Re: Forms- Comments Field
For security, I might add strip_tags, like this:
PHP Code:
$comments = zen_db_prepare_input(strip_tags($_POST['comments']));
... but otherwise, I can't see anything wrong with what you've posted.
How about posting the rest of the code, say 5-10 lines above and below this one:
PHP Code:
//assemble the email contents:
'commments:' . "\t" . $commments . "\n" ;
Re: Forms- Comments Field
Doc,
here is what I have down, around 10 below and above the line you asked for. Oh, and just wondering, would there be another code that I can use to replace this certain textfield code? Like input type="textarea" or such.
Code:
customers_lastname, customers_password, customers_email_address,
customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_id = '" .
$customer_id . "'");
$customer_email= $check_customer->fields['customers_email_address'];
$customer_name= $check_customer->fields['customers_firstname'] . ' ' .
$check_customer->fields['customers_lastname'];
} else {
$customer_email='Not logged in';
$customer_name='Not logged in';
}
//assemble the email contents:
$email_message_contents =
'Email Address:' . "\t" . $contact1_email . "\n" .
'First Name:' . "\t" . $contact1_firstname . "\n" .
'Last Name:' . "\t" . $contact1_lastname . "\n" .
'Mailing Address1:' . "\t" . $mailing_address1 . "\n" .
'Mailing Address2:' . "\t" . $mailing_address2 . "\n" .
'City:' . "\t" . $mailing_city . "\n" .
'State:' . "\t" . $mailing_state . "\n" .
'Zip Code:' . "\t" . $mailing_zipcode . "\n" .
'Pet Name 1:' . "\t" . $pet_name1 . "\n" .
'Pet Birthday 1:' . "\t" . $pet_birthday1 . "\n" ;
'Pet Description 1:' . "\t" . $pet_description1 . "\n" ;
'commments:' . "\t" . $commments . "\n" ;
//send the email
zen_mail(STORE_NAME, SEND_TO_ADDRESS, EMAIL_SUBJECT,
OFFICE_FROM . "\t" . $name . "\n" .
OFFICE_EMAIL . "\t" . $email_address . "\n\n" .
'------------------------------------------------------' . "\n\n" .
$email_message_contents ."\n\n" .
'------------------------------------------------------' . "\n\n" .
OFFICE_USE . "\t" . "\n" .
OFFICE_LOGGIN_NAME . "\t" . $customer_name . "\n" .
OFFICE_LOGGIN_EMAIL . "\t" . $customer_email . "\n" .
OFFICE_IP_ADDRESS . "\t" . $_SERVER['REMOTE_ADDR'] . "\n" .
OFFICE_HOST_ADDRESS . "\t" . gethostbyaddr($_SERVER['REMOTE_ADDR']) . "\n" .
Re: Forms- Comments Field
PHP Code:
//assemble the email contents:
$email_message_contents =
..<snip - removed for brevity>..
'Zip Code:' . "\t" . $mailing_zipcode . "\n" .
'Pet Name 1:' . "\t" . $pet_name1 . "\n" .
'Pet Birthday 1:' . "\t" . $pet_birthday1 . "\n" ;
'Pet Description 1:' . "\t" . $pet_description1 . "\n" ;
'commments:' . "\t" . $commments . "\n" ;
If you notice, the last 3 lines of this all end with a semi-colon... which closes the statement. You need to change those to periods (the first 2 of them) unless it's the last line of things to group together. If you notice, you likely aren't getting "Pet Description" content in your test emails either.
Something like this would work better:
PHP Code:
//assemble the email contents:
$email_message_contents =
..<snip - removed for brevity>..
'Zip Code:' . "\t" . $mailing_zipcode . "\n" .
'Pet Name 1:' . "\t" . $pet_name1 . "\n" .
'Pet Birthday 1:' . "\t" . $pet_birthday1 . "\n" .
'Pet Description 1:' . "\t" . $pet_description1 . "\n" .
'commments:' . "\t" . $commments . "\n" ;
Re: Forms- Comments Field
Yay! :D That worked perfectly. I've been so frustrated trying to figure it out myself (even thinking it was the way I named the tags), and I can't believe it was just a matter of taking off the colons.
Another question though, what does the strip tag do? Specifically, how does it help in security?
$comments = zen_db_prepare_input(strip_tags($_POST['comments']));
Re: Forms- Comments Field
strip_tags() is a function that removes any HTML tags that someone might enter in their message. This means they cannot embed any nasty stuff that could cause your server to go off and do unexpected things.