit'] == "Submit"){
$to = "x@x.x";
$subject = "garyandming.com Contact Form";
$name_field = $_POST['name'];
$email_field = rawurldecode($_POST['email']);
$message = rawurldecode($_POST['message']);
//Replaces Enter Spaces(New Lines) with HTML New Line Tags and a trailing CR & LF
//Replaces " with double '' incase of breaking the string and injecting code
$message = str_replace(chr(13). chr(10),'<BR>'. chr(13). chr(10),$message);
$message = str_replace('"','\"'. chr(13). chr(10),$message);
//Validate EMail Address has an @ and . character after the @ character (Extra layer of security)
$Exp = explode('@',$email_field);
if(instring($Exp[1],'.') == 1 && strlen($email_field) < 30){
// Only allow A to Z Characters, reguardless of Case (UPPER or lower)
if(instring(strtolower($name_field),'a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z') == 1 && strlen($name_field) < 30){
//Added HTML Mail Formatting
$body = "From: $name_field<BR>". chr(13). chr(10).
"E-Mail: $email_field<BR>". chr(13). chr(10).
"Message:<BR>". chr(13). chr(10). $message. chr(13). chr(10);
if(mail($to, $subject, $body)){
echo display("Your message has been submitted to GaryandMing!",0);
}else{
echo display("Unable to send message to GaryandMing at this time,<BR> Please try again later!",1);
}
}else{
if(strlen($name_field) < 30){
echo display("name field is too long",1);
}else{
echo display("invalid characters in name field",1);
}
}
}else{
if(strlen($email_field) < 30){
echo display("Email address is too long",1);
}else{
echo display("invalid Email address",1);
}
}
}else{
echo display("interal error, request incomplete",0);
}
?>
Hope all goes well!
Jim,
Hm, still getting the 404 message when I press the submit button. It doesn't seem to be able to find the file at http://ccgi.[username].force9.net/feedback.php 
Brilliant! 
Many thanks for your help with this - much appreciated.
Many thanks for your help with this - much appreciated.
Glad its working
anymore problems just gime me a shout
hopefully when my site works anyone will be able to ask there
Jim,
Sorry I hadn't notice this reply.
I'm not sure euh, could possibly be the error checking,
but, it may well be the Mail() command, may take time to parse the data.
I haven't yet experimented with the Mail() command on my website yet,
but I will once I get it sorted and allow Users to Register. I may then have an answer but it will be a long time yet.
Hope this helps to some degree.
Jim,
I'm not sure
euh, could possibly be the error checking, but, it may well be the Mail() command, may take time to parse the data.
I haven't yet experimented with the Mail() command on my website yet,
but I will once I get it sorted and allow Users to Register. I may then have an answer but it will be a long time yet.
Hope this helps to some degree.
Jim,