Can't send message

Re: Can't send message


On 6-Oct-2003, Larry Jaques <jake@di\/ersify.com> wrote:
[color=blue]
> I'm filling out forms on one page, then trying to send an
> email and print out the vars on the next page.
>
> Q1: Whenever I insert the mail script, it gives me a parse error.
> Please point out my syntax errors, etc.
>
> Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or
> `T_NUM_STRING' in /mypathhere/proposalconfirm .php on line 2
>
> --script in question
> <? session_start() ;
> $msg = "x x proposal for:\n\t$_POST['cpname'],\t$_POST['cptitle']\n";
> $msg .= "\t$_POST['cpcomp']\n";
> $msg .= "\tAddress:\t$_ POST['cpaddress']\n";
> $msg .= "\t$_POST['cpcity'], $_POST['cpstate']\t$_POST['cpzip']\n";
> $mailheaders = "From: company name here\n";
> $mailheaders = "CC: $_POST['cpemail']";
> mail("me@my.com ","x x Custom Proposal",$msg, $mailheaders);
> ?>[/color]

The script you posted compiles without syntax errors. It does have a problem
in that the array subscripts inside a double quoted string should not have
single quotes around them. That is it should be "\t$_POST[cpcomp]\n". Also,
the second line starting with '$mailheaders =' should be '$mailheaders .='

Another problem is you don't seem to be validating anything, leaving
yourself open to abuse.

--
Tom Thackrey

tom (at) creative (dash) light (dot) com
do NOT send email to jamesbutler@wil lglen.net (it's reserved for spammers)

Re: Can't send message

On Tue, 07 Oct 2003 05:54:50 GMT, "Tom Thackrey"
<use.signature@ nospam.com> pixelated:
[color=blue]
>
>On 6-Oct-2003, Larry Jaques <jake@di\/ersify.com> wrote:
>[color=green]
>> I'm filling out forms on one page, then trying to send an
>> email and print out the vars on the next page.
>>
>> Q1: Whenever I insert the mail script, it gives me a parse error.
>> Please point out my syntax errors, etc.
>>
>> Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or
>> `T_NUM_STRING' in /mypathhere/proposalconfirm .php on line 2
>>
>> --script in question
>> <? session_start() ;
>> $msg = "x x proposal for:\n\t$_POST['cpname'],\t$_POST['cptitle']\n";
>> $msg .= "\t$_POST['cpcomp']\n";
>> $msg .= "\tAddress:\t$_ POST['cpaddress']\n";
>> $msg .= "\t$_POST['cpcity'], $_POST['cpstate']\t$_POST['cpzip']\n";
>> $mailheaders = "From: company name here\n";
>> $mailheaders = "CC: $_POST['cpemail']";
>> mail("me@my.com ","x x Custom Proposal",$msg, $mailheaders);
>> ?>[/color]
>
>The script you posted compiles without syntax errors. It does have a problem
>in that the array subscripts inside a double quoted string should not have
>single quotes around them. That is it should be "\t$_POST[cpcomp]\n". Also,
>the second line starting with '$mailheaders =' should be '$mailheaders .='[/color]

Arrrgh! 'Twas the concatenation dot missing which did me in.
I ran it from an earlier version with the $cpname vs. the
$_POST[cpname] and it works fine. Which is safer?

[color=blue]
>Another problem is you don't seem to be validating anything, leaving
>yourself open to abuse.[/color]

True, I need to add validation!

Thanks for catching my cat, Tom. Now I can get some sleep.
;)

Re: Can't send message

With total disregard for any kind of safety measures "Tom
Thackrey" <use.signature@ nospam.com> leapt forth and uttered:
[color=blue]
> The script you posted compiles without syntax errors. It does
> have a problem in that the array subscripts inside a double
> quoted string should not have single quotes around them. That is
> it should be "\t$_POST[cpcomp]\n".[/color]

Incorrect, all array keys should be quoted unless you're passing
a constant. If PHP sees an unquoted array key it has to check to
make sure it isn't a constant before processing it and will
throw a Notice error.

Corrected code:

<?php
session_start() ;
$msg = "x x proposal for:\n\t{$_POST['cpname']},\t{$_POST['cptitle']}\n";
$msg .= "\t{$_POST['cpcomp']}\n";
$msg .= "\tAddress:\t{$ _POST['cpaddress']}\n";
$msg .= "\t{$_POST['cpcity']}, {$_POST['cpstate']}\{t$_POST['cpzip']}\n";

$mailheaders = "From: company name here\n";
$mailheaders = "CC: {$_POST['cpemail']}";

mail("me@my.com ","x x Custom Proposal",$msg, $mailheaders);
?>

PHP does not register array values when placed in double-quoted strings.
In order for this to work they require bracketing with {} or escaping from
the string altogether.

--
There is no signature.....

Re: Can't send message


On 7-Oct-2003, Phil Roberts <philrob@HOLYfl atnetSHIT.net> wrote:
[color=blue]
> With total disregard for any kind of safety measures "Tom
> Thackrey" <use.signature@ nospam.com> leapt forth and uttered:
>[color=green]
> > The script you posted compiles without syntax errors. It does
> > have a problem in that the array subscripts inside a double
> > quoted string should not have single quotes around them. That is
> > it should be "\t$_POST[cpcomp]\n".[/color]
>
> Incorrect, all array keys should be quoted unless you're passing
> a constant. If PHP sees an unquoted array key it has to check to
> make sure it isn't a constant before processing it and will
> throw a Notice error.[/color]

Not true. Array references inside double quotes behave differently. Inside
double quotes $a[b] is the same as {$a['b']} and constant lookup is not
done.

From the doc:
// Works but note that this works differently outside string-quotes
echo "A banana is $fruits[banana].";
// Works
echo "A banana is {$fruits['banana']}.";
// Works but PHP looks for a constant named banana first
// as described below.
echo "A banana is {$fruits[banana]}.";
// Won't work, use braces. This results in a parse error.
echo "A banana is $fruits['banana'].";




--
Tom Thackrey

tom (at) creative (dash) light (dot) com
do NOT send email to jamesbutler@wil lglen.net (it's reserved for spammers)

Re: Can't send message

On Tue, 07 Oct 2003 04:10:35 -0500, Phil Roberts
<philrob@HOLYfl atnetSHIT.net> pixelated:
[color=blue]
>With total disregard for any kind of safety measures "Tom
>Thackrey" <use.signature@ nospam.com> leapt forth and uttered:
>[color=green]
>> The script you posted compiles without syntax errors. It does
>> have a problem in that the array subscripts inside a double
>> quoted string should not have single quotes around them. That is
>> it should be "\t$_POST[cpcomp]\n".[/color]
>
>Incorrect, all array keys should be quoted unless you're passing
>a constant. If PHP sees an unquoted array key it has to check to
>make sure it isn't a constant before processing it and will
>throw a Notice error.[/color]

Taking both sets of advice, I came up with:

<td align=left><fon t face="tahoma,ar ial" size="-1"><? echo
"{stripslashes( $_POST['cpcity'])} , {$_POST['cpstate']}
{$_POST['cpzip']}" ?></td></tr> (browser wrap)

This didn't work until I removed the quotes from 'cpcity'.
This now displays: "City: {stripslashes(C ityfield)} , ST 45678"
where the input was "Cityfield" , "ST", and "45678".
When I removed the curly braces from city, it gave the
same output (sans curly braces.)

The double quotes allowed me to place the comma.

This page is taking between 12 and 15 seconds to render, too.
Is echoing the entire script quicker than individual calls
to PHP? I tried switching the mail set to the bottom to see
if it rendered more quickly and found no change. Hmmm...

[color=blue]
>Corrected code:[/color]
--snip--[color=blue]
>$mailheaders = "From: company name here\n";
>$mailheaders = "CC: {$_POST['cpemail']}";[/color]

As Tom had pointed out, the missing concat dot was my main
original problem.
[color=blue]
>PHP does not register array values when placed in double-quoted strings.
>In order for this to work they require bracketing with {} or escaping from
>the string altogether.[/color]

That did it, thanks.

One question wasn't answered: Should I even be using sessions
to pass data from one page to another for both display and
email? Or will the post data be valid there? I'm still not
clear on scope.

I picked up Rasmus Lerdorf's "Programmin g PHP" book but haven't
had a chance to go cover-to-cover on it yet. It should help
bring me back up to speed a few weeks from now.

Re: Can't send message

On Tue, 07 Oct 2003 15:59:38 GMT, "Tom Thackrey"
<use.signature@ nospam.com> wrote:
[color=blue]
>
>On 7-Oct-2003, Phil Roberts <philrob@HOLYfl atnetSHIT.net> wrote:
>[color=green]
>> With total disregard for any kind of safety measures "Tom
>> Thackrey" <use.signature@ nospam.com> leapt forth and uttered:
>>[color=darkred]
>> > The script you posted compiles without syntax errors. It does
>> > have a problem in that the array subscripts inside a double
>> > quoted string should not have single quotes around them. That is
>> > it should be "\t$_POST[cpcomp]\n".[/color]
>>
>> Incorrect, all array keys should be quoted unless you're passing
>> a constant. If PHP sees an unquoted array key it has to check to
>> make sure it isn't a constant before processing it and will
>> throw a Notice error.[/color]
>
>Not true. Array references inside double quotes behave differently. Inside
>double quotes $a[b] is the same as {$a['b']} and constant lookup is not
>done.
>
>From the doc:
>// Works but note that this works differently outside string-quotes
>echo "A banana is $fruits[banana].";
>// Works
>echo "A banana is {$fruits['banana']}.";
>// Works but PHP looks for a constant named banana first
>// as described below.
>echo "A banana is {$fruits[banana]}.";
>// Won't work, use braces. This results in a parse error.
>echo "A banana is $fruits['banana'].";
>
>
>http://www.php.net/manual/en/languag...parsing.simple[/color]

Well, it may be simple parsing to you, but I just catenate the value
with the string, and it all works fine every time (:

eg

echo 'A banana is ' . $fruits['banana'] . '.';

I also use single quotes because of the huge number of double quotes
that you need to use when generating html suddenly don't need escaping
to appear.

$0.02

Steve
(I blame old age, unix and whisky, but not necessarily in that order)

Re: Can't send message


On 7-Oct-2003, Steve Holdoway <steve@itemfron t.ltd.uk> wrote:
[color=blue]
> Well, it may be simple parsing to you, but I just catenate the value
> with the string, and it all works fine every time (:
>
> eg
>
> echo 'A banana is ' . $fruits['banana'] . '.';
>
> I also use single quotes because of the huge number of double quotes
> that you need to use when generating html suddenly don't need escaping
> to appear.
>
> $0.02[/color]

<sarcasm>
Oh now I see the light!

echo 'A banana is '.$fruits['banana'].'.';
is so much simpler, easier to read, and uses less "s than
echo 'A banana is $fruits[banana].';
too bad Dijkstra's dead he could revolutionize programming with a new paper
"Double Quotes considered harmful."
</sarcasm>

Go with whatever works for you.

--
Tom Thackrey

tom (at) creative (dash) light (dot) com
do NOT send email to jamesbutler@wil lglen.net (it's reserved for spammers)

Re: Can't send message

Following up on my own post...

On Tue, 07 Oct 2003 16:10:26 GMT, Larry Jaques <jake@di\/ersify.com>
pixelated:
[color=blue]
>On Tue, 07 Oct 2003 04:10:35 -0500, Phil Roberts
><philrob@HOLYf latnetSHIT.net> pixelated:
>[color=green]
>>With total disregard for any kind of safety measures "Tom
>>Thackrey" <use.signature@ nospam.com> leapt forth and uttered:
>>[color=darkred]
>>> The script you posted compiles without syntax errors. It does
>>> have a problem in that the array subscripts inside a double
>>> quoted string should not have single quotes around them. That is
>>> it should be "\t$_POST[cpcomp]\n".[/color]
>>
>>Incorrect, all array keys should be quoted unless you're passing
>>a constant. If PHP sees an unquoted array key it has to check to
>>make sure it isn't a constant before processing it and will
>>throw a Notice error.[/color]
>
>Taking both sets of advice, I came up with:
>
><td align=left><fon t face="tahoma,ar ial" size="-1"><? echo
>"{stripslashes ($_POST['cpcity'])} , {$_POST['cpstate']}
>{$_POST['cpzip']}" ?></td></tr> (browser wrap)
>
>This didn't work until I removed the quotes from 'cpcity'.
>This now displays: "City: {stripslashes(C ityfield)} , ST 45678"
>where the input was "Cityfield" , "ST", and "45678".
>When I removed the curly braces from city, it gave the
>same output (sans curly braces.)
>
>The double quotes allowed me to place the comma.
>
>This page is taking between 12 and 15 seconds to render, too.
>Is echoing the entire script quicker than individual calls
>to PHP? I tried switching the mail set to the bottom to see
>if it rendered more quickly and found no change. Hmmm...[/color]

I ended up with this: <td align=left><fon t face="tahoma,ar ial"
size="-1"><? echo stripslashes($_ POST['cpcity']) ?>, <? echo
$_POST['cpstate'] ?> &nbsp;<? echo $_POST['cpzip'] ?></td></tr>
[color=blue][color=green]
>>Corrected code:[/color]
>--snip--[color=green]
>>$mailheader s = "From: company name here\n";
>>$mailheader s = "CC: {$_POST['cpemail']}";[/color]
>
>As Tom had pointed out, the missing concat dot was my main
>original problem.
>[color=green]
>>PHP does not register array values when placed in double-quoted strings.
>>In order for this to work they require bracketing with {} or escaping from
>>the string altogether.[/color]
>
>That did it, thanks.[/color]

Well, it did it for echoing to the page. Now I have email with

{stripslashes(J ohn L\'Esp)}, {stripslashes(C EO)} showing
since Magic Quotes are turned on on that server, which
steered me to prior processing:

<?
$cpn = stripslashes($_ POST[cpname]);
etc. then post to the mail message.

Got it!


Now how do I maintain the form data during validation if
they miss an entry? The back button provides a blank form
again.

Re: Can't send message

I noticed that Message-ID:
<etFgb.12579$Gh 2.12452@newssvr 25.news.prodigy .com> from Tom Thackrey
contained the following:
[color=blue]
><sarcasm>
>Oh now I see the light!
>
>echo 'A banana is '.$fruits['banana'].'.';
>is so much simpler, easier to read, and uses less "s than
>echo 'A banana is $fruits[banana].';
>too bad Dijkstra's dead he could revolutionize programming with a new paper
>"Double Quotes considered harmful."
></sarcasm>
>
>Go with whatever works for you.[/color]

printf("a banana is a %s",$fruits['banana']);

;-)

--
Geoff Berrow
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/

Re: Can't send message

I noticed that Message-ID: <aas5ovgu03pj32 dp0tt0t1pf5nvnf 878g3@4ax.com>
from Larry Jaques <jake@di\/ersify.com> contained the following:
[color=blue]
>Now how do I maintain the form data during validation if
>they miss an entry? The back button provides a blank form
>again.[/color]

I do something like this

<input type="text" name="firstname " size="35" maxlength="30"
value="<?php echo $_POST['firstname'] ;?>">
--
Geoff Berrow
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/

Re: Can't send message

On Wed, 08 Oct 2003 00:10:59 +0100, Geoff Berrow
<bl@ckdog.co.uk .the.cat> pixelated:
[color=blue]
>I noticed that Message-ID: <aas5ovgu03pj32 dp0tt0t1pf5nvnf 878g3@4ax.com>
>from Larry Jaques <jake@di\/ersify.com> contained the following:
>[color=green]
>>Now how do I maintain the form data during validation if
>>they miss an entry? The back button provides a blank form
>>again.[/color]
>
>I do something like this
>
><input type="text" name="firstname " size="35" maxlength="30"
>value="<?php echo $_POST['firstname'] ;?>">[/color]

Thanks, I'll try that first thing tomorrow morning, once my
eyes are uncrossed. How are you validating entry data/catching
blank fields? All my previous experience is with accessing
previous data, not new, raw data coming in, so I'm in a whole
new field with this one.

I found a script/tutorial on Evolt which has me in knots. I'm
not quite sure how to make the script move on once the missing
info is entered...if I can find all my typos first. ;)