Sid04 Posted February 21, 2006 Share Posted February 21, 2006 (edited) You state that you included the "Contact Us Form Vunerability Fix", which im guessing your reffering to the following: http://www.oscommerce.com/community/contributions,2976 There was also a "Contact Us Form XSS Issue" bug that was addressed in osCommerce 2.2 Milestone 2 Update 051113(Update Package 13th November 2005). It was corrected by changing the 'html_output.php' files. What im wondering...are both of the above fixes related to the same problem? If so and I already applied the fix as outlined in Update 051113, will applying it again in your contribution in teh contact_us.php itself be a good idea? Will anything clash? Thanks Edited February 21, 2006 by Sid04 Quote Link to comment Share on other sites More sharing options...
John-Peter Posted February 21, 2006 Author Share Posted February 21, 2006 You state that you included the "Contact Us Form Vunerability Fix", which im guessing your reffering to the following: http://www.oscommerce.com/community/contributions,2976 There was also a "Contact Us Form XSS Issue" bug that was addressed in osCommerce 2.2 Milestone 2 Update 051113(Update Package 13th November 2005). It was corrected by changing the 'html_output.php' files. What im wondering...are both of the above fixes related to the same problem? If so and I already applied the fix as outlined in Update 051113, will applying it again in your contribution in teh contact_us.php itself be a good idea? Will anything clash? Thanks Bob, Thank for that, I didn't know for the Contact Us Form XSS Issue bug that was addressed in osCommerce 2.2 Milestone 2 Update 051113, I will check this ASAP. Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
Sid04 Posted February 22, 2006 Share Posted February 22, 2006 Thanks, im anxious to try out this contribution Quote Link to comment Share on other sites More sharing options...
robr Posted February 24, 2006 Share Posted February 24, 2006 Hi, have added the contribution but the store name and address details field is too small. Have tried altering width of the tables but to no avail. Where are the table widths for the details and the contact forms set? Thanks Robr Quote Link to comment Share on other sites More sharing options...
John-Peter Posted February 24, 2006 Author Share Posted February 24, 2006 (edited) Hi, have added the contribution but the store name and address details field is too small. Have tried altering width of the tables but to no avail. Where are the table widths for the details and the contact forms set? Thanks Robr To resolving this, edit catalog/contact_us.php and search for the following lines : <STRONG><?php echo nl2br(STORE_NAME_ADDRESS); ?></STRONG> Change IT TO : <STRONG><font size="7"><?php echo nl2br(STORE_NAME_ADDRESS); ?></font></STRONG> Play with <font size="7"> now and change it to whatever size you want. Asta la Vista. :rolleyes: Edited February 24, 2006 by Jeep_ice Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
CyberRuiz Posted February 26, 2006 Share Posted February 26, 2006 I've installed the contrib, but I am getting the following error message... Fatal error: Call to a member function on a non-object in /usr/www/users/jdee/testing/catalog/contact_us.php on line 82 Line 82 from catalog/contact_us.php if ($messageStack->size('contact') > 0) { Can someone attached the contact_us.php on a zip and see if that helps? Daniel Quote Link to comment Share on other sites More sharing options...
CyberRuiz Posted February 26, 2006 Share Posted February 26, 2006 I've installed the contrib, but I am getting the following error message... Fatal error: Call to a member function on a non-object in /usr/www/users/jdee/testing/catalog/contact_us.php on line 82 Line 82 from catalog/contact_us.php if ($messageStack->size('contact') > 0) { Can someone attached the contact_us.php on a zip and see if that helps? Daniel Quote Link to comment Share on other sites More sharing options...
John-Peter Posted February 26, 2006 Author Share Posted February 26, 2006 I've installed the contrib, but I am getting the following error message... Fatal error: Call to a member function on a non-object in /usr/www/users/jdee/testing/catalog/contact_us.php on line 82 Line 82 from catalog/contact_us.php if ($messageStack->size('contact') > 0) { Can someone attached the contact_us.php on a zip and see if that helps? Daniel Did you run the MySQL command in your PHPmyadmin ? Did you do all the thing in the install instruction ? Check again correctly if you not missing anything... If the problem continue, send your page contact_us here. I will check. Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
Graveyard666 Posted March 1, 2006 Share Posted March 1, 2006 I added this contrib and it works great except for after the user send the email the contact_us.php page refreshes saying just "contact us" the telephone and the "continue" button.. how can i insert some text that says "your email has been sent.." something along those lines? Quote Link to comment Share on other sites More sharing options...
Sid04 Posted March 1, 2006 Share Posted March 1, 2006 Bob, Thank for that, I didn't know for the Contact Us Form XSS Issue bug that was addressed in osCommerce 2.2 Milestone 2 Update 051113, I will check this ASAP. Any word on this yet? Thanks B) Quote Link to comment Share on other sites More sharing options...
John-Peter Posted March 2, 2006 Author Share Posted March 2, 2006 I added this contrib and it works great except for after the user send the email the contact_us.php page refreshes saying just "contact us" the telephone and the "continue" button.. how can i insert some text that says "your email has been sent.." something along those lines? Nice Idea, I will work on this.... :thumbsup: Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
John-Peter Posted March 2, 2006 Author Share Posted March 2, 2006 Any word on this yet? Thanks B) Bob, I don't forget you.... It 's just the time I don't have these day, very rushed :blush: . I will work on this tomorrow or friday... Let me 2-3 days and it's will done... Anyway, I want to release a new version updated with news features in it :rolleyes: . Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
Sid04 Posted March 2, 2006 Share Posted March 2, 2006 Bob, I don't forget you.... It 's just the time I don't have these day, very rushed :blush: . I will work on this tomorrow or friday... Let me 2-3 days and it's will done... Anyway, I want to release a new version updated with news features in it :rolleyes: . Awesome, maybe it's a good thing I havnt installed it yet :D Quote Link to comment Share on other sites More sharing options...
11alex Posted March 6, 2006 Share Posted March 6, 2006 Installed this great contribution although the mails are not recieved in the store email adresses. ie Sales <[email protected]>, Returns <[email protected]> Quote Link to comment Share on other sites More sharing options...
John-Peter Posted March 6, 2006 Author Share Posted March 6, 2006 Installed this great contribution although the mails are not recieved in the store email adresses. ie Sales <[email protected]>, Returns <[email protected]> Hi, It's not supposed, check all your installation because, the mail is not touched from the original mail, I have just added new email. Try without the contribution and retry to install to see if the problem come of the contribution of from another place. Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
John-Peter Posted March 6, 2006 Author Share Posted March 6, 2006 I added this contrib and it works great except for after the user send the email the contact_us.php page refreshes saying just "contact us" the telephone and the "continue" button.. how can i insert some text that says "your email has been sent.." something along those lines? Hi, Just checked and when I click on send email, it's work normally and it's say "Your enquiry has been successfully sent to the Store Owner". check your installation correctly. You are the only one who is doing this. Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
Davey Posted March 6, 2006 Share Posted March 6, 2006 Hi This look super, thanks. Has anyone got this to work on MS-1? I have so many mods .... TIA David Quote Link to comment Share on other sites More sharing options...
John-Peter Posted March 6, 2006 Author Share Posted March 6, 2006 Hi This look super, thanks. Has anyone got this to work on MS-1? I have so many mods .... TIA David Try it, I think it's not different so so.... Give it a try, it's very easy to install. :thumbsup: Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
Davey Posted March 6, 2006 Share Posted March 6, 2006 Thanks Jeep Step 1 is fine but step two I have this ... require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US); $error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) { if (tep_validate_email(trim($HTTP_POST_VARS['email']))) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $HTTP_POST_VARS['enquiry'], $HTTP_POST_VARS['name'], $HTTP_POST_VARS['email']); tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success')); } else { $error = true; } } I will keep playing .... :) Regards David Quote Link to comment Share on other sites More sharing options...
jorgejordao Posted March 7, 2006 Share Posted March 7, 2006 Good afternoon, I'm getting this error: Parse error: syntax error, unexpected ';' in C:\Inetpub\wwwroot\oscommerce\contact_us.php on line 221 my line 221 has the folowing: echo ; what it could be? Quote Link to comment Share on other sites More sharing options...
marcinmf Posted March 7, 2006 Share Posted March 7, 2006 Hello I am having a small problem, everything is working fine, just when I specify two emails to choose from ex. Sales <[email protected]>, Support [email protected] In admin panel, After choosing first option on the form I am receiving message fine, but after choosing second radio button message is going to the both e-mails instead to only second one. Is that DB problem or there is something wrong in the code? Thank you for any help. This is my php code. <?php /* $Id: contact_us.php,v 1.1.1.1 2004/03/04 23:37:58 ccwjr Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US); $error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) { $name = tep_db_prepare_input($HTTP_POST_VARS['name']); $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']); // BOF Super Contact us enhancement 1.0 $enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']); $emailsubject = tep_db_prepare_input($HTTP_POST_VARS['reason']) . ' ' . EMAIL_SUBJECT; if (tep_validate_email($email_address)) { if (CONTACT_US_LIST !=''){ $send_to_array=explode("," ,CONTACT_US_LIST); preg_match('/\<[^>]+\>/', $send_to_array[$send_to], $send_email_array); $send_to_email= eregi_replace (">", "", $send_email_array[0]); $send_to_email= eregi_replace ("<", "", $send_to_email); tep_mail(preg_replace('/\<[^*]*/', '', $send_to_array[$send_to]), $send_to_email, $emailsubject, $enquiry, $name, $email_address); }else{ tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $emailsubject, $enquiry, $name, $email_address); } // EOF Super Contact us enhancement 1.0 tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success')); } else { $error = true; $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } } $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US)); $content = CONTENT_CONTACT_US; require(DIR_WS_TEMPLATES . TEMPLATE_NAME . '/' . TEMPLATENAME_MAIN_PAGE); require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> Quote Link to comment Share on other sites More sharing options...
John-Peter Posted March 8, 2006 Author Share Posted March 8, 2006 Good afternoon, I'm getting this error: Parse error: syntax error, unexpected ';' in C:\Inetpub\wwwroot\oscommerce\contact_us.php on line 221 my line 221 has the folowing: echo ; what it could be? Can you send your contact_us.php code here, I will check this what is the problem... Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
John-Peter Posted March 8, 2006 Author Share Posted March 8, 2006 Hello I am having a small problem, everything is working fine, just when I specify two emails to choose from ex. Sales <[email protected]>, Support [email protected] In admin panel, After choosing first option on the form I am receiving message fine, but after choosing second radio button message is going to the both e-mails instead to only second one. Is that DB problem or there is something wrong in the code? Thank you for any help. Hi, If you have put the email like this in the admin panel --> :Sales <[email protected]>, Support [email protected] - It's normal. The second email is not writed the good way. You have to write Support <[email protected]> it's gonna work after this.. Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
John-Peter Posted March 8, 2006 Author Share Posted March 8, 2006 Thanks Jeep Step 1 is fine but step two I have this ... require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US); $error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) { if (tep_validate_email(trim($HTTP_POST_VARS['email']))) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $HTTP_POST_VARS['enquiry'], $HTTP_POST_VARS['name'], $HTTP_POST_VARS['email']); tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success')); } else { $error = true; } } I will keep playing .... :) Regards David David, Good. Keep trying and let me know when is working. Quote John -------------------- osCommerce 2.3.4 Bootstrap Edge Link to comment Share on other sites More sharing options...
jorgejordao Posted March 8, 2006 Share Posted March 8, 2006 Here is my contact_us.php: <?php /* $Id: contact_us.php,v 1.42 2003/06/12 12:17:07 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); ################# $page_query = tep_db_query("select p.pages_id, p.sort_order, p.status, s.pages_title, s.pages_html_text from " . TABLE_PAGES . " p LEFT JOIN " .TABLE_PAGES_DESCRIPTION . " s on p.pages_id = s.pages_id where p.status = 1 and s.language_id = '" . (int)$languages_id . "' and p.page_type = 2"); $page_check = tep_db_fetch_array($page_query); $pagetext=stripslashes($page_check[pages_html_text]); ################# require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US); $error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) { $name = tep_db_prepare_input($HTTP_POST_VARS['name']); $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']); // BOF Super Contact us enhancement 1.0 $enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']); $emailsubject = tep_db_prepare_input($HTTP_POST_VARS['reason']) . ' ' . EMAIL_SUBJECT; if (tep_validate_email($email_address)) { if (CONTACT_US_LIST !=''){ $send_to_array=explode("," ,CONTACT_US_LIST); preg_match('/\<[^>]+\>/', $send_to_array[$send_to], $send_email_array); $send_to_email= eregi_replace (">", "", $send_email_array[0]); $send_to_email= eregi_replace ("<", "", $send_to_email); tep_mail(preg_replace('/\<[^*]*/', '', $send_to_array[$send_to]), $send_to_email, $emailsubject, $enquiry, $name, $email_address); }else{ tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $emailsubject, $enquiry, $name, $email_address); } // EOF Super Contact us enhancement 1.0 tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success')); } else { $error = true; $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } } $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="1" width="770" cellspacing="3" cellpadding="3" align="center"> <tr> <td width="<?php echo BOX_WIDTH_LEFT_IS; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH_LEFT_IS; ?>" cellspacing="0" cellpadding="2"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td width="100%" valign="top"><?php echo tep_draw_form('contact_us', tep_href_link(FILENAME_CONTACT_US, 'action=send')); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?></td> <td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_contact_us.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('contact') > 0) { ?> <tr> <td><?php echo $messageStack->output('contact'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="center"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_man_on_board.gif', HEADING_TITLE, '0', '0', 'align="left"') . TEXT_SUCCESS; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <!-- BOF Super Contact us enhancement 1.0 //--> <?php } else { if (tep_session_is_registered('customer_id')) { $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'"); $account = tep_db_fetch_array($account_query); $name = $account['customers_firstname'] . ' ' . $account['customers_lastname']; $email = $account['customers_email_address']; } ?> <tr> <td> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="650" height="0"></td> <td width="600"></td> </tr> <tr> <td rowspan="11" valign="top"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td colspan="2" align="left" valign="top" class="main"></td> </tr> <tr> <td width="38" height="120" align="left" valign="top" class="main"></td> <td width="334" valign="top"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="333" height="120" align="left" valign="top" class="main"> <STRONG><font size="7"><?php echo nl2br(STORE_NAME_ADDRESS); ?></font></STRONG><br><br><br> <?php echo (OPENING_HOURS); ?> </td> <td width="1"> </td> </tr> </table> </td> </tr> <tr> <td align="left" valign="top" class="main"><p> </p></td> </tr> </table> </td> <td height="40" valign="top" class="main"> <?php echo ENTRY_NAME; ?><br> <?php echo tep_draw_input_field('name'); ?> </td> </tr> <tr> <td height="4"></td> </tr> <tr> <td height="40" valign="top" class="main"> <?php echo ENTRY_EMAIL; ?><br> <?php echo tep_draw_input_field('email'); ?> </td> </tr> <tr> <td height="4"></td> </tr> <tr> <td height="40" valign="top" class="main"> <?php if (CONTACT_US_LIST !=''){ echo SEND_TO_TEXT . '<br>'; if(SEND_TO_TYPE=='radio'){ foreach(explode("," ,CONTACT_US_LIST) as $k => $v) { if($k==0){ $checked=true; }else{ $checked=false; } echo tep_draw_radio_field('send_to', "$k", $checked). " " .preg_replace('/\<[^*]*/', '', $v); } }else{ foreach(explode("," ,CONTACT_US_LIST) as $k => $v) { $send_to_array[] = array('id' => $k, 'text' => preg_replace('/\<[^*]*/', '', $v)); } echo tep_draw_pull_down_menu('send_to', $send_to_array); } echo ; } ?> </td> </tr> <tr> <td height="4"></td> </tr> <tr> <td height="40" valign="top" class="main"> <?php echo ENTRY_REASON; ?><br> <select name="reason"> <?php echo '<option value="' . REASONS1 . '">' . REASONS1 . '</option>'; ?> <?php echo '<option value="' . REASONS2 . '">' . REASONS2 . '</option>'; ?> <?php echo '<option value="' . REASONS3 . '">' . REASONS3 . '</option>'; ?> <?php echo '<option value="' . REASONS4 . '">' . REASONS4 . '</option>'; ?> <?php echo '<option value="' . REASONS5 . '">' . REASONS5 . '</option>'; ?> <?php echo '<option value="' . REASONS6 . '">' . REASONS6 . '</option>'; ?> </select> </td> </tr> <tr> <td height="4"></td> </tr> <tr> <td height="200" width="350" valign="top" class="main"> <?php echo ENTRY_ENQUIRY; ?><BR> <!-- BOF This is the change for the Form Vunerability Fix //--> <?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, tep_sanitize_string($_POST['enquiry']), '', false); ?> <!-- EOF This is the change for the Form Vunerability Fix //--> </td> </tr> <tr> <td height="4"></td> </tr> <tr> <td height="66" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="547" height="62" valign="top" align="middle"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td> </tr> <tr> <td height="4"></td> </tr> </table> </td> </tr> <tr> <td height="41" colspan="2" align="left" class="main"><br> </td> </tr> </table> </td> </tr> <tr> <td height="41" colspan="2" align="left" class="main"><br> </td> </tr> <?php } ?> <!-- EOF Super Contact us enhancement 1.0 //--> </table></form></td> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.