Because of the lack of guestbook/forms in CMSBuilder i started to create one with the addForm.php template found in this forum.
Everything works!!! :-)
Only the security code not... whatever i type inside that box it will send the form...
Any solution or hint?
<?php header('Content-type: text/html; charset=utf-8'); ?>
<?php
$libraryPath = 'admin/lib/viewer_functions.php';
$dirsToCheck = array('blablabla path to my server...');
foreach ($dirsToCheck as $dir) { if (@include_once("$dir$libraryPath")) { break; }}
if (!function_exists('getRecords')) { die("Couldn't load viewer library, check filepath in sourcecode."); }
// submit form
if (@$_REQUEST['submit']) {
// error checking
$errorsAndAlerts = "";
$randomNumber = $_REQUEST['randomNumber'];
if (!@$_REQUEST['name']) { $errorsAndAlerts .= "Please specify Name!<br/>\n"; }
if (!@$_REQUEST['e_mail_address']){ $errorsAndAlerts .= "Please specify E-mail address!<br/>\n"; }
if (!@$_REQUEST['comment']) { $errorsAndAlerts .= "Please specify Comment!<br/>\n"; }
if (!@$_REQUEST['randomNumber']) { $errorsAndAlerts .= "Please specify/verify the Security Code!\n"; }
// turn off strict mysql error checking for: STRICT_ALL_TABLES
mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later)
// add record
// if (!@$errorsAndAlerts) {
if (!@$errorsAndAlerts) {
mysql_query("INSERT INTO `{$TABLE_PREFIX}guestbook` SET
name = '".mysql_escape( $_REQUEST['name'] )."',
e_mail_address = '".mysql_escape( $_REQUEST['e_mail_address'] )."',
comment = '".mysql_escape( $_REQUEST['comment'] )."',
createdDate = NOW(),
updatedDate = NOW(),
createdByUserNum = '0',
updatedByUserNum = '0'")
or die("MySQL Error Creating Record:<br/>\n". htmlspecialchars(mysql_error()) . "\n");
$recordNum = mysql_insert_id();
// display thanks message and clear form
$errorsAndAlerts = "Thank You for signing my guestbook!";
$_REQUEST = array();
}
}
list($guestbookRecords, $guestbookMetaData) = getRecords(array(
'tableName' => 'guestbook',
'perPage' => '10',
));
?>
<?php $randomNumber = rand(100000,999999); ?>
In the body:
<form method="post" action="">
<input type="hidden" name="submit" value="1" />
<div><input name="name" type="text" value="<?php echo htmlspecialchars(@$_REQUEST['name']) ?>" size="40" /></div>
<div><input name="e_mail_address" type="text" value="<?php echo htmlspecialchars(@$_REQUEST['e_mail_address']) ?>" size="40" /></div>
<div><textarea name="comment" cols="65" rows="6"><?php echo htmlspecialchars(@$_REQUEST['comment']) ?></textarea></div>
<div><?php echo $randomNumber; ?></div>
<div><input name="randomNumber" type="text" id="randomNumber" size="10" /></div>
<div><input type="submit" name="add" value="Sign" id="form_button" class="color" /></div>
<?php if (@$errorsAndAlerts): ?>
<div id="form_status"><?php echo $errorsAndAlerts; ?></div>
<?php endif ?>
<input type="hidden" id="check" name="check" value="<?php echo $randomNumber;?>" />
</form>
Thanks
[:)][:)]