339 replies to this topic

[Jeep_ice]

Graveyard666, on Feb 28 2006, 09:13 PM, said:

I added this contrib and it works great except for after the user send the email the contact_us.php page refreshes saying just "contact us" the telephone and the "continue" button..

how can i insert some text that says "your email has been sent.." something along those lines?

Hi,

Just checked and when I click on send email, it's work normally and it's say "Your enquiry has been successfully sent to the Store Owner". check your installation correctly. You are the only one who is doing this.

[Davey]

Hi

This look super, thanks.

Has anyone got this to work on MS-1? I have so many mods ....

TIA

David

[Jeep_ice]

Davey, on Mar 6 2006, 04:49 PM, said:

Hi

This look super, thanks.

Has anyone got this to work on MS-1? I have so many mods ....

TIA

David

Try it, I think it's not different so so.... Give it a try, it's very easy to install.

[Davey]

Thanks Jeep

Step 1 is fine but step two I have this ...

 require('includes/application_top.php');

  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

  $error = false;
  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
	if (tep_validate_email(trim($HTTP_POST_VARS['email']))) {
	  tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $HTTP_POST_VARS['enquiry'], $HTTP_POST_VARS['name'], $HTTP_POST_VARS['email']);
	  tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
	} else {
	  $error = true;
	}
  }

I will keep playing ....

Regards

David

[jorgejordao]

Good afternoon,

I'm getting this error: Parse error: syntax error, unexpected ';' in C:\Inetpub\wwwroot\oscommerce\contact_us.php on line 221

my line 221 has the folowing: echo ;


what it could be?

[marcinmf]

Hello I am having a small problem, everything is working fine, just when I specify two emails to choose from ex.
Sales <marcinmf@yahoo.com>, Support marcinmf@swim.pl  
In admin panel,
After choosing first option on the form I am receiving message fine, but after choosing second radio button message is going to the both e-mails instead to only second one.
Is that DB problem or there is something wrong in the code?

Thank you for any help.

This is my php code.

<?php
/*
  $Id: contact_us.php,v 1.1.1.1 2004/03/04 23:37:58 ccwjr Exp $

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2003 osCommerce

  Released under the GNU General Public License
*/

  require('includes/application_top.php');

  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
$name = tep_db_prepare_input($HTTP_POST_VARS['name']);
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);
// BOF Super Contact us enhancement 1.0
$enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']);
$emailsubject = tep_db_prepare_input($HTTP_POST_VARS['reason']) . ' ' . EMAIL_SUBJECT;
if (tep_validate_email($email_address)) {
if (CONTACT_US_LIST !=''){
$send_to_array=explode("," ,CONTACT_US_LIST);
preg_match('/\<[^>]+\>/', $send_to_array[$send_to], $send_email_array);
$send_to_email= eregi_replace (">", "", $send_email_array[0]);
$send_to_email= eregi_replace ("<", "", $send_to_email);

tep_mail(preg_replace('/\<[^*]*/', '', $send_to_array[$send_to]), $send_to_email, $emailsubject, $enquiry, $name, $email_address);
}else{
tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $emailsubject, $enquiry, $name, $email_address);
}
// EOF Super Contact us enhancement 1.0

tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
} else {
$error = true;

$messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
}
}

  $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US));

  $content = CONTENT_CONTACT_US;

  require(DIR_WS_TEMPLATES . TEMPLATE_NAME . '/' . TEMPLATENAME_MAIN_PAGE);

  require(DIR_WS_INCLUDES . 'application_bottom.php');
?>

[Jeep_ice]

jorgejordao, on Mar 7 2006, 01:48 PM, said:

Good afternoon,

I'm getting this error: Parse error: syntax error, unexpected ';' in C:\Inetpub\wwwroot\oscommerce\contact_us.php on line 221

my line 221 has the folowing: echo ;
what it could be?

Can you send your contact_us.php code here, I will check this what is the problem...

[Jeep_ice]

marcinmf, on Mar 7 2006, 06:53 PM, said:

Hello I am having a small problem, everything is working fine, just when I specify two emails to choose from ex.
Sales <marcinmf@yahoo.com>, Support marcinmf@swim.pl  
In admin panel,
After choosing first option on the form I am receiving message fine, but after choosing second radio button message is going to the both e-mails instead to only second one.
Is that DB problem or there is something wrong in the code?

Thank you for any help.

Hi,

If you have put the email like this in the admin panel --> :Sales <marcinmf@yahoo.com>, Support marcinmf@swim.pl - It's normal. The second email is not writed the good way. You have to write   Support <marcinmf@swim.pl> it's gonna work after this..

[Jeep_ice]

Davey, on Mar 6 2006, 05:32 PM, said:

Thanks Jeep

Step 1 is fine but step two I have this ...

 require('includes/application_top.php');

  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

  $error = false;
  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
	if (tep_validate_email(trim($HTTP_POST_VARS['email']))) {
	  tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $HTTP_POST_VARS['enquiry'], $HTTP_POST_VARS['name'], $HTTP_POST_VARS['email']);
	  tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
	} else {
	  $error = true;
	}
  }

I will keep playing ....

Regards

David

David,

Good. Keep trying and let me know when is working.

[jorgejordao]

Here is my contact_us.php:


<?php
/*
  $Id: contact_us.php,v 1.42 2003/06/12 12:17:07 hpdl Exp $

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright © 2003 osCommerce

  Released under the GNU General Public License
*/

  require('includes/application_top.php');
  #################
$page_query = tep_db_query("select
                               p.pages_id,
                               p.sort_order,
                               p.status,
                               s.pages_title,
                               s.pages_html_text
                            from
                               " . TABLE_PAGES . " p LEFT JOIN " .TABLE_PAGES_DESCRIPTION . " s on p.pages_id = s.pages_id
                            where
                               p.status = 1
                            and
                               s.language_id = '" . (int)$languages_id . "'
                            and
                               p.page_type = 2");


$page_check = tep_db_fetch_array($page_query);

$pagetext=stripslashes($page_check[pages_html_text]);

#################

  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

  $error = false;
  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
    $name = tep_db_prepare_input($HTTP_POST_VARS['name']);
    $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);
    // BOF Super Contact us enhancement 1.0
    $enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']);
$emailsubject = tep_db_prepare_input($HTTP_POST_VARS['reason']) . ' ' . EMAIL_SUBJECT;
    if (tep_validate_email($email_address)) {
if (CONTACT_US_LIST !=''){
$send_to_array=explode("," ,CONTACT_US_LIST);
preg_match('/\<[^>]+\>/', $send_to_array[$send_to], $send_email_array);
$send_to_email= eregi_replace (">", "", $send_email_array[0]);
$send_to_email= eregi_replace ("<", "", $send_to_email);

tep_mail(preg_replace('/\<[^*]*/', '', $send_to_array[$send_to]), $send_to_email, $emailsubject, $enquiry, $name, $email_address);
}else{
  tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $emailsubject, $enquiry, $name, $email_address);
}
// EOF Super Contact us enhancement 1.0

      tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
    } else {
      $error = true;

      $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
    }
  }

  $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US));
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->

<!-- body //-->
<table border="1" width="770" cellspacing="3" cellpadding="3" align="center">
  <tr>
    <td width="<?php echo BOX_WIDTH_LEFT_IS; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH_LEFT_IS; ?>" cellspacing="0" cellpadding="2">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
    </table></td>
<!-- body_text //-->
    <td width="100%" valign="top"><?php echo tep_draw_form('contact_us', tep_href_link(FILENAME_CONTACT_US, 'action=send')); ?><table border="0" width="100%" cellspacing="0" cellpadding="0">
      <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
            <td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_contact_us.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>
          </tr>
        </table></td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
      </tr>
<?php
  if ($messageStack->size('contact') > 0) {
?>
      <tr>
        <td><?php echo $messageStack->output('contact'); ?></td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
      </tr>
<?php
  }

  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) {
?>
      <tr>
        <td class="main" align="center"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_man_on_board.gif', HEADING_TITLE, '0', '0', 'align="left"') . TEXT_SUCCESS; ?></td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
      </tr>
      <tr>
        <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
          <tr class="infoBoxContents">
            <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
              <tr>
                <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
                <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td>
                <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
              </tr>
            </table></td>
          </tr>
        </table></td>
      </tr>
<!-- BOF Super Contact us enhancement 1.0 //-->
<?php
  } else {
  if (tep_session_is_registered('customer_id')) {
    $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
    $account = tep_db_fetch_array($account_query);

    $name = $account['customers_firstname'] . ' ' . $account['customers_lastname'];
    $email = $account['customers_email_address'];
  }
?>  

<tr>
<td>
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td width="650" height="0"></td>
                <td width="600"></td>
</tr>
                
<tr>
                <td rowspan="11" valign="top">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
       <tr>
           <td colspan="2" align="left" valign="top" class="main"></td>
       </tr>
<tr>
                     <td width="38" height="120" align="left" valign="top" class="main"></td>
                         <td width="334" valign="top">
                           <table width="100%" border="0" cellpadding="0" cellspacing="0">
                             <tr>
                               <td width="333" height="120" align="left" valign="top" class="main">
                               <STRONG><font size="7"><?php echo nl2br(STORE_NAME_ADDRESS); ?></font></STRONG><br><br><br>
                               <?php echo (OPENING_HOURS); ?>
                               </td>
                               <td width="1">&nbsp;</td>
</tr>
                 </table>
                         </td>
   </tr>
<tr>
<td align="left" valign="top" class="main"><p>&nbsp;</p></td>
</tr>
</table>
</td>
<td height="40" valign="top" class="main">
<?php echo ENTRY_NAME; ?><br>
<?php echo tep_draw_input_field('name'); ?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<tr>
<td height="40" valign="top" class="main">
<?php echo ENTRY_EMAIL; ?><br>
<?php echo tep_draw_input_field('email'); ?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>

<tr>
<td height="40" valign="top" class="main">
<?php
  if (CONTACT_US_LIST !=''){
  echo SEND_TO_TEXT . '<br>';
if(SEND_TO_TYPE=='radio'){
foreach(explode("," ,CONTACT_US_LIST) as $k => $v) {
    if($k==0){
$checked=true;
}else{
$checked=false;
}
echo tep_draw_radio_field('send_to', "$k", $checked). " " .preg_replace('/\<[^*]*/', '', $v);
}

   }else{
   foreach(explode("," ,CONTACT_US_LIST) as $k => $v) {
$send_to_array[] = array('id' => $k, 'text' => preg_replace('/\<[^*]*/', '', $v));
}
         echo tep_draw_pull_down_menu('send_to',  $send_to_array);
   }

echo ;
}
?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<tr>
<td height="40" valign="top" class="main">
<?php echo ENTRY_REASON; ?><br>
<select name="reason">
<?php echo '<option value="' . REASONS1 . '">' . REASONS1 . '</option>'; ?>
<?php echo '<option value="' . REASONS2 . '">' . REASONS2 . '</option>'; ?>
<?php echo '<option value="' . REASONS3 . '">' . REASONS3 . '</option>'; ?>
<?php echo '<option value="' . REASONS4 . '">' . REASONS4 . '</option>'; ?>
<?php echo '<option value="' . REASONS5 . '">' . REASONS5 . '</option>'; ?>
<?php echo '<option value="' . REASONS6 . '">' . REASONS6 . '</option>'; ?>

</select>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<tr>
<td height="200" width="350" valign="top" class="main">
<?php echo ENTRY_ENQUIRY; ?><BR>
<!-- BOF This is the change for the Form Vunerability Fix //-->
                <?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, tep_sanitize_string($_POST['enquiry']), '', false); ?>
<!-- EOF This is the change for the Form Vunerability Fix //-->
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<tr>
<td height="66" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="547" height="62" valign="top" align="middle"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>
</tr>
<tr>
<td height="4"></td>
</tr>
             </table>
            </td>
          </tr>
<tr>
<td height="41" colspan="2" align="left" class="main"><br> </td>
</tr>
</table>
</td>
</tr>
<tr>
<td height="41" colspan="2" align="left" class="main"><br> </td>
</tr>
<?php
  }
?>
<!-- EOF Super Contact us enhancement 1.0 //-->
    </table></form></td>


<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>


thanks

[marcinmf]

Jeep_ice, on Mar 7 2006, 07:18 PM, said:

Hi,

If you have put the email like this in the admin panel --> :Sales <marcinmf@yahoo.com>, Support marcinmf@swim.pl - It's normal. The second email is not writed the good way. You have to write   Support <marcinmf@swim.pl> it's gonna work after this..

I make a mistake while typing post, my emails are set correctly.
Sales <marcinmf@yahoo.com>, Support <marcinmf@swim.pl>
Do you have any other ideas what could be the problem?
Thanks.

[rainton]

Jeep_ice, on Feb 17 2006, 11:27 PM, said:

I will test this contribution and be back with you this week-end...

excuse my English but is Italian I uses yours contributions Super Contact us enhancement 1,0, wants to use with to Visual Verify code, has made as you have said, but the control of the code does not execute me. Here the my contact_us.php

<?php
/*
  $Id: contact_us.php,v 1.42 2003/06/12 12:17:07 hpdl Exp $

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright © 2003 osCommerce

  Released under the GNU General Public License
*/

  require('includes/application_top.php');

  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

  $error = false;
  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send') && tep_email_isfromdomain($_POST['email']))
{
  $error = true;
  $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_ISFROMDOMAIN_ERROR);
}
elseif (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
    $name = tep_db_prepare_input($HTTP_POST_VARS['name']);
    $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);
    // BOF Super Contact us enhancement 1.0
    $enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']);
$emailsubject = tep_db_prepare_input($HTTP_POST_VARS['reason']) . ' ' . EMAIL_SUBJECT;
    if (tep_validate_email($email_address)) {
if (CONTACT_US_LIST !=''){
$send_to_array=explode("," ,CONTACT_US_LIST);
preg_match('/\<[^>]+\>/', $send_to_array[$send_to], $send_email_array);
$send_to_email= eregi_replace (">", "", $send_email_array[0]);
$send_to_email= eregi_replace ("<", "", $send_to_email);

tep_mail(preg_replace('/\<[^*]*/', '', $send_to_array[$send_to]), $send_to_email, $emailsubject, $enquiry, $name, $email_address);
}else{
  tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $emailsubject, $enquiry, $name, $email_address);
}
// EOF Super Contact us enhancement 1.0

      tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
    } else {
      $error = true;

      $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
    }
//VISUAL VERIFY CODE start
require(DIR_WS_FUNCTIONS . 'visual_verify_code.php');

$code_query = tep_db_query("select code from visual_verify_code where oscsid = '" . tep_session_id($HTTP_GET_VARS[tep_session_name()]) . "'");
$code_array = tep_db_fetch_array($code_query);
$code = $code_array['code'];

tep_db_query("DELETE FROM " . TABLE_VISUAL_VERIFY_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); //remove the visual verify code associated with this session to clean database and ensure new results

$user_entered_code = $HTTP_POST_VARS['visual_verify_code'];
if (!(strcasecmp($user_entered_code, $code) == 0)) { //make the check case insensitive
$error = true;
$messageStack->add('contact', VISUAL_VERIFY_CODE_ENTRY_ERROR);
}
//VISUAL VERIFY CODE stop

  }

  $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US));
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="730" cellspacing="0" cellpadding="0">
  <tr>
<!-- body_text //-->
    <td width="100%" valign="top"><?php echo tep_draw_form('contact_us', tep_href_link(FILENAME_CONTACT_US, 'action=send')); ?><table border="0" width="610" cellspacing="0" cellpadding="0">
      <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td align="left" valign="top"><? echo ' <img src="images/intestazioni/CONTATTI.jpg" width="590" height="33"/>
     '; ?></td>
          </tr>
        </table></td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
      </tr>
<?php
  if ($messageStack->size('contact') > 0) {
?>
      <tr>
        <td><?php echo $messageStack->output('contact'); ?></td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
      </tr>
<?php
  }

  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) {
?>
      <tr>
        <td class="main" align="center"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_man_on_board.gif', HEADING_TITLE, '0', '0', 'align="left"') . TEXT_SUCCESS; ?></td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
      </tr>
      <tr>
        <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
          <tr class="infoBoxContents">
            <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
              <tr>
                <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
                <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td>
                <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
              </tr>
            </table></td>
          </tr>
        </table></td>
      </tr>
<!-- BOF Super Contact us enhancement 1.0 //-->
<?php
  } else {
  if (tep_session_is_registered('customer_id')) {
    $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
    $account = tep_db_fetch_array($account_query);

    $name = $account['customers_firstname'] . ' ' . $account['customers_lastname'];
    $email = $account['customers_email_address'];
  }
?>  

<tr>
<td>
<table border="0" width="605" cellspacing="0" cellpadding="0">
<tr>
<td width="650" height="0"></td>
                <td width="600"></td>
</tr>
                
<tr>
                <td rowspan="11" valign="top">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
       <tr>
           <td colspan="2" align="left" valign="top" class="main"></td>
       </tr>
<tr>
                     <td width="26" height="120" align="left" valign="top" class="main"></td>
                         <td width="542" valign="top">
                           <table width="100%" border="0" cellpadding="0" cellspacing="0">
                             <tr>
                               <td width="333" height="120" align="left" valign="top" class="menuCAT">
                               <STRONG><?php echo nl2br(STORE_NAME_ADDRESS); ?></STRONG><br>
                               <br><br>
                               <?php echo (OPENING_HOURS); ?>
                             </td>
                               <td width="1"> </td>
</tr>
                 </table>
                         </td>
   </tr>
<tr>
<td align="left" valign="top" class="main"><p> </p></td>
</tr>
</table>
</td>
<td height="40" valign="top" class="main">
<?php echo ENTRY_NAME; ?><br>
<?php echo tep_draw_input_field('name'); ?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<tr>
<td height="40" valign="top" class="main">
<?php echo ENTRY_EMAIL; ?><br>
<?php echo tep_draw_input_field('email'); ?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>

<tr>
<td height="40" valign="top" class="main">
<?php
  if (CONTACT_US_LIST !=''){
  echo SEND_TO_TEXT . '<br>';
if(SEND_TO_TYPE=='radio'){
foreach(explode("," ,CONTACT_US_LIST) as $k => $v) {
    if($k==0){
$checked=true;
}else{
$checked=false;
}
echo tep_draw_radio_field('send_to', "$k", $checked). " " .preg_replace('/\<[^*]*/', '', $v);
}

   }else{
   foreach(explode("," ,CONTACT_US_LIST) as $k => $v) {
$send_to_array[] = array('id' => $k, 'text' => preg_replace('/\<[^*]*/', '', $v));
}
         echo tep_draw_pull_down_menu('send_to',  $send_to_array);
   }

echo ;
}
?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<tr>
<td height="40" valign="top" class="main">
<?php echo ENTRY_REASON; ?><br>
<select name="reason">
<?php echo '<option value="' . REASONS1 . '">' . REASONS1 . '</option>'; ?>
<?php echo '<option value="' . REASONS2 . '">' . REASONS2 . '</option>'; ?>
<?php echo '<option value="' . REASONS3 . '">' . REASONS3 . '</option>'; ?>
<?php echo '<option value="' . REASONS4 . '">' . REASONS4 . '</option>'; ?>
<?php echo '<option value="' . REASONS5 . '">' . REASONS5 . '</option>'; ?>
<?php echo '<option value="' . REASONS6 . '">' . REASONS6 . '</option>'; ?>

</select>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<tr>
<td height="200" width="350" valign="top" class="main">
<?php echo ENTRY_ENQUIRY; ?><BR>
<!-- BOF This is the change for the Form Vunerability Fix //-->
                <?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, tep_sanitize_string($_POST['enquiry']), '', false); ?>
<!-- EOF This is the change for the Form Vunerability Fix //-->
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<!-- VISUAL VERIFY CODE-- START-->
<tr>
<td class="main">
<?php echo VISUAL_VERIFY_CODE_CATEGORY; ?>
<br>
<?php echo VISUAL_VERIFY_CODE_TEXT_INSTRUCTIONS; ?> <?php echo tep_draw_input_field('visual_verify_code'); ?>
<?php
//can replace the following loop with $visual_verify_code = substr(str_shuffle (VISUAL_VERIFY_CODE_CHARACTER_POOL), 0, rand(3,6)); if you have PHP 4.3
$visual_verify_code = "";
for ($i = 1; $i <= rand(3,6); $i++){
$visual_verify_code = $visual_verify_code . substr(VISUAL_VERIFY_CODE_CHARACTER_POOL, rand(0, strlen(VISUAL_VERIFY_CODE_CHARACTER_POOL)-1), 1);
}
$vvcode_oscsid = tep_session_id($HTTP_GET_VARS[tep_session_name()]);
tep_db_query("DELETE FROM " . TABLE_VISUAL_VERIFY_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'");
$sql_data_array = array('oscsid' => $vvcode_oscsid, 'code' => $visual_verify_code);
tep_db_perform(TABLE_VISUAL_VERIFY_CODE, $sql_data_array);
$visual_verify_code = "";
echo('<img src="' . FILENAME_VISUAL_VERIFY_CODE_DISPLAY . '?vvc=' . $vvcode_oscsid . '"');
?> <?php echo VISUAL_VERIFY_CODE_BOX_IDENTIFIER; ?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<!-- VISUAL VERIFY CODE-- STOP -->
<tr>
<td height="66" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="547" height="62" valign="top" align="middle"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>
</tr>
<tr>
<td height="4"></td>
</tr>
             </table>
            </td>
          </tr>
<tr>
<td height="41" colspan="2" align="left" class="main"><br> </td>
</tr>
</table>
  </td>
</tr>
<tr>
<td height="41" colspan="2" align="left" class="main"><br> </td>
</tr>
<?php
  }
?>
<!-- EOF Super Contact us enhancement 1.0 //-->

    </table>
    </form></td>
    <td width="100%" valign="top">
    <td width=145 valign=top> </td>
  </tr>
          <tr>
            <td><? if (tep_session_is_registered('customer_id'))echo '<a href="checkout_shipping.php"><img src="images/login/concludi.jpg" width="161"  border="0" /></a>'; ?></td>
          </tr>
          <tr>
            <td><? if (tep_session_is_registered('customer_id'))echo '<a href="account_newsletters.php"><img src="images/login/newsletter.jpg" width="161" border="0" /></a>';?></td>
          </tr>
          <tr>
            <td><? if (tep_session_is_registered('customer_id'))echo '<a href="products_new.php"><img src="images/login/arrivi.jpg" width="161" border="0" /></a>'; ?></td>
          </tr>
          <tr>
            <td></td>
          </tr>
          <tr>
            <td></td>
          </tr>
          <tr>
            <td><? if (tep_session_is_registered('customer_id')) echo '
<table width="161" border="0" cellpadding="0" cellspacing="0">
      <tr>
        <td><img src="images/login/banner.jpg" width="5" height="10" /></td>
        <td><img src="images/login/banner1.jpg" width="141" height="10" /></td>
        <td><img src="images/login/banner2.jpg" width="15" height="10" /></td>
      </tr>
      <tr>
        <td valign="top" background="images/login/banner3.jpg"><img src="images/login/banner3.jpg" width="5" height="135" /></td>
        <td valign="top"><table width="141" border="0" cellpadding="0" cellspacing="0">
          
        </table></td>
        <td valign="top" background="images/login/banner4.jpg"><img src="images/login/banner4.jpg" width="15" height="135" /></td>
      </tr>
      <tr>
        <td><img src="images/login/banner5.jpg" width="5" height="14" /></td>
        <td><img src="images/login/banner6.jpg" width="141" height="14" /></td>
        <td><img src="images/login/banner7.jpg" width="15" height="14" /></td>
      </tr>
    </table>
'; ?>            </td>
          </tr>
          <tr>
            <td><? if (tep_session_is_registered('customer_id'))echo '
<table width="161" border="0" cellpadding="0" cellspacing="0">
      <tr>
        <td><img src="images/login/banner.jpg" width="5" height="10" /></td>
        <td><img src="images/login/banner1.jpg" width="141" height="10" /></td>
        <td><img src="images/login/banner2.jpg" width="15" height="10" /></td>
      </tr>
      <tr>
        <td valign="top" background="images/login/banner3.jpg"><img src="images/login/banner3.jpg" width="5" height="135" /></td>
        <td valign="top"><table width="141" border="0" cellpadding="0" cellspacing="0">
          
        </table></td>
        <td valign="top" background="images/login/banner4.jpg"><img src="images/login/banner4.jpg" width="15" height="135" /></td>
      </tr>
      <tr>
        <td><img src="images/login/banner5.jpg" width="5" height="14" /></td>
        <td><img src="images/login/banner6.jpg" width="141" height="14" /></td>
        <td><img src="images/login/banner7.jpg" width="15" height="14" /></td>
      </tr>
    </table>
'; ?>            </td> </td>
    <!-- body_text_eof //-->
  </tr>
</table>
</td>
                   <td width=3></td>
                   <td width=161 valign=top>
                   </td>
                   </tr>
                   </table>
                   </td>
                   </tr>
                   </table>
                   </td>
                   <?php
  
?>
                   <!-- body_text_eof //-->
                   </tr>
                   </table>
                   <!-- body_eof //-->
                   <!-- footer //-->
                   <?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
                   <!-- footer_eof //-->
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>


Thank you and congratulations for the contributions.

[Jeep_ice]

rainton, on Mar 8 2006, 02:10 PM, said:

excuse my English but is Italian I uses yours contributions Super Contact us enhancement 1,0, wants to use with to Visual Verify code, has made as you have said, but the control of the code does not execute me. Here the my contact_us.php

Rainto,

Ok, I have changed your code at the beginning. It's the following code which cause me an error too. :

$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send') && tep_email_isfromdomain($_POST['email']))
{
$error = true;
$messageStack->add('contact', ENTRY_EMAIL_ADDRESS_ISFROMDOMAIN_ERROR);
}
elseif (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
$name = tep_db_prepare_input($HTTP_POST_VARS['name']);
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);

I changed these code for :

$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
$name = tep_db_prepare_input($HTTP_POST_VARS['name']);
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);

And it's work fine now, try it and tell me if all the thing is ok now....

[Jeep_ice]

marcinmf, on Mar 7 2006, 06:53 PM, said:

Hello I am having a small problem, everything is working fine, just when I specify two emails to choose from ex.
Sales <marcinmf@yahoo.com>, Support marcinmf@swim.pl  
In admin panel,
After choosing first option on the form I am receiving message fine, but after choosing second radio button message is going to the both e-mails instead to only second one.
Is that DB problem or there is something wrong in the code?

Thank you for any help.

This is my php code.

<?php
/*
  $Id: contact_us.php,v 1.1.1.1 2004/03/04 23:37:58 ccwjr Exp $

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2003 osCommerce

  Released under the GNU General Public License
*/

  require('includes/application_top.php');

  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
$name = tep_db_prepare_input($HTTP_POST_VARS['name']);
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);
// BOF Super Contact us enhancement 1.0
$enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']);
$emailsubject = tep_db_prepare_input($HTTP_POST_VARS['reason']) . ' ' . EMAIL_SUBJECT;
if (tep_validate_email($email_address)) {
if (CONTACT_US_LIST !=''){
$send_to_array=explode("," ,CONTACT_US_LIST);
preg_match('/\<[^>]+\>/', $send_to_array[$send_to], $send_email_array);
$send_to_email= eregi_replace (">", "", $send_email_array[0]);
$send_to_email= eregi_replace ("<", "", $send_to_email);

tep_mail(preg_replace('/\<[^*]*/', '', $send_to_array[$send_to]), $send_to_email, $emailsubject, $enquiry, $name, $email_address);
}else{
tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $emailsubject, $enquiry, $name, $email_address);
}
// EOF Super Contact us enhancement 1.0

tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
} else {
$error = true;

$messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
}
}

  $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US));

  $content = CONTENT_CONTACT_US;

  require(DIR_WS_TEMPLATES . TEMPLATE_NAME . '/' . TEMPLATENAME_MAIN_PAGE);

  require(DIR_WS_INCLUDES . 'application_bottom.php');
?>

Martin,

It's all your code for the contact_us.php ?  I don't know, very bizarre. Try to do the drop list instead the radio button and tell me if it's do the same thing...

[Jeep_ice]

jorgejordao, on Mar 8 2006, 09:08 AM, said:

Here is my contact_us.php:

Hi,

I don't see any error for what you say excepted for these code I have removed :

require('includes/application_top.php');
#################
$page_query = tep_db_query("select 
p.pages_id, 
p.sort_order, 
p.status, 
s.pages_title, 
s.pages_html_text
from 
" . TABLE_PAGES . " p LEFT JOIN " .TABLE_PAGES_DESCRIPTION . " s on p.pages_id = s.pages_id 
where 
p.status = 1
and
s.language_id = '" . (int)$languages_id . "'
and 
p.page_type = 2");


$page_check = tep_db_fetch_array($page_query);

$pagetext=stripslashes($page_check[pages_html_text]);

#################

I have removed it because it caused me error for the table. I don't know if you need this and I have added at the end just after </table></form></td> the following code because I need this to be able to test your code :

<!-- right_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_right.php'); ?>
<!-- right_navigation_eof //-->

After this, all is working. So the problem don't come from my contribution "Super Contact us enhancement 1.0". Check this out.

[rainton]

Jeep_ice, on Mar 9 2006, 04:59 AM, said:

Rainto,

Ok, I have changed your code at the beginning. It's the following code which cause me an error too. :

$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send') && tep_email_isfromdomain($_POST['email']))
{
$error = true;
$messageStack->add('contact', ENTRY_EMAIL_ADDRESS_ISFROMDOMAIN_ERROR);
}
elseif (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
$name = tep_db_prepare_input($HTTP_POST_VARS['name']);
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);

I changed these code for :

$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
$name = tep_db_prepare_input($HTTP_POST_VARS['name']);
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);

And it's work fine now, try it and tell me if all the thing is ok now....

Unfortunately it does not work... I try to better explain the problem... if you insert email, the module always comes sent without control of the CODE, it tries to only insert the email is you will see that the form it will come sent even if the CODE are empty. Of continuation the file with the modifications from you suggested.

I repeat, I send the form I insert alone email and not to insert CODE, the form comes sended without to control CODE

<?php
/*
  $Id: contact_us.php,v 1.42 2003/06/12 12:17:07 hpdl Exp $

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright © 2003 osCommerce

  Released under the GNU General Public License
*/

  require('includes/application_top.php');

  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

  $error = false;
  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
    $name = tep_db_prepare_input($HTTP_POST_VARS['name']);
    $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);
    // BOF Super Contact us enhancement 1.0
    $enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']);
$emailsubject = tep_db_prepare_input($HTTP_POST_VARS['reason']) . ' ' . EMAIL_SUBJECT;
    if (tep_validate_email($email_address)) {
if (CONTACT_US_LIST !=''){
$send_to_array=explode("," ,CONTACT_US_LIST);
preg_match('/\<[^>]+\>/', $send_to_array[$send_to], $send_email_array);
$send_to_email= eregi_replace (">", "", $send_email_array[0]);
$send_to_email= eregi_replace ("<", "", $send_to_email);

tep_mail(preg_replace('/\<[^*]*/', '', $send_to_array[$send_to]), $send_to_email, $emailsubject, $enquiry, $name, $email_address);
}else{
  tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $emailsubject, $enquiry, $name, $email_address);
}
// EOF Super Contact us enhancement 1.0

      tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
    } else {
      $error = true;

      $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
    }
//VISUAL VERIFY CODE start
require(DIR_WS_FUNCTIONS . 'visual_verify_code.php');

$code_query = tep_db_query("select code from visual_verify_code where oscsid = '" . tep_session_id($HTTP_GET_VARS[tep_session_name()]) . "'");
$code_array = tep_db_fetch_array($code_query);
$code = $code_array['code'];

tep_db_query("DELETE FROM " . TABLE_VISUAL_VERIFY_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); //remove the visual verify code associated with this session to clean database and ensure new results

$user_entered_code = $HTTP_POST_VARS['visual_verify_code'];
if (!(strcasecmp($user_entered_code, $code) == 0)) { //make the check case insensitive
$error = true;
$messageStack->add('contact', VISUAL_VERIFY_CODE_ENTRY_ERROR);
}
//VISUAL VERIFY CODE stop

  }

  $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US));
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="730" cellspacing="0" cellpadding="0">
  <tr>
<!-- body_text //-->
    <td width="100%" valign="top"><?php echo tep_draw_form('contact_us', tep_href_link(FILENAME_CONTACT_US, 'action=send')); ?><table border="0" width="610" cellspacing="0" cellpadding="0">
      <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td align="left" valign="top"><? echo ' <img src="images/intestazioni/CONTATTI.jpg" width="590" height="33"/>
     '; ?></td>
          </tr>
        </table></td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
      </tr>
<?php
  if ($messageStack->size('contact') > 0) {
?>
      <tr>
        <td><?php echo $messageStack->output('contact'); ?></td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
      </tr>
<?php
  }

  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) {
?>
      <tr>
        <td class="main" align="center"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_man_on_board.gif', HEADING_TITLE, '0', '0', 'align="left"') . TEXT_SUCCESS; ?></td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
      </tr>
      <tr>
        <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
          <tr class="infoBoxContents">
            <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
              <tr>
                <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
                <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td>
                <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
              </tr>
            </table></td>
          </tr>
        </table></td>
      </tr>
<!-- BOF Super Contact us enhancement 1.0 //-->
<?php
  } else {
  if (tep_session_is_registered('customer_id')) {
    $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
    $account = tep_db_fetch_array($account_query);

    $name = $account['customers_firstname'] . ' ' . $account['customers_lastname'];
    $email = $account['customers_email_address'];
  }
?>  

<tr>
<td>
<table border="0" width="605" cellspacing="0" cellpadding="0">
<tr>
<td width="650" height="0"></td>
                <td width="600"></td>
</tr>
                
<tr>
                <td rowspan="11" valign="top">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
       <tr>
           <td colspan="2" align="left" valign="top" class="main"></td>
       </tr>
<tr>
                     <td width="26" height="120" align="left" valign="top" class="main"></td>
                         <td width="542" valign="top">
                           <table width="100%" border="0" cellpadding="0" cellspacing="0">
                             <tr>
                               <td width="333" height="120" align="left" valign="top" class="menuCAT">
                               <STRONG><?php echo nl2br(STORE_NAME_ADDRESS); ?></STRONG><br>
                               <br><br>
                               <?php echo (OPENING_HOURS); ?>
                             </td>
                               <td width="1"> </td>
</tr>
                 </table>
                         </td>
   </tr>
<tr>
<td align="left" valign="top" class="main"><p> </p></td>
</tr>
</table>
</td>
<td height="40" valign="top" class="main">
<?php echo ENTRY_NAME; ?><br>
<?php echo tep_draw_input_field('name'); ?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<tr>
<td height="40" valign="top" class="main">
<?php echo ENTRY_EMAIL; ?><br>
<?php echo tep_draw_input_field('email'); ?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>

<tr>
<td height="40" valign="top" class="main">
<?php
  if (CONTACT_US_LIST !=''){
  echo SEND_TO_TEXT . '<br>';
if(SEND_TO_TYPE=='radio'){
foreach(explode("," ,CONTACT_US_LIST) as $k => $v) {
    if($k==0){
$checked=true;
}else{
$checked=false;
}
echo tep_draw_radio_field('send_to', "$k", $checked). " " .preg_replace('/\<[^*]*/', '', $v);
}

   }else{
   foreach(explode("," ,CONTACT_US_LIST) as $k => $v) {
$send_to_array[] = array('id' => $k, 'text' => preg_replace('/\<[^*]*/', '', $v));
}
         echo tep_draw_pull_down_menu('send_to',  $send_to_array);
   }

echo ;
}
?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<tr>
<td height="40" valign="top" class="main">
<?php echo ENTRY_REASON; ?><br>
<select name="reason">
<?php echo '<option value="' . REASONS1 . '">' . REASONS1 . '</option>'; ?>
<?php echo '<option value="' . REASONS2 . '">' . REASONS2 . '</option>'; ?>
<?php echo '<option value="' . REASONS3 . '">' . REASONS3 . '</option>'; ?>
<?php echo '<option value="' . REASONS4 . '">' . REASONS4 . '</option>'; ?>
<?php echo '<option value="' . REASONS5 . '">' . REASONS5 . '</option>'; ?>
<?php echo '<option value="' . REASONS6 . '">' . REASONS6 . '</option>'; ?>

</select>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<tr>
<td height="200" width="350" valign="top" class="main">
<?php echo ENTRY_ENQUIRY; ?><BR>
<!-- BOF This is the change for the Form Vunerability Fix //-->
                <?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, tep_sanitize_string($_POST['enquiry']), '', false); ?>
<!-- EOF This is the change for the Form Vunerability Fix //-->
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<!-- VISUAL VERIFY CODE-- START-->
<tr>
<td class="main">
<?php echo VISUAL_VERIFY_CODE_CATEGORY; ?>
<br>
<?php echo VISUAL_VERIFY_CODE_TEXT_INSTRUCTIONS; ?> <?php echo tep_draw_input_field('visual_verify_code'); ?>
<?php
//can replace the following loop with $visual_verify_code = substr(str_shuffle (VISUAL_VERIFY_CODE_CHARACTER_POOL), 0, rand(3,6)); if you have PHP 4.3
$visual_verify_code = "";
for ($i = 1; $i <= rand(3,6); $i++){
$visual_verify_code = $visual_verify_code . substr(VISUAL_VERIFY_CODE_CHARACTER_POOL, rand(0, strlen(VISUAL_VERIFY_CODE_CHARACTER_POOL)-1), 1);
}
$vvcode_oscsid = tep_session_id($HTTP_GET_VARS[tep_session_name()]);
tep_db_query("DELETE FROM " . TABLE_VISUAL_VERIFY_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'");
$sql_data_array = array('oscsid' => $vvcode_oscsid, 'code' => $visual_verify_code);
tep_db_perform(TABLE_VISUAL_VERIFY_CODE, $sql_data_array);
$visual_verify_code = "";
echo('<img src="' . FILENAME_VISUAL_VERIFY_CODE_DISPLAY . '?vvc=' . $vvcode_oscsid . '"');
?> <?php echo VISUAL_VERIFY_CODE_BOX_IDENTIFIER; ?>
</td>
</tr>
<tr>
<td height="4"></td>
</tr>
<!-- VISUAL VERIFY CODE-- STOP -->
<tr>
<td height="66" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="547" height="62" valign="top" align="middle"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>
</tr>
<tr>
<td height="4"></td>
</tr>
             </table>
            </td>
          </tr>
<tr>
<td height="41" colspan="2" align="left" class="main"><br> </td>
</tr>
</table>
  </td>
</tr>
<tr>
<td height="41" colspan="2" align="left" class="main"><br> </td>
</tr>
<?php
  }
?>
<!-- EOF Super Contact us enhancement 1.0 //-->

    </table>
    </form></td>
    <td width="100%" valign="top">
    <td width=145 valign=top> </td>
  </tr>
          <tr>
            <td><? if (tep_session_is_registered('customer_id'))echo '<a href="checkout_shipping.php"><img src="images/login/concludi.jpg" width="161"  border="0" /></a>'; ?></td>
          </tr>
          <tr>
            <td><? if (tep_session_is_registered('customer_id'))echo '<a href="account_newsletters.php"><img src="images/login/newsletter.jpg" width="161" border="0" /></a>';?></td>
          </tr>
          <tr>
            <td><? if (tep_session_is_registered('customer_id'))echo '<a href="products_new.php"><img src="images/login/arrivi.jpg" width="161" border="0" /></a>'; ?></td>
          </tr>
          <tr>
            <td></td>
          </tr>
          <tr>
            <td></td>
          </tr>
          <tr>
            <td><? if (tep_session_is_registered('customer_id')) echo '
<table width="161" border="0" cellpadding="0" cellspacing="0">
      <tr>
        <td><img src="images/login/banner.jpg" width="5" height="10" /></td>
        <td><img src="images/login/banner1.jpg" width="141" height="10" /></td>
        <td><img src="images/login/banner2.jpg" width="15" height="10" /></td>
      </tr>
      <tr>
        <td valign="top" background="images/login/banner3.jpg"><img src="images/login/banner3.jpg" width="5" height="135" /></td>
        <td valign="top"><table width="141" border="0" cellpadding="0" cellspacing="0">
          
        </table></td>
        <td valign="top" background="images/login/banner4.jpg"><img src="images/login/banner4.jpg" width="15" height="135" /></td>
      </tr>
      <tr>
        <td><img src="images/login/banner5.jpg" width="5" height="14" /></td>
        <td><img src="images/login/banner6.jpg" width="141" height="14" /></td>
        <td><img src="images/login/banner7.jpg" width="15" height="14" /></td>
      </tr>
    </table>
'; ?>            </td>
          </tr>
          <tr>
            <td><? if (tep_session_is_registered('customer_id'))echo '
<table width="161" border="0" cellpadding="0" cellspacing="0">
      <tr>
        <td><img src="images/login/banner.jpg" width="5" height="10" /></td>
        <td><img src="images/login/banner1.jpg" width="141" height="10" /></td>
        <td><img src="images/login/banner2.jpg" width="15" height="10" /></td>
      </tr>
      <tr>
        <td valign="top" background="images/login/banner3.jpg"><img src="images/login/banner3.jpg" width="5" height="135" /></td>
        <td valign="top"><table width="141" border="0" cellpadding="0" cellspacing="0">
          
        </table></td>
        <td valign="top" background="images/login/banner4.jpg"><img src="images/login/banner4.jpg" width="15" height="135" /></td>
      </tr>
      <tr>
        <td><img src="images/login/banner5.jpg" width="5" height="14" /></td>
        <td><img src="images/login/banner6.jpg" width="141" height="14" /></td>
        <td><img src="images/login/banner7.jpg" width="15" height="14" /></td>
      </tr>
    </table>
'; ?>            </td> </td>
    <!-- body_text_eof //-->
  </tr>
</table>
</td>
                   <td width=3></td>
                   <td width=161 valign=top>
                   </td>
                   </tr>
                   </table>
                   </td>
                   </tr>
                   </table>
                   </td>
                   <?php
  
?>
                   <!-- body_text_eof //-->
                   </tr>
                   </table>
                   <!-- body_eof //-->
                   <!-- footer //-->
                   <?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
                   <!-- footer_eof //-->
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

[jorgejordao]

Jeep_ice, on Mar 9 2006, 04:21 AM, said:

Hi,

I don't see any error for what you say excepted for these code I have removed :

require('includes/application_top.php');
#################
$page_query = tep_db_query("select 
p.pages_id, 
p.sort_order, 
p.status, 
s.pages_title, 
s.pages_html_text
from 
" . TABLE_PAGES . " p LEFT JOIN " .TABLE_PAGES_DESCRIPTION . " s on p.pages_id = s.pages_id 
where 
p.status = 1
and
s.language_id = '" . (int)$languages_id . "'
and 
p.page_type = 2");
$page_check = tep_db_fetch_array($page_query);

$pagetext=stripslashes($page_check[pages_html_text]);

#################

I have removed it because it caused me error for the table. I don't know if you need this and I have added at the end just after </table></form></td> the following code because I need this to be able to test your code :

<!-- right_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_right.php'); ?>
<!-- right_navigation_eof //-->

After this, all is working. So the problem don't come from my contribution "Super Contact us enhancement 1.0". Check this out.

I've tried from the beginning and gives the same error, i have removed the lines that you removed and its the same..... sorry for be anoying i will try to check this out........ but no one had the same problem, right?

thanks again

[Jeep_ice]

jorgejordao, on Mar 9 2006, 11:49 AM, said:

I've tried from the beginning and gives the same error, i have removed the lines that you removed and its the same..... sorry for be anoying i will try to check this out........ but no one had the same problem, right?

thanks again

Right....

[Jeep_ice]

jorgejordao, on Mar 9 2006, 11:49 AM, said:

I've tried from the beginning and gives the same error, i have removed the lines that you removed and its the same..... sorry for be anoying i will try to check this out........ but no one had the same problem, right?

thanks again

Hi,

Ok I undestand now what you talk about. It's doing the same thing to me, you are absolutely right about this. It's not my fault, I just included the code from this contibution (Visual Verify Code (VVC) security) into my contribution because somebody here asked it but I don't have released officially with my contribution. The Visual Verify Code (VVC) security have a bug, we have to fix this, anyone can work on this ? This contribution don't have a forum for bug. They think it's work, but it's not. I try this contribution alone without my contribution and it's doing the sme thing.

[jorgejordao]

I've tried to eliminate the lines of that contribution para it gaves the same error......... i will keep testing

thanks again