Latest News: (loading..)
John-Peter

Super Contact us enhancement 1.0

340 posts in this topic

You state that you included the "Contact Us Form Vunerability Fix", which im guessing your reffering to the following: http://www.oscommerce.com/community/contributions,2976

 

There was also a "Contact Us Form XSS Issue" bug that was addressed in osCommerce 2.2 Milestone 2 Update 051113(Update Package 13th November 2005). It was corrected by changing the 'html_output.php' files.

 

What im wondering...are both of the above fixes related to the same problem? If so and I already applied the fix as outlined in Update 051113, will applying it again in your contribution in teh contact_us.php itself be a good idea? Will anything clash?

 

Thanks

Edited by Sid04

Share this post


Link to post
Share on other sites
You state that you included the "Contact Us Form Vunerability Fix", which im guessing your reffering to the following: http://www.oscommerce.com/community/contributions,2976

 

There was also a "Contact Us Form XSS Issue" bug that was addressed in osCommerce 2.2 Milestone 2 Update 051113(Update Package 13th November 2005). It was corrected by changing the 'html_output.php' files.

 

What im wondering...are both of the above fixes related to the same problem? If so and I already applied the fix as outlined in Update 051113, will applying it again in your contribution in teh contact_us.php itself be a good idea? Will anything clash?

 

Thanks

 

Bob,

 

Thank for that, I didn't know for the Contact Us Form XSS Issue bug that was addressed in osCommerce 2.2 Milestone 2 Update 051113, I will check this ASAP.

Share this post


Link to post
Share on other sites

Hi, have added the contribution but the store name and address details field is too small. Have tried altering width of the tables but to no avail. Where are the table widths for the details and the contact forms set?

 

Thanks

Robr

Share this post


Link to post
Share on other sites
Hi, have added the contribution but the store name and address details field is too small. Have tried altering width of the tables but to no avail. Where are the table widths for the details and the contact forms set?

 

Thanks

Robr

 

To resolving this, edit catalog/contact_us.php and search for the following lines :

 

							 				<STRONG><?php echo nl2br(STORE_NAME_ADDRESS); ?></STRONG>

 

Change IT TO :

 

											  <STRONG><font size="7"><?php echo nl2br(STORE_NAME_ADDRESS); ?></font></STRONG>

 

Play with <font size="7"> now and change it to whatever size you want. Asta la Vista. :rolleyes:

Edited by Jeep_ice

Share this post


Link to post
Share on other sites

I've installed the contrib, but I am getting the following error message...

 

Fatal error: Call to a member function on a non-object in /usr/www/users/jdee/testing/catalog/contact_us.php on line 82

 

Line 82 from catalog/contact_us.php

if ($messageStack->size('contact') > 0) {

 

Can someone attached the contact_us.php on a zip and see if that helps?

Daniel

Share this post


Link to post
Share on other sites

I've installed the contrib, but I am getting the following error message...

 

Fatal error: Call to a member function on a non-object in /usr/www/users/jdee/testing/catalog/contact_us.php on line 82

 

Line 82 from catalog/contact_us.php

if ($messageStack->size('contact') > 0) {

 

Can someone attached the contact_us.php on a zip and see if that helps?

Daniel

Share this post


Link to post
Share on other sites
I've installed the contrib, but I am getting the following error message...

 

Fatal error: Call to a member function on a non-object in /usr/www/users/jdee/testing/catalog/contact_us.php on line 82

 

Line 82 from catalog/contact_us.php

if ($messageStack->size('contact') > 0) {

 

Can someone attached the contact_us.php on a zip and see if that helps?

Daniel

 

Did you run the MySQL command in your PHPmyadmin ? Did you do all the thing in the install instruction ? Check again correctly if you not missing anything... If the problem continue, send your page contact_us here. I will check.

Share this post


Link to post
Share on other sites

I added this contrib and it works great except for after the user send the email the contact_us.php page refreshes saying just "contact us" the telephone and the "continue" button..

 

how can i insert some text that says "your email has been sent.." something along those lines?

Share this post


Link to post
Share on other sites
Bob,

 

Thank for that, I didn't know for the Contact Us Form XSS Issue bug that was addressed in osCommerce 2.2 Milestone 2 Update 051113, I will check this ASAP.

 

Any word on this yet? Thanks B)

Share this post


Link to post
Share on other sites
I added this contrib and it works great except for after the user send the email the contact_us.php page refreshes saying just "contact us" the telephone and the "continue" button..

 

how can i insert some text that says "your email has been sent.." something along those lines?

 

Nice Idea, I will work on this.... :thumbsup:

Share this post


Link to post
Share on other sites
Any word on this yet? Thanks B)

 

Bob,

 

I don't forget you.... It 's just the time I don't have these day, very rushed :blush: . I will work on this tomorrow or friday... Let me 2-3 days and it's will done... Anyway, I want to release a new version updated with news features in it :rolleyes: .

Share this post


Link to post
Share on other sites
Bob,

 

I don't forget you.... It 's just the time I don't have these day, very rushed :blush: . I will work on this tomorrow or friday... Let me 2-3 days and it's will done... Anyway, I want to release a new version updated with news features in it :rolleyes: .

 

Awesome, maybe it's a good thing I havnt installed it yet :D

Share this post


Link to post
Share on other sites

Installed this great contribution although the mails are not recieved in the store email adresses.

 

ie Sales <sales@yourdomain.com>, Returns <returns@yourdomain.com>

Share this post


Link to post
Share on other sites
Installed this great contribution although the mails are not recieved in the store email adresses.

 

ie Sales <sales@yourdomain.com>, Returns <returns@yourdomain.com>

 

Hi,

 

It's not supposed, check all your installation because, the mail is not touched from the original mail, I have just added new email. Try without the contribution and retry to install to see if the problem come of the contribution of from another place.

Share this post


Link to post
Share on other sites
I added this contrib and it works great except for after the user send the email the contact_us.php page refreshes saying just "contact us" the telephone and the "continue" button..

 

how can i insert some text that says "your email has been sent.." something along those lines?

 

Hi,

 

Just checked and when I click on send email, it's work normally and it's say "Your enquiry has been successfully sent to the Store Owner". check your installation correctly. You are the only one who is doing this.

Share this post


Link to post
Share on other sites

Hi

 

This look super, thanks.

 

Has anyone got this to work on MS-1? I have so many mods ....

 

TIA

 

David

Share this post


Link to post
Share on other sites
Hi

 

This look super, thanks.

 

Has anyone got this to work on MS-1? I have so many mods ....

 

TIA

 

David

 

Try it, I think it's not different so so.... Give it a try, it's very easy to install.

:thumbsup:

Share this post


Link to post
Share on other sites

Thanks Jeep

 

Step 1 is fine but step two I have this ...

 

 require('includes/application_top.php');

 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

 $error = false;
 if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
if (tep_validate_email(trim($HTTP_POST_VARS['email']))) {
  tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $HTTP_POST_VARS['enquiry'], $HTTP_POST_VARS['name'], $HTTP_POST_VARS['email']);
  tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
} else {
  $error = true;
}
 }

 

I will keep playing .... :)

 

Regards

 

David

Share this post


Link to post
Share on other sites

Good afternoon,

 

I'm getting this error: Parse error: syntax error, unexpected ';' in C:\Inetpub\wwwroot\oscommerce\contact_us.php on line 221

 

my line 221 has the folowing: echo ;

 

 

what it could be?

Share this post


Link to post
Share on other sites

Hello I am having a small problem, everything is working fine, just when I specify two emails to choose from ex.

Sales <marcinmf@yahoo.com>, Support marcinmf@swim.pl

In admin panel,

After choosing first option on the form I am receiving message fine, but after choosing second radio button message is going to the both e-mails instead to only second one.

Is that DB problem or there is something wrong in the code?

 

Thank you for any help.

 

This is my php code.

 

 

<?php
/*
 $Id: contact_us.php,v 1.1.1.1 2004/03/04 23:37:58 ccwjr Exp $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

 require('includes/application_top.php');

 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
$name = tep_db_prepare_input($HTTP_POST_VARS['name']);
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);
// BOF Super Contact us enhancement 1.0
$enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']);
$emailsubject = tep_db_prepare_input($HTTP_POST_VARS['reason']) . ' ' . EMAIL_SUBJECT;
if (tep_validate_email($email_address)) {
if (CONTACT_US_LIST !=''){
$send_to_array=explode("," ,CONTACT_US_LIST);
preg_match('/\<[^>]+\>/', $send_to_array[$send_to], $send_email_array);
$send_to_email= eregi_replace (">", "", $send_email_array[0]);
$send_to_email= eregi_replace ("<", "", $send_to_email);

tep_mail(preg_replace('/\<[^*]*/', '', $send_to_array[$send_to]), $send_to_email, $emailsubject, $enquiry, $name, $email_address);
}else{
tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $emailsubject, $enquiry, $name, $email_address);
}
// EOF Super Contact us enhancement 1.0

tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
} else {
$error = true;

$messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
}
}

 $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US));

 $content = CONTENT_CONTACT_US;

 require(DIR_WS_TEMPLATES . TEMPLATE_NAME . '/' . TEMPLATENAME_MAIN_PAGE);

 require(DIR_WS_INCLUDES . 'application_bottom.php');
?>

Share this post


Link to post
Share on other sites
Good afternoon,

 

I'm getting this error: Parse error: syntax error, unexpected ';' in C:\Inetpub\wwwroot\oscommerce\contact_us.php on line 221

 

my line 221 has the folowing: echo ;

what it could be?

 

Can you send your contact_us.php code here, I will check this what is the problem...

Share this post


Link to post
Share on other sites
Hello I am having a small problem, everything is working fine, just when I specify two emails to choose from ex.

Sales <marcinmf@yahoo.com>, Support marcinmf@swim.pl

In admin panel,

After choosing first option on the form I am receiving message fine, but after choosing second radio button message is going to the both e-mails instead to only second one.

Is that DB problem or there is something wrong in the code?

 

Thank you for any help.

 

Hi,

 

If you have put the email like this in the admin panel --> :Sales <marcinmf@yahoo.com>, Support marcinmf@swim.pl - It's normal. The second email is not writed the good way. You have to write Support <marcinmf@swim.pl> it's gonna work after this..

Share this post


Link to post
Share on other sites
Thanks Jeep

 

Step 1 is fine but step two I have this ...

 

 require('includes/application_top.php');

 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

 $error = false;
 if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
if (tep_validate_email(trim($HTTP_POST_VARS['email']))) {
  tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $HTTP_POST_VARS['enquiry'], $HTTP_POST_VARS['name'], $HTTP_POST_VARS['email']);
  tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
} else {
  $error = true;
}
 }

 

I will keep playing .... :)

 

Regards

 

David

 

David,

 

Good. Keep trying and let me know when is working.

Share this post


Link to post
Share on other sites

Here is my contact_us.php:

 

 

<?php

/*

$Id: contact_us.php,v 1.42 2003/06/12 12:17:07 hpdl Exp $

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

require('includes/application_top.php');

#################

$page_query = tep_db_query("select

p.pages_id,

p.sort_order,

p.status,

s.pages_title,

s.pages_html_text

from

" . TABLE_PAGES . " p LEFT JOIN " .TABLE_PAGES_DESCRIPTION . " s on p.pages_id = s.pages_id

where

p.status = 1

and

s.language_id = '" . (int)$languages_id . "'

and

p.page_type = 2");

 

 

$page_check = tep_db_fetch_array($page_query);

 

$pagetext=stripslashes($page_check[pages_html_text]);

 

#################

 

require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

 

$error = false;

if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {

$name = tep_db_prepare_input($HTTP_POST_VARS['name']);

$email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);

// BOF Super Contact us enhancement 1.0

$enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']);

$emailsubject = tep_db_prepare_input($HTTP_POST_VARS['reason']) . ' ' . EMAIL_SUBJECT;

if (tep_validate_email($email_address)) {

if (CONTACT_US_LIST !=''){

$send_to_array=explode("," ,CONTACT_US_LIST);

preg_match('/\<[^>]+\>/', $send_to_array[$send_to], $send_email_array);

$send_to_email= eregi_replace (">", "", $send_email_array[0]);

$send_to_email= eregi_replace ("<", "", $send_to_email);

 

tep_mail(preg_replace('/\<[^*]*/', '', $send_to_array[$send_to]), $send_to_email, $emailsubject, $enquiry, $name, $email_address);

}else{

tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $emailsubject, $enquiry, $name, $email_address);

}

// EOF Super Contact us enhancement 1.0

 

tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));

} else {

$error = true;

 

$messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);

}

}

 

$breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US));

?>

<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">

<html <?php echo HTML_PARAMS; ?>>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">

<title><?php echo TITLE; ?></title>

<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">

<link rel="stylesheet" type="text/css" href="stylesheet.css">

</head>

<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">

<!-- header //-->

<?php require(DIR_WS_INCLUDES . 'header.php'); ?>

<!-- header_eof //-->

 

<!-- body //-->

<table border="1" width="770" cellspacing="3" cellpadding="3" align="center">

<tr>

<td width="<?php echo BOX_WIDTH_LEFT_IS; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH_LEFT_IS; ?>" cellspacing="0" cellpadding="2">

<!-- left_navigation //-->

<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>

<!-- left_navigation_eof //-->

</table></td>

<!-- body_text //-->

<td width="100%" valign="top"><?php echo tep_draw_form('contact_us', tep_href_link(FILENAME_CONTACT_US, 'action=send')); ?><table border="0" width="100%" cellspacing="0" cellpadding="0">

<tr>

<td><table border="0" width="100%" cellspacing="0" cellpadding="0">

<tr>

<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>

<td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_contact_us.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>

</tr>

</table></td>

</tr>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>

</tr>

<?php

if ($messageStack->size('contact') > 0) {

?>

<tr>

<td><?php echo $messageStack->output('contact'); ?></td>

</tr>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>

</tr>

<?php

}

 

if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) {

?>

<tr>

<td class="main" align="center"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_man_on_board.gif', HEADING_TITLE, '0', '0', 'align="left"') . TEXT_SUCCESS; ?></td>

</tr>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>

</tr>

<tr>

<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">

<tr class="infoBoxContents">

<td><table border="0" width="100%" cellspacing="0" cellpadding="2">

<tr>

<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

<td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td>

<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

</tr>

</table></td>

</tr>

</table></td>

</tr>

<!-- BOF Super Contact us enhancement 1.0 //-->

<?php

} else {

if (tep_session_is_registered('customer_id')) {

$account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");

$account = tep_db_fetch_array($account_query);

 

$name = $account['customers_firstname'] . ' ' . $account['customers_lastname'];

$email = $account['customers_email_address'];

}

?>

 

<tr>

<td>

<table border="0" width="100%" cellspacing="0" cellpadding="0">

<tr>

<td width="650" height="0"></td>

<td width="600"></td>

</tr>

 

<tr>

<td rowspan="11" valign="top">

<table width="100%" border="0" cellpadding="0" cellspacing="0">

<tr>

<td colspan="2" align="left" valign="top" class="main"></td>

</tr>

<tr>

<td width="38" height="120" align="left" valign="top" class="main"></td>

<td width="334" valign="top">

<table width="100%" border="0" cellpadding="0" cellspacing="0">

<tr>

<td width="333" height="120" align="left" valign="top" class="main">

<STRONG><font size="7"><?php echo nl2br(STORE_NAME_ADDRESS); ?></font></STRONG><br><br><br>

<?php echo (OPENING_HOURS); ?>

</td>

<td width="1"> </td>

</tr>

</table>

</td>

</tr>

<tr>

<td align="left" valign="top" class="main"><p> </p></td>

</tr>

</table>

</td>

<td height="40" valign="top" class="main">

<?php echo ENTRY_NAME; ?><br>

<?php echo tep_draw_input_field('name'); ?>

</td>

</tr>

<tr>

<td height="4"></td>

</tr>

<tr>

<td height="40" valign="top" class="main">

<?php echo ENTRY_EMAIL; ?><br>

<?php echo tep_draw_input_field('email'); ?>

</td>

</tr>

<tr>

<td height="4"></td>

</tr>

 

<tr>

<td height="40" valign="top" class="main">

<?php

if (CONTACT_US_LIST !=''){

echo SEND_TO_TEXT . '<br>';

if(SEND_TO_TYPE=='radio'){

foreach(explode("," ,CONTACT_US_LIST) as $k => $v) {

if($k==0){

$checked=true;

}else{

$checked=false;

}

echo tep_draw_radio_field('send_to', "$k", $checked). " " .preg_replace('/\<[^*]*/', '', $v);

}

 

}else{

foreach(explode("," ,CONTACT_US_LIST) as $k => $v) {

$send_to_array[] = array('id' => $k, 'text' => preg_replace('/\<[^*]*/', '', $v));

}

echo tep_draw_pull_down_menu('send_to', $send_to_array);

}

 

echo ;

}

?>

</td>

</tr>

<tr>

<td height="4"></td>

</tr>

<tr>

<td height="40" valign="top" class="main">

<?php echo ENTRY_REASON; ?><br>

<select name="reason">

<?php echo '<option value="' . REASONS1 . '">' . REASONS1 . '</option>'; ?>

<?php echo '<option value="' . REASONS2 . '">' . REASONS2 . '</option>'; ?>

<?php echo '<option value="' . REASONS3 . '">' . REASONS3 . '</option>'; ?>

<?php echo '<option value="' . REASONS4 . '">' . REASONS4 . '</option>'; ?>

<?php echo '<option value="' . REASONS5 . '">' . REASONS5 . '</option>'; ?>

<?php echo '<option value="' . REASONS6 . '">' . REASONS6 . '</option>'; ?>

 

</select>

</td>

</tr>

<tr>

<td height="4"></td>

</tr>

<tr>

<td height="200" width="350" valign="top" class="main">

<?php echo ENTRY_ENQUIRY; ?><BR>

<!-- BOF This is the change for the Form Vunerability Fix //-->

<?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, tep_sanitize_string($_POST['enquiry']), '', false); ?>

<!-- EOF This is the change for the Form Vunerability Fix //-->

</td>

</tr>

<tr>

<td height="4"></td>

</tr>

<tr>

<td height="66" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">

<tr>

<td width="547" height="62" valign="top" align="middle"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>

</tr>

<tr>

<td height="4"></td>

</tr>

</table>

</td>

</tr>

<tr>

<td height="41" colspan="2" align="left" class="main"><br> </td>

</tr>

</table>

</td>

</tr>

<tr>

<td height="41" colspan="2" align="left" class="main"><br> </td>

</tr>

<?php

}

?>

<!-- EOF Super Contact us enhancement 1.0 //-->

</table></form></td>

 

 

<!-- footer //-->

<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>

<!-- footer_eof //-->

<br>

</body>

</html>

<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

 

 

thanks

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now