form redirects to recaptcha form then to thank you page

8 posts by 3 authors in: Forums > CMS Builder
Last Post: March 17, 2010   (RSS)

By jarvis - March 12, 2010

Hi All,

Ok, so i've a form on our client site. They say that due to spam they wish to add a re-captcha field. Unfortunately, in doing this, it breaks the design.

What I would therefore like to do, is the user completes the form, clicks submit, then completes a recaptcha as a pop up before being redirected to a thank you page.

Am at a loss though, here's my code if someone can help!
<?php
require_once "/cmsAdmin/lib/viewer_functions.php";

// Get a key from http://recaptcha.net/api/getkey
require_once('recaptchalib_comments.php');
if (preg_match("//", $_SERVER['HTTP_HOST'])) {
$publickey = "";
$privatekey = "";
}
else if (preg_match("/.com/", $_SERVER['HTTP_HOST'])) {
$publickey = "";
$privatekey = "";
}

// process form
if (@$_REQUEST['submitForm']) {

// error checking
$errorsAndAlerts = "";
if (!@$_REQUEST['quick_enquiry_name']) { $errorsAndAlerts = "Please fill out all fields\n"; }
if (!@$_REQUEST['quick_enquiry_email']) { $errorsAndAlerts = "Please fill out all fields\n"; }
else if(!isValidEmail(@$_REQUEST['quick_enquiry_email'])) { $errorsAndAlerts = "That email address is not valid\n"; }
if (!@$_REQUEST['enquiry']) { $errorsAndAlerts = "Please fill out all fields\n"; }

if (!@$_REQUEST['recaptcha_response_field']) { $errorsAndAlerts .= "Please enter the two words displayed (this is to stop spam).<br/>"; }
if (@$_REQUEST['recaptcha_response_field']) {
$resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) { $errorsAndAlerts .= "Incorrect value for anti-spam validation, please try again.<br/>"; }
$captchaError = $resp->error;
}

$textToConvert = $_REQUEST['enquiry'];
$convertedText = iconv("UTF-8", "ISO-8859-1", $textToConvert);

// send email user
if (!$errorsAndAlerts) {
$to = "info@domain.com";
$subject = "Quick Contact";
$email = $_REQUEST['quick_enquiry_email'];

$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
#$headers .= "Content-Type: text/html; charset=utf8\r\n";
$headers .= "From: $email \r\n";

$body = "<strong>Full name</strong>: ". $_REQUEST['quick_enquiry_name'] ."<br />";
$body .= "<strong>Email</strong>: ".$_REQUEST['quick_enquiry_email'] ."<br />";
$body .= "<strong>Enquiry</strong>: $convertedText<br /><br />";
$body .= "The user who sent this message had the IP address <strong>".$_SERVER['REMOTE_ADDR']."</strong><br />";

$message = $body;

// Note: The above line must be flush left or you'll get an error
// This is a PHP heredoc. See: http://ca2.php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc

// send message
$mailResult = @mail($to, $subject, $message, $headers);
if (!$mailResult) { die("Mail Error: $php_errormsg"); }

//
$errorsAndAlerts = "Thanks! We've sent your email.";
$_REQUEST = array(); // clear form values

}

}

?>

<!-- right quick_contact form -->

<!-- quick_contact_title -->
<div class="rh_quick_contact_title">
<img src="images/rh_quick_enquiry_title.jpg" width="232" height="31" />
</div>
<!-- /quick_contact_title -->


<!-- quick_contact_form -->
<div class="rh_quick_contact_content">
<form method="post">
<input type="hidden" name="submitForm" value="1" />

<?php if (@$errorsAndAlerts): ?>
<div style="color: red; font-weight: bold; font-size: 12px; font-family: arial;">
<?php echo $errorsAndAlerts; ?>
</div>
<?php endif ?>

<table width="213" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center">
<input name="quick_enquiry_name" type="text" id="quick_enquiry_name" style="width:180px;" value="Name..." onclick="clickclear(this, 'Name...')" onblur="clickrecall(this,'Name...')" />
</td>
</tr>
<tr>
<td align="center">
<input name="quick_enquiry_email" type="text" id="quick_enquiry_email" style="width:180px;" value="Email Address..." onclick="clickclear(this, 'Email Address...')" onblur="clickrecall(this,'Email Address...')"/>
</td>
</tr>
<tr>
<td align="center">
<textarea name="enquiry" id="enquiry" value="Enquiry..." onclick="clickclear(this, 'Enquiry...')" onblur="clickrecall(this,'Enquiry...')" style="width:180px;" rows="4"></textarea>
</td>
</tr>
<tr>
<td colspan="2">&nbsp;</td>
</tr>
<tr>
<td colspan="2">
Please enter the words below (anti-spam)<br />
<?php echo recaptcha_get_html($publickey, @$captchaError); ?>
</td>
</tr>
<tr>
<td><div align="right">
<input type="image" src="images/blue_submit_button.jpg" value="Submit" alt="Submit">&nbsp;&nbsp;
</div></td>
</tr>
</table>
</form>
</div>
<!-- /quick_contact_form -->
Thanks in advanced

Re: [jarvis] form redirects to recaptcha form then to thank you page

By jarvis - March 12, 2010

Hi,

Ok, I've realised that I need remove the recaptcha field from my main form, this leaves:
<form method="post" action="quick_enquiry_form3.php" target="_blank">
<input type="hidden" name="submitForm" value="1" />

<?php if (@$errorsAndAlerts): ?>
<div style="color: red; font-weight: bold; font-size: 12px; font-family: arial;">
<?php echo $errorsAndAlerts; ?>
</div>
<?php endif ?>

<table width="213" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center">
<input name="quick_enquiry_name" type="text" id="quick_enquiry_name" style="width:180px;" value="Name..." onclick="clickclear(this, 'Name...')" onblur="clickrecall(this,'Name...')" />
</td>
</tr>
<tr>
<td align="center">
<input name="quick_enquiry_email" type="text" id="quick_enquiry_email" style="width:180px;" value="Email Address..." onclick="clickclear(this, 'Email Address...')" onblur="clickrecall(this,'Email Address...')"/>
</td>
</tr>
<tr>
<td align="center">
<textarea name="enquiry" id="enquiry" value="Enquiry..." onclick="clickclear(this, 'Enquiry...')" onblur="clickrecall(this,'Enquiry...')" style="width:180px;" rows="4"></textarea>
</td>
</tr>

<tr>
<td><div align="right">
<input type="image" src="images/blue_submit_button.jpg" value="Submit" alt="Submit">&nbsp;&nbsp;
</div></td>
</tr>
</table>
</form>
When you click submit, I new window opens (quick_enquiry_form3.php with the recaptcha field and the other fields would be hidden (text at mo for debugging)
<form method="post" action="sendemail.php">


<?php if (@$errorsAndAlerts): ?>
<div style="color: red; font-weight: bold; font-size: 12px; font-family: arial;">
<?php echo $errorsAndAlerts; ?>
</div>
<?php endif ?>

<table width="213" border="0" cellpadding="2" cellspacing="2">
<tr>
<td colspan="2">
Please enter the words below (anti-spam)<br />
<?php echo recaptcha_get_html($publickey, @$captchaError); ?>
</td>
</tr>
<tr>
<td><div align="right">
<input type="image" src="images/blue_submit_button.jpg" value="Submit" alt="Submit">&nbsp;&nbsp;
</div></td>
</tr>
</table>
<input type="text" value="<?php $_POST['quick_enquiry_name']; ?>" />
<input type="text" value="<?php $_POST['quick_enquiry_email']; ?>" />
<input type="text" value="<?php $_POST['enquiry']; ?>" />
</form>
When you then click submit on the pop up (quick_enquiry_form3.php), it will need to pass this to a further php file (sendemail.php) in order to add the redirect to the thanks page to prevent the headers already sent message.
I've therefore 2 issues now:
1) How do you validate the original form
2) Why aren't the values from the original form being posted to the new pop up window (quick_enquiry_form3.php)?
Hope this makes sense?
Thanks again

Re: [jarvis] form redirects to recaptcha form then to thank you page

By Chris - March 12, 2010 - edited: March 12, 2010

Hi jarvis,

1. I think the simplest solution to your first issue would be to use a "stepped" approach instead of a popup. You can use one PHP script to do all three steps.

If you need to do this with a popup instead, I'd try solving this with JavaScript validation: validate with JavaScript before submitting the form and only submit it when all validation has passed. You can probably find some helpful tutorials on doing validation with jQuery.

Whichever way you go, you'll need to revalidate server-side on the final request for safety.

EDIT:

2. A ha! I make this mistake all the time: you forgot "echo" (in red below).

One last thing: for safety, you'll want to HTML-encode values submitted by your visitors. You should change this:
<input type="text" value="<?php $_POST['...']; ?>" />
to this:
<input type="text" value="<?php echo htmlspecialchars($_POST['...']); ?>" />

I hope this helps! Please let me know if you have any questions.
All the best,
Chris

Re: [chris] form redirects to recaptcha form then to thank you page

By jarvis - March 15, 2010

Hi Chris,

Firstly, many thanks for the reply! Indeed, I had forgotten to add the echo - a simple mistake but one which takes forever in a day to spot!

This now works as I need it to, however, as the form has a recaptcha field, I can't work out how to validate the field. This is also true for the previous form. Let me talk you through what I have:

User comes to the site and completes the simple enquiry form:
<form method="post" action="quick_enquiry_form3.php" target="_blank">
<input type="hidden" name="submitForm" value="1" />

<?php if (@$errorsAndAlerts): ?>
<div style="color: red; font-weight: bold; font-size: 12px; font-family: arial;">
<?php echo $errorsAndAlerts; ?>
</div>
<?php endif ?>

<table width="213" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center">
<input name="quick_enquiry_name" type="text" id="quick_enquiry_name" style="width:180px;" value="Name..." onclick="clickclear(this, 'Name...')" onblur="clickrecall(this,'Name...')" />
</td>
</tr>
<tr>
<td align="center">
<input name="quick_enquiry_email" type="text" id="quick_enquiry_email" style="width:180px;" value="Email Address..." onclick="clickclear(this, 'Email Address...')" onblur="clickrecall(this,'Email Address...')"/>
</td>
</tr>
<tr>
<td align="center">
<textarea name="enquiry" id="enquiry" value="Enquiry..." onclick="clickclear(this, 'Enquiry...')" onblur="clickrecall(this,'Enquiry...')" style="width:180px;" rows="4"></textarea>
</td>
</tr>

<tr>
<td><div align="right">
<input type="image" src="images/blue_submit_button.jpg" value="Submit" alt="Submit">&nbsp;&nbsp;
</div></td>
</tr>
</table>
</form>
At this stage, no validation is present so if they leave the form blank and click submit it works. I have the validation code as:
// process form
if (@$_REQUEST['submitForm']) {

// error checking
$errorsAndAlerts = "";
if (!@$_REQUEST['name']) { $errorsAndAlerts = "Please fill out all fields\n"; }
if (!@$_REQUEST['email']) { $errorsAndAlerts = "Please fill out all fields\n"; }
else if(!isValidEmail(@$_REQUEST['email'])) { $errorsAndAlerts = "That email address is not valid\n"; }
if (!@$_REQUEST['enquiry']) { $errorsAndAlerts = "Please fill out all fields\n"; }
}
But can't work out how to process the form and validate it. Once the form has been submitted, a new window opens up showing the recaptcha form and hidden fields:
<form method="post" action="sendEmail.php">
<?php if (@$errorsAndAlerts): ?>
<div style="color: red; font-weight: bold; font-size: 12px; font-family: arial;">
<?php echo $errorsAndAlerts; ?>
</div>
<?php endif ?>
<table width="213" border="0" cellpadding="2" cellspacing="2">
<tr>
<td colspan="2">
Please enter the words below (anti-spam)<br />
<?php echo recaptcha_get_html($publickey, @$captchaError); ?>
</td>
</tr>
<tr>
<td><div align="right">
<input type="image" src="images/blue_submit_button.jpg" value="Submit" alt="Submit" onClick="validate(this.form);">&nbsp;&nbsp;
</div></td>
</tr>
</table>
<input type="hidden" name="submitForm" value="1" />
<input type="hidden" name="quick_enquiry_name" value="<?php echo htmlspecialchars($_POST['quick_enquiry_name']); ?>" />
<input type="hidden" name="quick_enquiry_email" value="<?php echo htmlspecialchars($_POST['quick_enquiry_email']); ?>" />
<input type="hidden" name="enquiry" value="<?php echo htmlspecialchars($_POST['enquiry']); ?>" />
</form>
Again, no validation is present. If they enter wrong words or no words in the recaptcha and submit, then it still runs sendEmail.php. sendEmail.php process the form data, sends the email and redirects the user to the thankyou page.

My validation code for this part is below:
<?php
require_once ".../cmsAdmin/lib/viewer_functions.php";

// Get a key from http://recaptcha.net/api/getkey
require_once('recaptchalib_comments.php');
if (preg_match("/test.domain.com/", $_SERVER['HTTP_HOST'])) {
$publickey = "";
$privatekey = "";
}
else if (preg_match("/domain.com/", $_SERVER['HTTP_HOST'])) {
$publickey = "";
$privatekey = "";
}

if (@$_REQUEST['submitForm']) {
$errorsAndAlerts = "";

if (!@$_REQUEST['recaptcha_response_field']) { $errorsAndAlerts .= "Please enter the two words displayed (this is to stop spam).<br/>"; }
if (@$_REQUEST['recaptcha_response_field']) {
$resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) { $errorsAndAlerts .= "Incorrect value for anti-spam validation, please try again.<br/>"; }
$captchaError = $resp->error;
}

}


?>

How do you validate the form and ONLY if the form data is correct move on to the next stage or process the data?

Thanks again

Re: [jarvis] form redirects to recaptcha form then to thank you page

By jarvis - March 15, 2010

OK, after much messing around, I opted for a far simpler method. Simply add a random number field and ask the person filling in the form to verify the number.

if (@$_REQUEST['submitForm']) {

// error checking
$errorsAndAlerts = "";
$check = $_REQUEST['check'];
$randomNumber = $_REQUEST['randomNumber'];
if (!@$_REQUEST['name']) { $errorsAndAlerts = "Please add your name\n"; }
if (!@$_REQUEST['email']) { $errorsAndAlerts = "Please add your email\n"; }
else if(!isValidEmail(@$_REQUEST['email'])) { $errorsAndAlerts = "That email address is not valid\n"; }
if (!@$_REQUEST['enquiry']) { $errorsAndAlerts = "Please add your enquiry\n"; }
if (!@$_REQUEST['randomNumber']) { $errorsAndAlerts = "Please verify the number\n"; }

$textToConvert = $_REQUEST['enquiry'];
$convertedText = iconv("UTF-8", "ISO-8859-1", $textToConvert);

// send email user
if ((!$errorsAndAlerts) && ($randomNumber == $check)) {
$to = "info@domain.co.uk";
$subject = "Quick Contact";
$email = $_REQUEST['email'];


$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
#$headers .= "Content-Type: text/html; charset=utf8\r\n";
$headers .= "From: $email \r\n";

$body = "<strong>Full name</strong>: ". $_REQUEST['name'] ."<br />";
$body .= "<strong>Email</strong>: ".$_REQUEST['email'] ."<br />";
$body .= "<strong>Enquiry</strong>: $convertedText<br /><br />";
$body .= "The user who sent this message had the IP address <strong>".$_SERVER['REMOTE_ADDR']."</strong><br />";

$message = $body;

// send message
$mailResult = @mail($to, $subject, $message, $headers);
if (!$mailResult) { die("Mail Error: $php_errormsg"); }

//
$errorsAndAlerts = "Thanks! We've sent your email.";
$_REQUEST = array(); // clear form values
}

}

?>
<?php $randomNumber = rand(1,10); ?>
<!-- right quick_contact form -->

<!-- quick_contact_title -->
<div class="rh_quick_contact_title">
<img src="images/rh_quick_enquiry_title.jpg" width="232" height="31" />
</div>
<!-- /quick_contact_title -->


<!-- quick_contact_form -->
<div class="rh_quick_contact_content">
<form method="post">
<input type="hidden" name="submitForm" value="1" />

<?php if (@$errorsAndAlerts): ?>
<div style="color: red; font-weight: bold; font-size: 12px; font-family: arial;">
<?php echo $errorsAndAlerts; ?>
</div>
<?php endif ?>

<table width="213" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center">
<input name="name" type="text" id="name" style="width:180px;" value="Name..." onclick="clickclear(this, 'Name...')" onblur="clickrecall(this,'Name...')" />
</td>
</tr>
<tr>
<td align="center">
<input name="email" type="text" id="email" style="width:180px;" value="Email Address..." onclick="clickclear(this, 'Email Address...')" onblur="clickrecall(this,'Email Address...')"/>
</td>
</tr>
<tr>
<td align="center">
<textarea name="enquiry" id="enquiry" value="Enquiry..." onclick="clickclear(this, 'Enquiry...')" onblur="clickrecall(this,'Enquiry...')" style="width:180px;" rows="3"></textarea>
</td>
</tr>
<tr>
<td><?php echo $randomNumber; ?> <input type="text" id="randomNumber" name="randomNumber" style="width:20px;" /> Please enter the number
</td>
</tr>
<tr>
<td><div align="right">
<input type="image" src="images/blue_submit_button.jpg" value="Submit" alt="Submit">&nbsp;&nbsp;
</div></td>
</tr>
</table>
<input type="hidden" id="check" name="check" value="<?php echo $randomNumber;?>" />
</form>
Works great. Just need to work out how to redirect them to a thank you page once the form has been submitted with valid details!?

Re: [jarvis] form redirects to recaptcha form then to thank you page

By Chris - March 15, 2010

Hi Jarvis,

To redirect after the email has been sent, simply replace this:

$errorsAndAlerts = "Thanks! We've sent your email.";

with this:

header("Location: /url/of/thankyou.html");
exit();

THe only gotcha here is that you can't output anything before a header (this includes whitespace!) So, if the top of your script looks like this:

<?php require_once "/my/path/to/viewer_functions.php"; ?>
<?php
...

you may need to change it to:

<?php
require_once "/my/path/to/viewer_functions.php";
...

I hope this helps! Please let me know if you have any questions.
All the best,
Chris

Re: [jarvis] form redirects to recaptcha form then to thank you page

By Damon - March 17, 2010

Just an update that the headers sent error has been solved by using a built in CMS Builder function to redirect to another page:

redirectBrowserToURL("http://www.example.com/thanks.php");
Cheers,
Damon Edis - interactivetools.com

Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/