I'm having some code show up on my mail php block. It has happened with every form tutorial I've gone through. Well, it works with the basic form, but when I try a form that adds a bit of security, I get code showing through.
I'm using a css template provided online as well as a php mail code found online as well. When I pull up the stand alone code in XAMPP it looks fine, but when I incorporate it into my html, the code bleeds through.
Help?
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<link href='http://fonts.googleapis.com/css?family=Ruthie' rel='stylesheet' type='text/css'>
<!-- Design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License Name : Portraiture Description: A two-column, fixed-width design with dark color scheme. Version : 1.0 Released : 20130111 -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>title</title>
<meta name="keywords" content="" />
<meta name="description" content="" />
<script type="text/javascript" src="jquery-1.7.1.min.js"></script>
<script type="text/javascript" src="jquery.slidertron-1.1.js"></script>
<link href="http://fonts.googleapis.com/css?family=Open+Sans:400,300,600%7CArchivo+Narrow:400,700" rel="stylesheet" type="text/css" />
<link href="http://fonts.googleapis.com/css?family=Ruthie" rel="stylesheet" type="text/css" />
<link href="default.css" rel="stylesheet" type="text/css" media="all" />
<!--[if IE 6]> <link href="default_ie6.css" rel="stylesheet" type="text/css" /> <![endif]-->
<link rel="stylesheet" type="text/css" href="active1.css" />
</head>
<body>
<div id="wrapper" class="container">
<div id="header">
<div id="logo">
<h1><a href="http://localhost/active/index.html">maggie braner</a></h1>
</div>
</div>
<div id="menu">
<ul>
<li class="active"><a href="http://localhost/active/index.html" accesskey="1" title="">Home</a></li>
<li><a href="http://localhost/active/musiclessons.html" accesskey="2" title="">Music Lessons</a></li>
<li><a href="http://localhost/active/pottery.html" accesskey="3" title="">Pottery</a></li>
<li><a href="http://localhost/active/jazzband.html" accesskey="4" title="">Jazz Band</a></li>
</ul>
</div>
<div id="banner">
<div id="slider">
<div class="viewer">
<div class="reel">
<div class="slide"> <img src="images/pic01.jpg" alt="" height="570" width="505" /> </div>
<div class="slide"> <img src="images/pic02.jpg" alt="" height="500" width="900" /> </div>
</div>
</div>
</div>
<script type="text/javascript">
$('#slider').slidertron({
viewerSelector: '.viewer',
reelSelector: '.viewer .reel',
slidesSelector: '.viewer .reel .slide',
advanceDelay: 3000,
speed: 'slow'
});
</script>
</div>
<div id="page">
<div id="content">
<h2>Welcome!</h2>
<p> body text here </p>
</div>
<div id="sidebar">
<?php
$your_email ='yourname@your-website.com';// <<=== update to your email address
session_start();
$errors = '';
$name = '';
$visitor_email = '';
$user_message = '';
if(isset($_POST['submit']))
{
$name = $_POST['name'];
$visitor_email = $_POST['email'];
$user_message = $_POST['message'];
///------------Do Validations-------------
if(empty($name)||empty($visitor_email))
{
$errors .= "
Name and Email are required fields. ";
}
if(IsInjected($visitor_email))
{
$errors .= "
Bad email value!";
}
if(empty($_SESSION['6_letters_code'] ) ||
strcasecmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0)
{
//Note: the captcha code is compared case insensitively.
//if you want case sensitive match, update the check above to
// strcmp()
$errors .= "
The captcha code does not match!";
}
if(empty($errors))
{
//send the email
$to = $your_email;
$subject="New form submission";
$from = $your_email;
$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
$body = "A user $name submitted the contact form:
".
"Name: $name
".
"Email: $visitor_email
".
"Message:
".
"$user_message
".
"IP: $ip
";
$headers = "From: $from
";
$headers .= "Reply-To: $visitor_email
";
mail($to, $subject, $body,$headers);
header('Location: thank-you.html');
}
}
// Function to validate against any email injection attempts
function IsInjected($str)
{
$injections = array('(
+)',
'(+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str))
{
return true;
}
else
{
return false;
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Contact Us</title>
<!-- define some style elements-->
<style>
label,a, body
{
font-family : Arial, Helvetica, sans-serif;
font-size : 12px;
}
.err
{
font-family : Verdana, Helvetica, sans-serif;
font-size : 12px;
color: red;
}
</style>
<!-- a helper script for vaidating the form-->
<script language="JavaScript" src="scripts/gen_validatorv31.js" type="text/javascript"></script>
</head>
<body>
<?php
if(!empty($errors)){
echo "<p class='err'>".nl2br($errors)."</p>";
}
?>
<div id='contact_form_errorloc' class='err'></div>
<form method="POST" name="contact_form"
action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>">
<p>
<label for='name'>Name: </label><br>
<input type="text" name="name" value='<?php echo htmlentities($name) ?>'>
</p>
<p>
<label for='email'>Email: </label><br>
<input type="text" name="email" value='<?php echo htmlentities($visitor_email) ?>'>
</p>
<p>
<label for='message'>Message:</label> <br>
<textarea name="message" rows=8 cols=30><?php echo htmlentities($user_message) ?></textarea>
</p>
<p>
<img src="captcha_code_file.php?rand=<?php echo rand(); ?>" id='captchaimg' ><br>
<label for='message'>Enter the code above here :</label><br>
<input id="6_letters_code" name="6_letters_code" type="text"><br>
<small>Can't read the image? click <a href='javascript: refreshCaptcha();'>here</a> to refresh</small>
</p>
<input type="submit" value="Submit" name='submit'>
</form>
<script language="JavaScript">
// Code for validating the form
// Visit http://www.javascript-coder.com/html-form/javascript-form-validation.phtml
// for details
var frmvalidator = new Validator("contact_form");
//remove the following two lines if you like error message box popups
frmvalidator.EnableOnPageErrorDisplaySingleBox();
frmvalidator.EnableMsgsTogether();
frmvalidator.addValidation("name","req","Please provide your name");
frmvalidator.addValidation("email","req","Please provide your email");
frmvalidator.addValidation("email","email","Please enter a valid email address");
</script>
<script language='JavaScript' type='text/javascript'>
function refreshCaptcha()
{
var img = document.images['captchaimg'];
img.src = img.src.substring(0,img.src.lastIndexOf("?"))+"?rand="+Math.random()*1000;
}
</script>
</body>
</html>
</div>
</div>
</div>
<div id="footer">
<p>Copyright (c) 2012 Sitename.com. All rights reserved. Design
by <a href="http://www.freecsstemplates.org/" rel="nofollow">FreeCSSTemplates.org</a>,</br>
released under a <a href="http://creativecommons.org/licenses/by/3.0/">Creative
Commons Attributions 3.0</a> license</p>
</div>
</div>
</body></html>
