PDA

View Full Version : PHP Contact form{+4 rep}


Thai-Man-Land
11-01-2009, 03:40 PM
I'm looking into PHP order forms for my website, I need about 20 contact forms, and I don't particularly want to build 20 sendmails either.

Is there a way that I can build one form for each type of order (so for example, order-business-cards.php, order-compliment-slips.php etc), and have them send theirselves without a sendmail.php?

I also want to just input this into my main content DIV,

so it'll be the normal <html><body>etcetc <?php or whateverheres the form ?> and the rest of the website code</html>> (but in a file with a .php extension name.

My proposed form is:

Full Name: *
Address 1: *
Address 2:
Town: *
County: *
Postcode: *
Contact Telephone Number:
E-Mail Address: *
Previous Order Reference:
Select product: {drop down} *
Select Quantity {drop down} *
Extras: {drop down}
Remarks:

Could someone build this for me please?

+rep to useful replies/

Thanks
Moh
11-01-2009, 03:56 PM
Just simply use a database..
Thai-Man-Land
11-01-2009, 05:17 PM
How? looooooong
Thai-Man-Land
11-01-2009, 06:30 PM
Will this work?


<?php
$hostname = "localhost";
$db_user = ""; // change to your database password
$db_password = ""; // change to your database password
$database = ""; // provide your database name
$db_table = ""; // DB table name


$db = mysql_connect($hostname, $db_user, $db_password);
mysql_select_db($database,$db);

if (isset($_REQUEST['Submit'])) {

$sql = "INSERT INTO $db_table(RefNum,Site,Contact,AddressLine1,Address Line2,TownCounty,PostCode,TelNo,InvoiceEmail,PayMe thod,StartDate,EndDate,Paid,bannerurl) values ('" .

mysql_real_escape_string(stripslashes($_REQUEST['Full Name'])) . "','" .
mysql_real_escape_string(stripslashes($_REQUEST['Address1'])) . "','" .
mysql_real_escape_string(($_REQUEST['Address2'])) . "','" .
mysql_real_escape_string(($_REQUEST['Town'])) . "','" .
mysql_real_escape_string(($_REQUEST['County'])) . "','" .
mysql_real_escape_string(($_REQUEST['Post Code'])) . "','" .
mysql_real_escape_string(($_REQUEST['TelNo'])) . "','" .
mysql_real_escape_string(($_REQUEST['Email'])) . "','" .
mysql_real_escape_string(($_REQUEST['Previous Order Reference'])) . "','" .
mysql_real_escape_string(($_REQUEST['Product'])) . "','" .
mysql_real_escape_string(($_REQUEST['Quantity'])) . "','" .
mysql_real_escape_string(($_REQUEST['Remarks'])) . "','" .
mysql_real_escape_string(($_REQUEST['Payment Method'])) . "')";
if ($result = mysql_query($sql, $db)) {
echo ;
} else {
echo "ERROR: " . mysql_error();
}
} else {
?>
<form method="post" action="">


<fieldset><legend>Contact Details</legend>
Full Name:
<input type="text" name="Full Name">
<br><br>
Address 1:
<input type="text" name="Address1">
<br><br>
Address 2:
<input type="text" name="Address2">
<br><br>
Town:
<input type="text" name="Town">
<br><br>
County:
<input type="text" name="County">
<br><br>
Postcode:
<input type="text" name="PostCode">
<br><br>
Telephone Number:
<input type="text" name="TelNo">
<br><br>
E-Mail Address:
<input type="text" name="Email">
</p>
</fieldset>

<fieldset><legend>Order Details</legend>
<br>
Product:
<br />
Full Colour Business Cards, 350gsm Single Sided
<input name="Product" type="Radio" value="single">
<br>
Full Colour Business Cards, 350gsm Double Sided
<input name="Product" type="Radio" value="double">
<br>
Full Colour Business Cards, 350gsm Folded
<input name="Product" type="Radio" value="Folded">

<br />
<br />
Quantity:


<br>
250
<input name="Quantity" type="Radio" value="250">
<br>
500
<input name="Quantity" type="Radio" value="500">
<br>
1000
<input name="Quantity" type="Radio" value="1000">
<br>
2000
<input name="Quantity" type="Radio" value="2000">
<br>
3000
<input name="Quantity" type="Radio" value="3000">
<br>
4000
<input name="Quantity" type="Radio" value="4000">
<br>
5000
<input name="Quantity" type="Radio" value="5000">
</p>
</fieldset>
<fieldset><legend>Extra Information</legend>
<br>
Remarks <br>
<textarea name="Remarks" id="textarea" cols="45" rows="5"></textarea>
<br />
Payment Method:<br />

PayPal
<input name="Payment Method" type="Radio" value="PayPal">
<br>
Cheque
<input name="Payment Method" type="Radio" value="Cheque">
<br>
Postal Order
<input name="Payment Method" type="Radio" value="Postal Order">

<br>
<br></p></fieldset>
<input type="submit" name="Submit" value="Submit Order for Review">
</center>
</p>
</form>

- if I use that, do I need to build the database with the fields I've specified, or will it create them automatically?
Source
11-01-2009, 07:56 PM
No I'm afraid. I will post up later I have just got to do some things. Someone help him?
Thai-Man-Land
12-01-2009, 05:49 PM
any help anywhere?
iFantastico
13-01-2009, 01:27 PM
iBasic
iBasic is a contact management software which I created around a month ago when in-learning PHP. iBasic enables your website to keep track of your online customer service through eMail.

If you are intrested, let me know.
Excellent2
13-01-2009, 01:35 PM
Don't have time to finish this but can somebody just put his form where it says echo "PUT FORM HERE"; and it'll be finished.


<?php

$host = "dbhost";
$dbuser = "dbuser";
$dbpass = "dbpass";
$dbname = "dbname";

$con = mysql_connect("$host","$dbuser","$dbpass")
or die(mysql_error());

mysql_select_db("$dbname",$con)
or die(mysql_error());

if ( isset($_POST['contact'] )) {
if ( empty($full) || empty($adr1) || empty($adr2) || empty($town) || empty($county) || empty($postcode) || empty($email) || empty($sprod) || empty($squant) ) {
die('A mandatory field has been left empty.');
} else {
$full = mysql_real_escape_string(stripslashes($_POST['full']));
$adr1 = mysql_real_escape_string(stripslashes($_POST['adr2']));
$adr2 = mysql_real_escape_string(stripslashes($_POST['adr2']));
$town = mysql_real_escape_string(stripslashes($_POST['town']));
$county = mysql_real_escape_string(stripslashes($_POST['county']));
$postcode = mysql_real_escape_string(stripslashes($_POST['postcode']));
$telnum = mysql_real_escape_string(stripslashes($_POST['telnum']));
$email = mysql_real_escape_string(stripslashes($_POST['email']));
$por = mysql_real_escape_string(stripslashes($_POST['por']));
$sprod = mysql_real_escape_string(stripslashes($_POST['sprod']));
$squant = mysql_real_escape_string(stripslashes($_POST['squant']));
$extras = mysql_real_escape_string(stripslashes($_POST['extras']));
$remarks = mysql_real_escape_string(stripslashes($_POST['remarks']));

$insert = mysql_query("INSERT INTO `dbname` (`full`,`adr1`,`adr2`,`town`,`county`,`postcode`,` postcode`,`telnum`,`email`,`por`,`sprod`,`squant`, `extras`,`remarks`) VALUES ('$full','$adr1','$adr2','$town','$county','$postc ode','$telnum','$email','$por','$sprod','$squant', '$extras','$remarks')")
or die(mysql_error());

echo "Form sent";
}
} else {
echo "PUT FORM HERE";
}

?>
Jackboy
13-01-2009, 02:43 PM
I would do a secure function rather than typing mysql_escape_string over and over again
Excellent2
13-01-2009, 03:56 PM
I would do a secure function rather than typing mysql_escape_string over and over againWould be much easier I must admit.
Excellent2
13-01-2009, 04:11 PM
Here is function.php:

function secure($string) {
$string = mysql_real_escape($string);
$string = stripslashes($string);
return $string;
}
<?php

include 'function.php';

$host = "dbhost";
$dbuser = "dbuser";
$dbpass = "dbpass";
$dbname = "dbname";

$con = mysql_connect("$host","$dbuser","$dbpass")
or die(mysql_error());

mysql_select_db("$dbname",$con)
or die(mysql_error());

if ( isset($_POST['contact'] )) {
if ( empty($full) || empty($adr1) || empty($adr2) || empty($town) || empty($county) || empty($postcode) || empty($email) || empty($sprod) || empty($squant) ) {
die('A mandatory field has been left empty.');
} else {
$full = secure($_POST['full']);
$adr1 = secure($_POST['adr2']);
$adr2 = secure($_POST['adr2']);
$town = secure($_POST['town']);
$county = secure($_POST['county']);
$postcode = secure($_POST['postcode']);
$telnum = secure($_POST['telnum']);
$email = secure($_POST['email']);
$por = secure($_POST['por']);
$sprod = secure($_POST['sprod']);
$squant = secure($_POST['squant']);
$extras = secure($_POST['extras']);
$remarks = secure($_POST['remarks']);

$insert = mysql_query("INSERT INTO `dbname` (`full`,`adr1`,`adr2`,`town`,`county`,`postcode`,` postcode`,`telnum`,`email`,`por`,`sprod`,`squant`, `extras`,`remarks`) VALUES ('$full','$adr1','$adr2','$town','$county','$postc ode','$telnum','$email','$por','$sprod','$squant', '$extras','$remarks')")
or die(mysql_error());

echo "Form sent";
}
} else {
echo "PUT FORM HERE";
}

?>
Jackboy
13-01-2009, 05:20 PM
Here is function.php:

function secure($string) {
$string = mysql_real_escape($string);
$string = stripslashes($string);
return $string;
}
<?php

include 'function.php';

$host = "dbhost";
$dbuser = "dbuser";
$dbpass = "dbpass";
$dbname = "dbname";

$con = mysql_connect("$host","$dbuser","$dbpass")
or die(mysql_error());

mysql_select_db("$dbname",$con)
or die(mysql_error());

if ( isset($_POST['contact'] )) {
if ( empty($full) || empty($adr1) || empty($adr2) || empty($town) || empty($county) || empty($postcode) || empty($email) || empty($sprod) || empty($squant) ) {
die('A mandatory field has been left empty.');
} else {
$full = secure($_POST['full']);
$adr1 = secure($_POST['adr2']);
$adr2 = secure($_POST['adr2']);
$town = secure($_POST['town']);
$county = secure($_POST['county']);
$postcode = secure($_POST['postcode']);
$telnum = secure($_POST['telnum']);
$email = secure($_POST['email']);
$por = secure($_POST['por']);
$sprod = secure($_POST['sprod']);
$squant = secure($_POST['squant']);
$extras = secure($_POST['extras']);
$remarks = secure($_POST['remarks']);

$insert = mysql_query("INSERT INTO `dbname` (`full`,`adr1`,`adr2`,`town`,`county`,`postcode`,` postcode`,`telnum`,`email`,`por`,`sprod`,`squant`, `extras`,`remarks`) VALUES ('$full','$adr1','$adr2','$town','$county','$postc ode','$telnum','$email','$por','$sprod','$squant', '$extras','$remarks')")
or die(mysql_error());

echo "Form sent";
}
} else {
echo "PUT FORM HERE";
}

?>

How come u stripped slashes after mysql escape string? :P
Excellent2
13-01-2009, 05:26 PM
How come u stripped slashes after mysql escape string? :PHabit :)
Thai-Man-Land
13-01-2009, 08:34 PM
TY - but,

I don't get what you've done with the MySQL, it says sprod and squant, but im unsureif this is correct or not...
Excellent2
14-01-2009, 12:33 AM
TY - but,

I don't get what you've done with the MySQL, it says sprod and squant, but im unsureif this is correct or not...Sprod and squant are short for Select Product & Select Quantity.
Thai-Man-Land
14-01-2009, 08:15 PM
I can't get it to work still.

I'm sure I saw somewhere that a form action could be 'self'
Excellent2
14-01-2009, 08:21 PM
I can't get it to work still.

I'm sure I saw somewhere that a form action could be 'self'$_SERVER[PHP_SELF]
Thai-Man-Land
14-01-2009, 08:34 PM
And I just use that in my code somewhere?
Jackboy
14-01-2009, 08:55 PM
And I just use that in my code somewhere?

Yeh you wanna use it after <?php really.

Want to hide these adverts? Register an account for free!