|
|
Posted by rcoan@chaparralboats.com on 02/28/07 20:11
On Feb 28, 2:53 pm, "Steve" <no....@example.com> wrote:
> "J.O. Aho" <u...@example.net> wrote in message
>
> news:54m4nlF20pf52U1@mid.individual.net...| Steve wrote:
> | > <r...@chaparralboats.com> wrote in message
>
> |
> | > | project abandoned, I guess b/c of spammers and people with skills like
> | > | steve you just can't setup an easy email form anymore. And steve you
> | > | did open my eyes to what could happen, thanks, but you didn't really
> | > | offer any help other than saying that my validation could be FAR more
> | > | graceful. It validated fine for me. And about spreading my sites ass
> | > | wide open. I wouldn't want that to happen.
> | >
> | > project abandoned?!!! do you always give up if something is too
> complicated
> | > or may take some work to understand and then address?
> | >
> | > yes, it is painfully easy to set up an email form. easy, though being a
> | > wholly relative term, enough to be handled in a few lines of
> code...which i
> | > DID provide, if you'd check the thread again!
> |
> | He did expect a fully finished code, but we didn't provide one ;)
>
> ;-)
man you guys are killin me. I didn't expect a fully finished code but
don't get mad at me when you respond and I have no clue what it was
that you were trying to tell me.
Steve, the ok.htm, error.htm and er.htm pages are not even built yet.
I wanted to at least get the code working first before I built those
pages. No I won't give the user a chance to review their info. Right
now I'm just looking at the url to see if it went through or not.
the difference in the er.htm and the error.htm are just so I could see
where in the code it was getting kicked back.
Listen guys, I'm a total newbie at php. This is the first script of
php I've ever written (as I'm sure it shows) so you responding by:
$emailInput = array($to, $from, $cc, $bcc, $subject, $message);
$injections = array('to', 'from', 'cc', 'bcc');
foreach ($emailInput as $input)
{
foreach ($injections as $injection)
{
$input = preg_replace("/n?" . $injection . "\s*?:.*?\n/i", '',
$input);
}
}
just confuses the hell out of me. I have no idea what that does and
how it does it. You gave me no explanation other than... "something
like this is a far more appropriate step: "
Now I don't expect you to hold my hand and I don't expect you to give
me a copy of the finalized code. That wouldn't help b/c I would still
not have a clue as to what was going on. But please, I came on here
asking for help or suggestions and you bashing my ignorance of php
(which I've admitted) is not really helping me out any at all,
actually it's just making me feel more like shit b/c I've been sitting
here looking at this code for two days now and I've tried everything
that I know of to make this work. You guys have addressed security
concerns (that I wasn't totally aware of, so thank you) but we still
haven't even gotten my code to work..... So really I'm in the same
place I was yesterday morning except now I know I have to beef up the
security in my code AND still get it to work in the first place.
I appreciate your help I really do, but don't get pissed at me if I
don't fully understand what you are trying to tell me.
[Back to original message]
|