Jack's FormMail.php (how to?)

  • LindBlad
  • Beginner
  • Beginner
  • User avatar
  • Posts: 61

Post 3+ Months Ago

Ok, as i didnt get much replies in PHP section, i will try again here.

I have been using phpmyformmail before
http://sourceforge.net/projects/phpmyformmail
but it doesnt work on my new server, because of security issues, so i am now trying to set up this Jack's FormMail.php instead.
http://www.dtheatre.com/scripts/formmail

Can someone tell me HOW to do it?
...what files do i need for it to work, cause what ever i try, it always gives me the error page saying:

Quote:
The form was not submitted for the following reasons:
You are coming from an unauthorized domain.
Please use your browser's back button to return to the form and try again.
This form is powered by Jack's Formmail.php 5.0/a>



I tried to find tutorials but they all say
Quote:
To set up the FormMail.php script copy it into the directory in which you are planning to use it. It's that plain and simple.

... but well, its not that simple.

Can someone explain this to me please?
What files do i need? Do i have to edit the PHP file?


With the one i used before, i needed 4 files:

html page (the contact form)
PHP file (phpmyformmail.php)
thank_you.html
thankyou.cfm

(actually SSH-Raj here teached me how to do it then)

So, what do i need now?


Thanks in advance.
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • UPSGuy
  • Lurker ಠ_ಠ
  • Web Master
  • User avatar
  • Posts: 2733
  • Loc: Nashville, TN

Post 3+ Months Ago

Sounds like theres a security check within the phpmyformmail.php that needs a glance. Mind copying it here, or if very large, pastebin.com it for me?
  • LindBlad
  • Beginner
  • Beginner
  • User avatar
  • Posts: 61

Post 3+ Months Ago

Are you saying that you could fix the security issues from that PHP?!?!?
If so, then that could be REALLY great :P The security stuff that my host provider said that they dont allow was something called: "register_globals" if that tells you anything. To me it doesnt say anything and i didnt even find the words ""register_globals" from the PHP file :(

Here it is anyway:




Code: [ Select ]
<?
/****************************************/
/*     phpMyFormmail 1.1      */
/*    (c) 2003 Manuel M-M      */
/* Released under GNU-Public-Licence  */
/****************************************/

# Before you start configuring the system it`s recommend to read "install.txt"
# Your suggestions, and so, are welcome.
# So send me these. Problems, errors, ... are also welcome.
# If you`ve problems with the script, send me a mail.

/* CONFIGURATION START         */
/****************************************/

/* Enter your Domain... you can also enter $SERVER_NAME if that`s working too!? */
$allowed_domain = "$SERVER_NAME";

/* Here you can define the starting text of the email */
$start = "The form with the subject $subject has been submitted. The following is the raw data of that form.\n\n"; /* This is the start text of your email */

/* Now enter the way you post the form... (You can enter POST or GET) - POST HAS GOT MORE SECURITY! */
$vartype = "POST";

/* Show the user`s all errors (no php) - "true" :YES, "false" :NO */
$show_errors = true;


/* CONFIGURATION END          */
/****************************************/
/* Do not edit the following codes...  */


$recipient_mail = explode("@",$recipient);
$recipient_domain = $recipient_mail[1];

if ((!$recipient == "") && (!$redirect == "") && (!$subject == "") && (!$recipient_domain == "$allowed_domain"))
{
$error = "In the formular where you entered your
data is an error, because the webmaster forgot to<br>
create the hidden fields <i>recipient,redirect or subject.</i>";
} else {

$line = "0";
$vartype = strtolower($vartype);
if ($vartype == "get") {
foreach ($HTTP_GET_VARS as $name => $value) {
    if (!$line) {
        $line = "$name - $value\n";
    $line++;
    } else {
        $inhal .= "$name - $value\n";
    $line++;
    }
}
} else {
foreach ($HTTP_POST_VARS as $name => $value) {
    if (!$line) {
        $line = "$name - $value\n";
    $line++;
    } else {
        $inhal .= "$name - $value\n";
    $line++;
    }
}
}

if ($headers == "") { $headers = ""; }
     
$headers .= "From: <phpmyformmail@$allowed_domain>\r\n";
$headers .= "X-Mailer: phpMyFormmail 1.1";

$recipientt = $recipient;

$msg = $start;
$msg .= $inhal;


if ((mail($recipientt, $subject, $msg, $headers)) && ($error == "")) {
    header("location: $redirect");
} else {
if ($error == "") {
$error = "There was an error while trying to send email";
}
}
}
if ($show_errors) { echo $error; die(); }
?>
  1. <?
  2. /****************************************/
  3. /*     phpMyFormmail 1.1      */
  4. /*    (c) 2003 Manuel M-M      */
  5. /* Released under GNU-Public-Licence  */
  6. /****************************************/
  7. # Before you start configuring the system it`s recommend to read "install.txt"
  8. # Your suggestions, and so, are welcome.
  9. # So send me these. Problems, errors, ... are also welcome.
  10. # If you`ve problems with the script, send me a mail.
  11. /* CONFIGURATION START         */
  12. /****************************************/
  13. /* Enter your Domain... you can also enter $SERVER_NAME if that`s working too!? */
  14. $allowed_domain = "$SERVER_NAME";
  15. /* Here you can define the starting text of the email */
  16. $start = "The form with the subject $subject has been submitted. The following is the raw data of that form.\n\n"; /* This is the start text of your email */
  17. /* Now enter the way you post the form... (You can enter POST or GET) - POST HAS GOT MORE SECURITY! */
  18. $vartype = "POST";
  19. /* Show the user`s all errors (no php) - "true" :YES, "false" :NO */
  20. $show_errors = true;
  21. /* CONFIGURATION END          */
  22. /****************************************/
  23. /* Do not edit the following codes...  */
  24. $recipient_mail = explode("@",$recipient);
  25. $recipient_domain = $recipient_mail[1];
  26. if ((!$recipient == "") && (!$redirect == "") && (!$subject == "") && (!$recipient_domain == "$allowed_domain"))
  27. {
  28. $error = "In the formular where you entered your
  29. data is an error, because the webmaster forgot to<br>
  30. create the hidden fields <i>recipient,redirect or subject.</i>";
  31. } else {
  32. $line = "0";
  33. $vartype = strtolower($vartype);
  34. if ($vartype == "get") {
  35. foreach ($HTTP_GET_VARS as $name => $value) {
  36.     if (!$line) {
  37.         $line = "$name - $value\n";
  38.     $line++;
  39.     } else {
  40.         $inhal .= "$name - $value\n";
  41.     $line++;
  42.     }
  43. }
  44. } else {
  45. foreach ($HTTP_POST_VARS as $name => $value) {
  46.     if (!$line) {
  47.         $line = "$name - $value\n";
  48.     $line++;
  49.     } else {
  50.         $inhal .= "$name - $value\n";
  51.     $line++;
  52.     }
  53. }
  54. }
  55. if ($headers == "") { $headers = ""; }
  56.      
  57. $headers .= "From: <phpmyformmail@$allowed_domain>\r\n";
  58. $headers .= "X-Mailer: phpMyFormmail 1.1";
  59. $recipientt = $recipient;
  60. $msg = $start;
  61. $msg .= $inhal;
  62. if ((mail($recipientt, $subject, $msg, $headers)) && ($error == "")) {
  63.     header("location: $redirect");
  64. } else {
  65. if ($error == "") {
  66. $error = "There was an error while trying to send email";
  67. }
  68. }
  69. }
  70. if ($show_errors) { echo $error; die(); }
  71. ?>




Big thanks, if you can fix it :D
  • SharkShark
  • Guru
  • Guru
  • User avatar
  • Posts: 1013
  • Loc: Living In Today

Post 3+ Months Ago

register_globals should be a simple fix

Create a file called .htaccess (be aware! That is the ENTIRE name! .htaccess.. not .html or .php after it. )

NO .htaccess.html, .htaccess.php
YES .htaccess

and place it in your root directory. inside it put:
Code: [ Select ]
php_flag register_globals on


I am not sure if register globals is on or off...so try it with on first. If that doesn't fix it, change on to off and resave/reupload. That should handle it for you.
  • LindBlad
  • Beginner
  • Beginner
  • User avatar
  • Posts: 61

Post 3+ Months Ago

Sorry for late reply.

Oh hell, messing with .htaccess ... i once made something that messed up the whole site with .htaccess file :oops:

Im not sure about this ... thanks anyway :)
  • tigerdog
  • Born
  • Born
  • tigerdog
  • Posts: 2

Post 3+ Months Ago

I know it's a year late but I have been battling with the same thing recently and have the following information for anyone else who fights with this code and ends up here! :lol:

Quote:
The form was not submitted for the following reasons:
You are coming from an unauthorized domain.


You need to edit the Formmail.php file. Change the word "somedomain" in the following line
Code: [ Select ]
$referers = array ('somedomain.com','www.somedomain.com','121.0.0.111');


to your URL. For example if your website is http://www.lindblad.com the line will be:
Code: [ Select ]
$referers = array ('lindblad.com','www.lindblad.com');


Be warned messing with the .htaccess file and using "register_globals on" without knowing the implications is a really bad idea. See http://www.boogdesign.com/b2evo/index.php/a/2008/03/03/fixing_formmail_php_for_register_globals for more info.

Hope this helps.

Post Information

  • Total Posts in this topic: 6 posts
  • Users browsing this forum: No registered users and 42 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.