[de-de] php kontaktformular sendet nicht

ruud · 2010-08-02 17:44:43

Zuerst: Ich schreibe hier nicht gegen zem_contact_reborn. Dazu gibt es keinen Grund. Ich kann aber nicht erkennen, wie ich das, was ich umgesetzt habe, mit zem_contact_reborn hätte realisieren können.

I think you misunderstood. I’m not saying you should use ZCR. I just pointed you to the ZCR code, which is publicly available, so you could see how it deals with header encoding and protection against header injection (and compare it with your own code). Whether ZCR is suitable for what you have in mind, that’s a different topic.

Wie lässt sich das überprüfen?

If you’ll let me have a look at the code privately, I can check.

Im Kode des Anfangsbeitrages kann ich ausser dem Captcha aber nichts sehen, bei dem es um Sicherheitsvorkehrungen gehen würde. Also meinte ich, es gehe im Moment vor allem um eine Frage der Implementierung.

True, the topic wasn’t about security. I just responded to the code you posted, not knowing it was incomplete (although without having seen it completely, it’s hard to say whether it’s safe or not). The code posted in the topic start isn’t vulnerable to header injection because it doesn’t set custom mail headers and has a hard-coded recipient and subject.

ruud · 2010-08-02 17:49:08

fantasmo wrote:

Wenn ich in “action” den Code so aufrufe “<txp:site_url />files/meincode.php”, dann wird er ausgeführt… das ist schonmal gut…:-)
Aber nicht IM Kontext meiner Kontaktseite. Also es erscheint einfach eine weiße Seite, mit z.B. dem Text “Bitte fülle alle Felder” aus.
Es soll aber IM Kontaktformular auf der Kontaktseite stehen.

Perhaps you can show us the URL where you actually use the contact form to make things clearer.
When a visitor fills out the form and submits it, does the visitor then return to the same URL where the contact form is or does the form submit to a different URL? Looking at the code you posted, it’s the same URL.

Oben im Code:
$link_name = $_SERVER['PHP_SELF'];

Unten bei “action”:
action="{$link_name}"

That’s no different than what you had before. Have you tried hardcoding the URL: action="/path/to/contact_form"?

fantasmo · 2010-08-03 13:22:30

When the user submits the mail it leads to my php-code-file and there shows the success message, just black text on a white page.
—> because it really links just to this php-file, but the php file of course doesn’t include the whole website with layout, design and so on (or should it?!)

I now had a few tries with zem_contact, it works good so I’m considering staying with that…though it bothers me that I couldn’t make that own contact form work.

Thank you very much for your help, you are really good.

ruud · 2010-08-03 13:31:01

Since you included the PHP code for handling the form submission on a page that’s handled by TXP (otherwise you wouldn’t use txp:php tags), you shouldn’t have to link to a separate php-code-file. Just submitting the form to the same page that also contains the form should work.

fantasmo · 2010-08-04 10:58:22

Ah ok so einfach?… dann hab ich das vorher etwas falsch verstanden;-)

Textpattern CMS

Textpattern CMS support forum

#16 2010-08-02 17:44:43

Re: [de-de] php kontaktformular sendet nicht

#17 2010-08-02 17:49:08

Re: [de-de] php kontaktformular sendet nicht

#18 2010-08-03 13:22:30

Re: [de-de] php kontaktformular sendet nicht

#19 2010-08-03 13:31:01

Re: [de-de] php kontaktformular sendet nicht

#20 2010-08-04 10:58:22

Re: [de-de] php kontaktformular sendet nicht

Board footer