Guest Posted October 19, 2005 Share Posted October 19, 2005 i have read all of the topics that involve adding new fields to the contact form, but none of them had the same lines as my contact page for some reason. i would like to record the user's ip addres, env report, etc etc. how could i achieve this? my contact_us.php <?php /* $Id: contact_us.php,v 1.42 2003/06/12 12:17:07 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US); $error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) { $name = tep_db_prepare_input($HTTP_POST_VARS['name']); $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']); $enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']); if (tep_validate_email($email_address)) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $enquiry, $name, $email_address); tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success')); } else { $error = true; $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } } $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US)); ?> header tags <body> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td width="100%" valign="top"><?php echo tep_draw_form('contact_us', tep_href_link(FILENAME_CONTACT_US, 'action=send')); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading" align="center"><?php echo HEADING_TITLE; ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('contact') > 0) { ?> <tr> <td><?php echo $messageStack->output('contact'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="center"><?php echo TEXT_SUCCESS; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { ?> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><?php echo ENTRY_NAME; ?></td> <td class="main"><?php echo tep_draw_input_field('name', '', 'maxlength="255", class="linksearch", size="30"'); ?></td> </tr> <tr> <td class="main"><?php echo ENTRY_EMAIL; ?></td> <td class="main"><?php echo tep_draw_input_field('email', '', 'maxlength="255", class="linksearch", size="30"'); ?></td> </tr> <tr> <td class="main" colspan="2"><?php echo ENTRY_ENQUIRY; ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, tep_sanitize_string($_POST['enquiry']), '', false); ?></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } ?> </table></form></td> <!-- body_text_eof //--> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> Link to comment Share on other sites More sharing options...
Guest Posted October 19, 2005 Share Posted October 19, 2005 Have you checked the supertracker? http://www.oscommerce.com/community/contributions,3453 but I am not sure if it processes specific info from the contact_us.php Link to comment Share on other sites More sharing options...
Guest Posted October 20, 2005 Share Posted October 20, 2005 that looks very useful and i plan to install it, thank you :) but what i need is to have whoever sends a message, their ip and env report is attatched to the message, unfortunately this modification doesn't seem to have that would i need to edit general.php with the new inputs i need? i assume i can make a hidden input via plain html, add the code to pull their ip, something like: <input type="hidden" name="ip" value="<?php echo $REMOTE_ADDR; ?>"> and it would work? but simply plugging this into the contact_us.php file doesn't seem to work, i also edited: if (tep_validate_email($email_address)) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $enquiry, $name, $email_address); to have if (tep_validate_email($email_address)) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $enquiry, $ip, $name, $email_address); and it didn't work. i seem to be missing something? Link to comment Share on other sites More sharing options...
kgt Posted October 20, 2005 Share Posted October 20, 2005 if (tep_validate_email($email_address)) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $enquiry."\n".$_SERVER["REMOTE_ADDR"]."\n".$_SERVER["HTTP_USER_AGENT"], $name, $email_address); Contributions Discount Coupon Codes Donations Link to comment Share on other sites More sharing options...
Shatterjack Posted October 20, 2005 Share Posted October 20, 2005 would i need to edit general.php with the new inputs i need?i assume i can make a hidden input via plain html, add the code to pull their ip, something like: <input type="hidden" name="ip" value="<?php echo $REMOTE_ADDR; ?>"> and it would work? I wouldn't do that. All form inputs, including hidden ones, are spoofable. It's trivial for someone to save a copy of your page locally, edit the hidden input to show any IP they want, and then submit the edited form back to you. Hidden inputs are great, but you can't trust them any more than you can trust any other inputs. but simply plugging this into the contact_us.php file doesn't seem to work, i also edited: if (tep_validate_email($email_address)) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $enquiry, $name, $email_address); to have if (tep_validate_email($email_address)) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $enquiry, $ip, $name, $email_address); and it didn't work. i seem to be missing something? You're trying to add $ip as a separate argument for tep_mail. Instead, as in the example from the above poster, you need to make the user's IP address a part of the email body. Link to comment Share on other sites More sharing options...
Guest Posted October 22, 2005 Share Posted October 22, 2005 if (tep_validate_email($email_address)) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $enquiry."\n".$_SERVER["REMOTE_ADDR"]."\n".$_SERVER["HTTP_USER_AGENT"], $name, $email_address); that did the trick, thank you :) It's trivial for someone to save a copy of your page locally, edit the hidden input to show any IP they want, and then submit the edited form back to you. Hidden inputs are great, but you can't trust them any more than you can trust any other inputs. i did not think of that, good point. i forget how petty some people are :lol: Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.