Follow us on Twitter X-Cart on Facebook Wiki
Shopping cart software Solutions for online shops and malls
X-Cart Home FAQ Forum rules Calendar User manuals Login  

How to include PHP code into static page

 
Reply
   X-Cart forums > X-Cart 4 > Dev Questions > Changing design
 
Thread Tools Search this Thread
  #1  
Old 10-13-2008, 11:18 AM
 
Oktane Design Oktane Design is offline
 

Member
   
Join Date: Apr 2008
Posts: 29
 
Default How to include PHP code into static page
Hello guys,

i would like to know how i could include a php code into a static page?

in my first page i have a form calling the php code
Code:
<form name="form" action="filename.php" method="post">
In the second file named filename.php i have this php code ;

Code:
<?php

$youremail="info@email.com"; 
$from_who= $_POST['email'];
$emailsubject= "E-mail Subject";
$email = $_POST['email'];
$name = $_POST['name'];
$town = $_POST['town'];
$province = $_POST['province'];

$mailbody.="E-mail:\n$email\n\n";
$mailbody.="Name:\n$name\n\n";
$mailbody.="Town:\n$town\n\n";
$mailbody.="Province:\n$province\n\n";

mail("$youremail", "$emailsubject", "$mailbody", "From: $from_who"); 

?>

Thanks a lot!
__________________
X-Cart version 4.2
Reply With Quote
  #2  
Old 10-13-2008, 11:26 AM
  Jon's Avatar 
Jon Jon is offline
 

X-Guru
   
Join Date: Oct 2002
Location: Vancouver, Canada
Posts: 4,200
 
Default Re: How to include PHP code into static page
You wouldn't want to include such code into your static page, you'd want your static page form to post to a different php file.

FYI, that code is amazingly unsecure and open to being used for spam.
Reply With Quote
  #3  
Old 10-13-2008, 12:13 PM
 
Oktane Design Oktane Design is offline
 

Member
   
Join Date: Apr 2008
Posts: 29
 
Default Re: How to include PHP code into static page
Thanks for the fast answer.

Do you have any idea how i could upgrade or change this code to make it more secure?

Thanks a lot!
__________________
X-Cart version 4.2
Reply With Quote
  #4  
Old 10-13-2008, 12:15 PM
 
exsecror exsecror is offline
 

X-Wizard
   
Join Date: Apr 2007
Posts: 1,284
 
Default Re: How to include PHP code into static page
As Jon has already stated, you actually need to have the static page send a POST request to the PHP file to send the e-mail. Also as already stated that code is horrifically insecure, always, sanitize user input because it cannot be trusted. This is better:

Note: This assumes you are using PHP5 and have the filter extension available. Also note that this code has not been tested.

Code:
<?php
$date = date('r');
$mailer = 'PHP ' . phpversion() . ' - ' . $_SERVER['SCRIPT_NAME'];

$headers = <<< EOT
From: info@email.com
Subject: Your subject
Date: $date
X-Mailer: $mailer
EOT;

$recipient = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);
$town = filter_input(INPUT_POST, 'town', FILTER_SANITIZE_STRING);
$province = filter_input(INPUT_POST, 'province', FILTER_SANITIZE_STRING);

$message = <<< EOT
Name: $name
Town: $town
Province: $province
EOT;

if ($recipient !== false || $name !== false || $town !== false || $province !== false) {
    mail($recipient, $subject, $message, $headers);
}
else {
    trigger_error('Fatal Error: Input data failed sanitizing!', E_USER_ERROR);
}
Reply With Quote
Reply
   X-Cart forums > X-Cart 4 > Dev Questions > Changing design

« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -8. The time now is 05:45 PM.

   
 
X-Cart forums © 2001-2020