I have setup a little refferal box on my home.php Nothing exciting, and it’s still a work in progress. For now, the main thing for me is that it works. WooHoo…
Question: Is it possible to set it up that the script works with in the home.php and spits out the echo “Thank you for the refferal.” ; within the particular content box?
[code=php]<?php
$your_name = $_POST[‘your_name’] ;
$friend_email = $_POST[‘friend_email’] ;
echo “Thank you for the refferal.” ;
$email_subject = “Your friend $your_name thought you might like our website.” ;
$email_msg = “msg blah blah.” ;
mail($friend_email, $email_subject, $email_msg, ‘From: mysite’) ;
?>
[code=html]
<!– refer us –>
<div class=”leftNavTop”> refer us</div>
<div class=”leftNavCont”>
<p>Tell your friends about us:</p>
<form action=”php/refferal.php” method=”post” name=”refer_us”>
<label>your name:</label><input name=”your_name” type=”text” size=”20″ maxlength=”50″ />
<label>friends email:</label><input name=”friend_email” type=”text” size=”20″ maxlength=”50″ /><input name=”submit” type=”submit” /></form>
</div>
<div class=”leftNavBott”></div>
I think it has something to do with the form action???
[code=html]
<iframe src ="refer_form.php" width="200" height="300">
<p>Your browser does not support iframes.</p>
</iframe>
[/code]
An easy way for you to do it would be to put your form on a seperate page and load it in an iframe on home.php
[code=html]
<iframe src ="refer_form.php" width="200" height="300">
<p>Your browser does not support iframes.</p>
</iframe>
[/code]
by default links and form submissions will affect the same frame and give the effect I think you are looking for.
Another flashier method would be to use javascript to submit the form and then load a thank you message into the content box ...then you you could implement some fades and a "working" message to give a more professional appearance.[/QUOTE]
An easy way for you to do it would be to put your form on a seperate page and load it in an iframe on home.php
[code=html]
<iframe src ="refer_form.php" width="200" height="300">
<p>Your browser does not support iframes.</p>
</iframe>
[/code]
by default links and form submissions will affect the same frame and give the effect I think you are looking for.
Another flashier method would be to use javascript to submit the form and then load a thank you message into the content box ...then you you could implement some fades and a "working" message to give a more professional appearance.[/QUOTE]
[code=php]<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"[/code]
You could always submit a form to the same page and test if the forms submit is set and load the content box accordingly....if isset load thank you message, else load the form...
The difference in doing it that way is that when submitting the form, the entire page reloads and the visitor has to wait on all the pages components to reload / re-parse. but that may not be too big of an inconvenience if it is a simple page with no scrolling....using the iframe method the visitor never leaves their place or sees a change on the main page.
you could also do it using your include method, but the only reason for doing that would be if you were making a type of template to be included on many pages instead of the one, so that when a change is made to the form, it is reflected throughout the site.[/QUOTE]
[CODE]var fld = trim(valfield.value);
var name = /^[a-z_]([a-z_]|( [^ ]))+[a-z_]$/i; [COLOR="SeaGreen"]//allows letters and 1 space beetween[/COLOR][/CODE]
[CODE]
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$fname = clean($_POST['fname']);
$lname = clean($_POST['lname']);
$login = clean($_POST['username']);
$password = clean($_POST['password']);
$cpassword = clean($_POST['cpassword']);
[/CODE]
[code=php]
<div align="center">
<?php
if (isset($_POST['submit'])) {
//form variables
$your_name = $_POST['your_name'] ;
$friend_name = $_POST['friend_name'] ;
$friend_email = $_POST['friend_email'] ;
$output_form = false;
//first check the form for all the fields
//if YOUR NAME empty
if(empty($your_name)) {
echo '<span class="formErr">*Your Name - empty</span><br />';
$output_form = true;
}
//if FRIEND NAME empty
if(empty($friend_name)) {
echo '<span class="formErr">*Friends Name - empty</span><br />';
$output_form = true;
}
//if FRIEND EMAIL empty
if(empty($friend_email)) {
echo '<span class="formErr">*Friends Email - empty</span>';
$output_form = true;
}
//if none empty
if((!empty($your_name)) && (!empty($friend_name)) && (!empty($friend_email))){
$to = $friend_email ;
$subject = "$friend_name thought you might like us." ;
$msg = "Hi there $friend_name. n" ;
mail($to,$subject,$msg, 'From: xxxxxxxx');
echo "<p>Thank you for your refferal. An email with your name on it, has been sent to <strong>$friend_name</strong>, asking them to pay us a visit.</p>";
echo '<p><a href="xxxxxxx">Click here to refresh and send another refferal</a></p>';
}
}
else{
$output_form = true;
}
if($output_form) {
?>
<p>Tell your friends about us:</p>
<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post" name="refer_us">
<label>your full name:</label>
<input name="your_name" type="text" size="20" maxlength="50" value="<?php echo "$your_name" ; ?>" /><br />
<label>your friends name:</label>
<input name="friend_name" type="text" size="20" maxlength="50" value="<?php echo "$friend_name" ; ?>" /><br />
<label>your friends email:</label>
<input name="friend_email" type="text" size="20" maxlength="50" value="<?php echo "$friend_email" ; ?>" /><br /><br />
<input name="reset" type="reset" value="reset" />
<input name="submit" type="submit" value="submit" />
</form>
<p>* all email addresses are kept confidential & will not be used for anything else, other than this referral *</p>
<?php
}
?>
</div>
[/code]
[code=php]<br /> <b>Notice</b>: Undefined variable: friend_email in <b>X:domainsXxxxxxxxuserhtdocshome.php</b> on line <b>378</b><br />[/code]
I will be looking into security after its working the way i want it to.[/QUOTE]
This seems to be mantra of newbie PHP programmers. Seriously it is so much easier to build security in than try to tack it on afterwards. This advice always seems to be ignored by people wanting to just build something that superficially works however, hence all the crappy, insecure PHP programs out there.[/QUOTE]
[code=php]
<input name="your_name" type="text" size="20" maxlength="50" value="<?php if (isset($_POST['your_name'])) echo $_POST['your_name'] ?>" />
[/code]
[code=php]<?php
if (isset($_POST['submit'])) {
$from = '[email protected]';
$subject = $_POST['subject'];
$text = $_POST['elvismail'];
$output_form = false;
if (empty($subject) && empty($text)) {
// We know both $subject AND $text are blank
echo 'You forgot the email subject and body text.<br />';
$output_form = true;
}
if (empty($subject) && (!empty($text))) {
echo 'You forgot the email subject.<br />';
$output_form = true;
}
if ((!empty($subject)) && empty($text)) {
echo 'You forgot the email body text.<br />';
$output_form = true;
}
}
else {
$output_form = true;
}
if ((!empty($subject)) && (!empty($text))) {
$dbc = mysqli_connect('data.makemeelvis.com', 'elmer', 'theking', 'elvis_store')
or die('Error connecting to MySQL server.');
$query = "SELECT * FROM email_list";
$result = mysqli_query($dbc, $query)
or die('Error querying database.');
while ($row = mysqli_fetch_array($result)){
$to = $row['email'];
$first_name = $row['first_name'];
$last_name = $row['last_name'];
$msg = "Dear $first_name $last_name,n$text";
mail($to, $subject, $msg, 'From:' . $from);
echo 'Email sent to: ' . $to . '<br />';
}
mysqli_close($dbc);
}
if ($output_form) {
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<label for="subject">Subject of email:</label><br />
<input id="subject" name="subject" type="text" value="<?php echo $subject; ?>" size="30" /><br />
<label for="elvismail">Body of email:</label><br />
<textarea id="elvismail" name="elvismail" rows="8" cols="40"><?php echo $text; ?></textarea><br />
<input type="submit" name="submit" value="Submit" />
</form>
<?php
}
?>[/code]
[code=php]//form variables
$your_name = mysqli_real_escape_string( trim($_POST['your_name'])) ;
$friend_name = mysqli_real_escape_string( trim($_POST['friend_name'])) ;
$friend_email = mysqli_real_escape_string( trim($_POST['friend_email'])) ;[/code]
Hello??? echo echo echo... Anyone there?[/QUOTE]
0.1.9 — BETA 6.16