php-general Digest 4 Dec 2005 12:10:58 -0000 Issue 3831
Topics (messages 226821 through 226831):
Re: Security/$_REQUEST vars... How do you do it?
226821 by: comex
226822 by: Michael Hulse
226824 by: comex
Writing a mailing list program with php/mysql.
226823 by: Eternity Records Webmaster
226830 by: Mark Steudel
How would you write this?
226825 by: Michael B Allen
226826 by: Eternity Records Webmaster
226829 by: Stephen Leaf
XSLT Processing w/ Embedded PHP Strips Trailing '?'
226827 by: Michael B Allen
Re: Mail SMTP settings
226828 by: Dan
Wanted: php-volunteer
226831 by: Rincewind
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
> if((isset($_REQUEST['sub'])) && (!empty($_REQUEST['sub']))) {
empty is a language construct, not a function, so that is not
necessary. You can just do !empty(...).
> $error = false;
> return $error;
In your security_check function, you set $error to false in the
beginning for no reason; in fact, you don't need to use it all. You
could return false or return true, or simply
return !empty($x);
However, that doesn't actually work because when you call the
function, it assumes that $_REQUEST[whatever] is defined and could
cause a notice if it isn't; and $x will always be defined, even if set
to null.
Since your variables are coming from REQUEST anyway, you could write
it like this:
function security_check($x) {
return !empty($_REQUEST[$x]);
}
Then, if(!security_check('sub')) { ... }
Of course, there are people who can be more helpful and will probably
tell you to do more than just check if the variable exists.
--- End Message ---
--- Begin Message ---
Hi Comex, thanks for the quick response, I really appreciate it. :)
On Dec 3, 2005, at 3:29 PM, comex wrote:
empty is a language construct, not a function, so that is not
necessary. You can just do !empty(...).
Oh, do you mean that I should do this instead:
if((isset($_REQUEST['sub'])) && !empty($_REQUEST['sub'])) {
You could return false or return true, or simply return !empty($x);
Ahhh, great point!
However, that doesn't actually work ... and could cause a notice if it
isn't; and $x will always be defined, even if set to null.
Yes, I actually just realized this via testing/experimenting... :(
Since your variables are coming from REQUEST anyway, you could write
it like this:
function security_check($x) {
return !empty($_REQUEST[$x]);
}
Then, if(!security_check('sub')) { ... }
Ah, great idea, thanks! You have been very helpful, thanks. :D
--- End Message ---
--- Begin Message ---
> Oh, do you mean that I should do this instead:
No, I meant that you don't have to include the isset at all. From the manual:
empty() is the opposite of (boolean) var, except that no warning is
generated when the variable is not set.
--- End Message ---
--- Begin Message ---
Hi.
I've written a mailing list form for a website. It currently works by having
the subscriber check up to 3 checkboxes depending on the mailing list they
want to sign up for (prayer, newsletter and announce). They then type their
email address into the "email address" field and click the subscribe button.
After they do that, the php script will check the form for validity and
return error if not filled out the right way or it will send an email to me
if it "worked" (in the sence that the form was filled out by the user the
right way). What I need to know is: given the code below, are there any
examples of php/mysql driven mailing list scripts that I can use as a
tutorial on helping me to convert mine to a mysql database driven program?
Any ideas/recommendations would be apreciated. Thanks for all the help.
The code below if copied and pasted into their own seperate files should
work on any apache/php 5.0.5/mysql 3.xx server.
mailing_list.html:
this file was included in the home page of the website with include().
[code]
<form action="script/mailinglist.php" method="post">
<table border="1" cellspacing="0" cellpadding="2" style="border-color:
#600;">
<tr><th style="background-color: #600; color:#fff; text-align: center;
padding: 0 10px;">Sign up for the mailing lists!</th></tr>
<tr><td>
<input type="checkbox" name="prayer">E Prayer <input type="checkbox"
name="news">E News <input type="checkbox" name="announce">E Announce
</td></tr>
<tr><td style="background-color: #fff; text-align: center; padding: 0
10px;">
<p style="margin-bottom: 0;">
Your email address: <input type="text" name="email"><br>
<input class="button" type="submit" value="Sign up now!" /><br />
</p>
<a href="comunity.php">Go to the Online Comunity page to find out
more!</a><br>
</td></tr>
</table>
</form>
[end of mailing_list.html code]
list_functions.php: the user defined functions created to use in
mailinglist.php.
[code]
<?php
//checkemail checks an email address to see if its valid
//true if valid and false otherwise
function checkemail($email){
if (eregi('[EMAIL PROTECTED]([a-zA-Z]{2,3})$', $email)) {
return $email; }
else {return false;}}
//checklist checks that at least 1 mailing list exists
//returns a string containing mailing lists signed up for or null if none
checked
function checklist($list1, $list2, $list3){
if($list1=="on"){$final="Prayer\n";}
else {$final="";}
if($list2=="on") {$final.="News\n";}
else {$final.="";}
if($list3=="on") {$final.="announce\n";}
else {$final.="";}
return $final; }
?>
[end of list_functions.php code]
mailinglist.php: the actual mailing list script code. called by
mailing_list.html above.
[code]
<?php
//mailing list script
//turn error reporting off
//error_reporting('E_ALL');
include_once("list_functions.php");
//check to see what lists are being signed up for
//if no lists are checked an error shows
$list=checklist($_POST['prayer'], $_POST['news'], $_POST['announce']);
//now check the email address
$mail=checkemail($_POST['email']);
//check to see if both email and list are filled in the right way
//if not give an error
if
((!$mail && !$list)||
(!$mail || !$list)){?>
<script language="javascript">
alert('Please select at least 1 mailing list to sign up for and make sure
you have entered a valid email address');
history.back();
</script>
<?php }
//send the user a message and send the email
else { ?>
<script language="javascript">
window.location='../success.php';
</script>
<?php
//now send the email
//this is the email message that will be sent
$message=$mail." would like to be signed up for the ".$list." mailing
lists\r\n";
//send the email now
mail("[EMAIL PROTECTED]", "mailing list request", $message,
"From: <mailing list form>[EMAIL PROTECTED]");
?>
<script language="javascript">
history.back();
</script>
<?php } ?>
[end of mailinglist.php code]
Sorry for the extensive content of this message but I wanted to cover
everything I could from the beginning.
--- End Message ---
--- Begin Message ---
Hi there,
There are TONS of tutorials out there on how to store this information into
a database instead of just mailing it to your self, just google php and
mysql ...
First you'll
need to create your database using some sort of mysql console (command
line, web based like phpMyAdmin, desktop application like navicat or
mysql administrator)
Your database looks like it only needs a few fields
id
Email
prayer
newsletter
announce
// pulled from php.net
// connecto to your database
$link = mysql_connect('mysql_host', 'mysql_user', 'mysql_password')
or die('Could not connect: ' . mysql_error());
mysql_select_db('my_database') or die('Could not select database');
==== replace this code =====
> //this is the email message that will be sent
> $message=$mail." would like to be signed up for the ".$list." mailing
> lists\r\n";
> //send the email now
> mail("[EMAIL PROTECTED]", "mailing list request", $message,
> "From: <mailing list form>[EMAIL PROTECTED]");
====== End replace code========
// validate your forms input, could be a function instead
if ( $_POST['prayer'] == 'on' ) $prayer = 'yes' else $prayer = 'no';
if ( $_POST['news'] == 'on' ) $news = 'yes' else $news = 'no';
if ( $_POST['announce'] == 'on' ) $announce = 'yes' else $announce= 'no';
// next I'll contruct a query to insert it into my database
$query = "INSERT INTO newslettertable( id, email, prayer, newsletter,
announce) VALUES ( '', '".$mail."', '".$prayer."', '". $news."',
'".$announce."' );
// now I'll actually run the query, if there is an error it will spit the
error out to the screen
$result = mysql_query($query) or die('Query failed: ' . mysql_error());
// How to get the databack out from
$query = "SELECT * FROM newslettertable WHERE prayer = 'yes'";
$result = mysql_query($query) or die('Query failed: ' . mysql_error());
// Now we'll loop through the data
while ( $objData = mysql_fetch_object( $result ) )
{
mail( $objData->email, 'Prayer Newsletter', 'Prayer newsletter body'
);
}
Hopefully that gives you a rough idea how little more you need to do to hook
it up to a database.
Mark
-----Original Message-----
From: "Eternity Records Webmaster" <[EMAIL PROTECTED]>
To: <[email protected]>
Date: Sat, 3 Dec 2005 19:24:18 -0500
Subject: [PHP] Writing a mailing list program with php/mysql.
> Hi.
>
> I've written a mailing list form for a website. It currently works by
> having
> the subscriber check up to 3 checkboxes depending on the mailing list
> they
> want to sign up for (prayer, newsletter and announce). They then type
> their
> email address into the "email address" field and click the subscribe
> button.
> After they do that, the php script will check the form for validity and
> return error if not filled out the right way or it will send an email
> to me
> if it "worked" (in the sence that the form was filled out by the user
> the
> right way). What I need to know is: given the code below, are there any
> examples of php/mysql driven mailing list scripts that I can use as a
> tutorial on helping me to convert mine to a mysql database driven
> program?
> Any ideas/recommendations would be apreciated. Thanks for all the help.
>
> The code below if copied and pasted into their own seperate files
> should
> work on any apache/php 5.0.5/mysql 3.xx server.
>
> mailing_list.html:
> this file was included in the home page of the website with include().
> [code]
> <form action="script/mailinglist.php" method="post">
> <table border="1" cellspacing="0" cellpadding="2" style="border-color:
> #600;">
> <tr><th style="background-color: #600; color:#fff; text-align: center;
> padding: 0 10px;">Sign up for the mailing lists!</th></tr>
> <tr><td>
> <input type="checkbox" name="prayer">E Prayer <input type="checkbox"
> name="news">E News <input type="checkbox" name="announce">E Announce
> </td></tr>
> <tr><td style="background-color: #fff; text-align: center; padding: 0
> 10px;">
> <p style="margin-bottom: 0;">
> Your email address: <input type="text" name="email"><br>
> <input class="button" type="submit" value="Sign up now!" /><br />
> </p>
> <a href="comunity.php">Go to the Online Comunity page to find out
> more!</a><br>
> </td></tr>
> </table>
> </form>
> [end of mailing_list.html code]
>
> list_functions.php: the user defined functions created to use in
> mailinglist.php.
> [code]
> <?php
> //checkemail checks an email address to see if its valid
> //true if valid and false otherwise
> function checkemail($email){
> if (eregi('[EMAIL PROTECTED]([a-zA-Z]{2,3})$',
> $email)) {
> return $email; }
> else {return false;}}
>
> //checklist checks that at least 1 mailing list exists
> //returns a string containing mailing lists signed up for or null if
> none
> checked
> function checklist($list1, $list2, $list3){
> if($list1=="on"){$final="Prayer\n";}
> else {$final="";}
> if($list2=="on") {$final.="News\n";}
> else {$final.="";}
> if($list3=="on") {$final.="announce\n";}
> else {$final.="";}
> return $final; }
>
> ?>
> [end of list_functions.php code]
>
> mailinglist.php: the actual mailing list script code. called by
> mailing_list.html above.
>
> [code]
> <?php
> //mailing list script
> //turn error reporting off
> //error_reporting('E_ALL');
> include_once("list_functions.php");
>
> //check to see what lists are being signed up for
> //if no lists are checked an error shows
> $list=checklist($_POST['prayer'], $_POST['news'], $_POST['announce']);
>
> //now check the email address
> $mail=checkemail($_POST['email']);
>
> //check to see if both email and list are filled in the right way
> //if not give an error
> if
> ((!$mail && !$list)||
> (!$mail || !$list)){?>
> <script language="javascript">
> alert('Please select at least 1 mailing list to sign up for and make
> sure
> you have entered a valid email address');
> history.back();
> </script>
> <?php }
> //send the user a message and send the email
> else { ?>
> <script language="javascript">
> window.location='../success.php';
> </script>
> <?php
> //now send the email
>
> //this is the email message that will be sent
> $message=$mail." would like to be signed up for the ".$list." mailing
> lists\r\n";
> //send the email now
> mail("[EMAIL PROTECTED]", "mailing list request", $message,
> "From: <mailing list form>[EMAIL PROTECTED]");
> ?>
> <script language="javascript">
> history.back();
> </script>
> <?php } ?>
> [end of mailinglist.php code]
>
> Sorry for the extensive content of this message but I wanted to cover
> everything I could from the beginning.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
The following code works but I'm a little new to PHP and I'd like to
know if there are better ways to achive the same thing.
In the below form example, if the user supplies one or more fields but
not all that are required, the form is redisplayed but fields that were
supplied are prepopulated and the ones that are required but are missing
are highlighted in red.
Can anyone recommend a better technique or elighten me about features of
the language that I've missed?
Mike
<html>
<body>
<?php
$set = 0;
$username = "";
$password = "";
if (isset($_POST['username'])) {
$username = trim($_POST['username']);
if (strlen($username) > 0) {
$set |= 0x01;
}
}
if (isset($_POST['password'])) {
$password = trim($_POST['password']);
if (strlen($password) > 0) {
$set |= 0x02;
}
}
if (($set & 0x03) == 0x03) {
echo "Logging in with: " . $username . ':' . $password;
} else {
?>
<form action="login.php" method="post">
<table>
<tr><td colspan="2">Login:</td></tr>
<tr><td>Username:</td>
<?php
if ($set != 0 && ($set & 0x01) == 0) {
echo "<td bgcolor=\"#ff0000\">";
} else {
echo "<td>";
}
echo "<input type=\"username\" name=\"username\" value=\"" . $username .
"\"/>";
?>
</td></tr>
<tr><td>Password:</td>
<?php
if ($set != 0 && ($set & 0x02) == 0) {
echo "<td bgcolor=\"#ff0000\">";
} else {
echo "<td>";
}
?>
<input type="password" name="password"/>
</td></tr>
<tr><td colspan="2"><input type="submit" value="Login"/></td></tr>
</table>
</form>
<?php
}
?>
<p/><a href="login.php">click me</a>
</body>
</html>
--- End Message ---
--- Begin Message ---
Hi...
the easiest way I have found to do exactly what your looking for is to use a
pear package called html_quickform. I found it easy to use and it saves me
hours and hours of work too. If your interested go to
www.pear.php.net/html_quickform and have a look.
-----Original Message-----
From: Michael B Allen [mailto:[EMAIL PROTECTED]
Sent: Saturday, December 03, 2005 10:00 PM
To: [email protected]
Subject: [PHP] How would you write this?
The following code works but I'm a little new to PHP and I'd like to
know if there are better ways to achive the same thing.
In the below form example, if the user supplies one or more fields but
not all that are required, the form is redisplayed but fields that were
supplied are prepopulated and the ones that are required but are missing
are highlighted in red.
Can anyone recommend a better technique or elighten me about features of
the language that I've missed?
Mike
<html>
<body>
<?php
$set = 0;
$username = "";
$password = "";
if (isset($_POST['username'])) {
$username = trim($_POST['username']);
if (strlen($username) > 0) {
$set |= 0x01;
}
}
if (isset($_POST['password'])) {
$password = trim($_POST['password']);
if (strlen($password) > 0) {
$set |= 0x02;
}
}
if (($set & 0x03) == 0x03) {
echo "Logging in with: " . $username . ':' . $password;
} else {
?>
<form action="login.php" method="post">
<table>
<tr><td colspan="2">Login:</td></tr>
<tr><td>Username:</td>
<?php
if ($set != 0 && ($set & 0x01) == 0) {
echo "<td bgcolor=\"#ff0000\">";
} else {
echo "<td>";
}
echo "<input type=\"username\" name=\"username\" value=\"" . $username .
"\"/>";
?>
</td></tr>
<tr><td>Password:</td>
<?php
if ($set != 0 && ($set & 0x02) == 0) {
echo "<td bgcolor=\"#ff0000\">";
} else {
echo "<td>";
}
?>
<input type="password" name="password"/>
</td></tr>
<tr><td colspan="2"><input type="submit" value="Login"/></td></tr>
</table>
</form>
<?php
}
?>
<p/><a href="login.php">click me</a>
</body>
</html>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
I personally would use javascript to evaluate the form and highlight the
fields onsubmit.
However as a backup I'd do the evaluating in php and add an error label under
the field.
echo "<td";
if ($noPass) echo " color='red'";
echo ">Password</td>";
if ($noPass) echo "<td color='red'>You must supply a password</td>";
Something along those lines.
On Saturday 03 December 2005 21:00, Michael B Allen wrote:
> The following code works but I'm a little new to PHP and I'd like to
> know if there are better ways to achive the same thing.
>
> In the below form example, if the user supplies one or more fields but
> not all that are required, the form is redisplayed but fields that were
> supplied are prepopulated and the ones that are required but are missing
> are highlighted in red.
>
> Can anyone recommend a better technique or elighten me about features of
> the language that I've missed?
>
> Mike
>
> <html>
> <body>
>
> <?php
> $set = 0;
> $username = "";
> $password = "";
>
> if (isset($_POST['username'])) {
> $username = trim($_POST['username']);
> if (strlen($username) > 0) {
> $set |= 0x01;
> }
> }
> if (isset($_POST['password'])) {
> $password = trim($_POST['password']);
> if (strlen($password) > 0) {
> $set |= 0x02;
> }
> }
> if (($set & 0x03) == 0x03) {
> echo "Logging in with: " . $username . ':' . $password;
> } else {
> ?>
>
> <form action="login.php" method="post">
> <table>
> <tr><td colspan="2">Login:</td></tr>
> <tr><td>Username:</td>
>
> <?php
> if ($set != 0 && ($set & 0x01) == 0) {
> echo "<td bgcolor=\"#ff0000\">";
> } else {
> echo "<td>";
> }
> echo "<input type=\"username\" name=\"username\" value=\"" . $username
> . "\"/>"; ?>
>
> </td></tr>
> <tr><td>Password:</td>
>
> <?php
> if ($set != 0 && ($set & 0x02) == 0) {
> echo "<td bgcolor=\"#ff0000\">";
> } else {
> echo "<td>";
> }
> ?>
>
> <input type="password" name="password"/>
> </td></tr>
> <tr><td colspan="2"><input type="submit" value="Login"/></td></tr>
> </table>
> </form>
>
> <?php
> }
> ?>
>
> <p/><a href="login.php">click me</a>
>
> </body>
> </html>
--- End Message ---
--- Begin Message ---
If I run an xslt processor on some xml w/ PHP in it, the closing '?' gets
removed:
<tr>
<td>Username:</td>
<?php if ($set != 0 && ($set & 0x01) == 0) {
echo "<td bgcolor=\"#ff0000\">";
} else {
echo "<td>";
}
echo "</td><input type=\"username\" name=\"username\" value=\"" . $username
. "\"/>";
>
Would anyone happen to know why this is happening?
I'm using xmlproc from libxslt-1.1.11.
Thanks,
Mike
original XML input:
<tr><td>Username:</td>
<?php
if ($set != 0 && ($set & 0x01) == 0) {
echo "<td bgcolor=\"#ff0000\">";
} else {
echo "<td>";
}
echo "</td><input type=\"username\" name=\"username\" value=\"" .
$username . "\"/>";
?>
--- End Message ---
--- Begin Message ---
Yes that does work but the return path and my mail headers still show
the main domain. My point is that PHP should be acessing my SMTP
server specified but it is using the default local host instead.
Dan T
On Dec 3, 2005, at 11:06 AM, Curt Zirzow wrote:
On Sat, Dec 03, 2005 at 12:45:24AM -0700, Dan wrote:
I have a PHP 4.x install on an Apache server. I have a PHP
application and a call to the mail function. I have 2 static IP's on
the server and I have one web server and one instance of postfix for
each IP to basically separate the two sites. The only issue I have
right now is sending mail via PHP.
I have tried to set the SMTP server and reply address via a php_value
in my httpd.conf file and via the ini_set function for my site in
question. Regardless of these setting mail is sent from the www user
at my main site domain:
The ini setting is called 'sendmail_from'. or you can use the 5th
argument in the mail command.
Curt.
--
cat .signature: No such file or directory
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Hi there
For the further automation of our site, Cutting Edge (cuttingedge.be) is
looking for a php-volunteer to aid our php-master.
On Cutting Edge our voluntary crew of some 50 people explore popular culture
in every way possible. The site reaches up to 1500 unique visitors daily.
If you're interested to be an essential part of this project, please contact
me.
Kind regards.
Kevin Major
Hoofdredacteur CuttingEdge.be
Messcherp door cultuur en media
CuttingEdge.be is een initiatief van Cutting Edge vzw
--- End Message ---
