Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New to the CF scene
    Join Date
    Jan 2009
    Posts
    8
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Question undefined variable message

    I am using php to validate form data and insert into a mysql database as well as email the data. Everything works fine except when the form is not validated because required fields are left blank, an error message "Notice: Undefined variable: mailSent" appears at the top of the page. The error indicates the 25th line in the code below.

    Code:
    <?php 
    $editFormAction = $_SERVER['PHP_SELF'];
    if (isset($_SERVER['QUERY_STRING'])) {
      $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
    }
    
    if (array_key_exists('submit', $_POST)) {
      //mail processing script
      $to = 'amatonis@cmoresearch.com';
      $subject = 'website contact form';
    
      //list expected fields
      $expected = array('contact_subject', 'question', 'first_name', 'last_name', 'company_name', 'job_title', 'address1', 'address2', 'city', 'state_or_province', 'postal_code', 'phone', 'email');
      //set required fields
      $required = array('contact_subject', 'question', 'first_name', 'last_name', 'email');
      $headers = 'From: Website Contact Form<info@cmoresearch.com>';
      $process = 'includes/process_mail.inc.php';
      if (file_exists($process) && is_readable($process)) {
        include($process);
        }
      else {
        $mailSent = false;
        mail($to, 'Server problem', "$process cannot be read", $headers);
      }
    if ($mailSent) {
    require_once('Connections/connAdmin.php'); 
    if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
    {
      $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
    
      $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
    
      switch ($theType) {
        case "text":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;    
        case "long":
        case "int":
          $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          break;
        case "double":
          $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
          break;
        case "date":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;
        case "defined":
          $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
          break;
      }
      return $theValue;
    }
    }
    
    if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
      $insertSQL = sprintf("INSERT INTO contact (contact_subject, question, first_name, last_name, company_name, job_title, address1, address2, city, state_or_province, postal_code, phone, email) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
                           GetSQLValueString($_POST['contact_subject'], "text"),
                           GetSQLValueString($_POST['question'], "text"),
                           GetSQLValueString($_POST['first_name'], "text"),
                           GetSQLValueString($_POST['last_name'], "text"),
                           GetSQLValueString($_POST['company_name'], "text"),
                           GetSQLValueString($_POST['job_title'], "text"),
                           GetSQLValueString($_POST['address1'], "text"),
                           GetSQLValueString($_POST['address2'], "text"),
                           GetSQLValueString($_POST['city'], "text"),
                           GetSQLValueString($_POST['state_or_province'], "text"),
                           GetSQLValueString($_POST['postal_code'], "text"),
                           GetSQLValueString($_POST['phone'], "text"),
                           GetSQLValueString($_POST['email'], "text"));
    
      mysql_select_db($database_connAdmin, $connAdmin);
      $Result1 = mysql_query($insertSQL, $connAdmin) or die(mysql_error());
    }
    }
    }
    ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Untitled Document</title>
    <script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
    <link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
    <link href="style.css" rel="stylesheet" type="text/css" />
    <!--[if IE]>
    <link href="ie.css" rel="stylesheet" type="text/css" />
    <![endif]-->
    </head>
    <body>
    <div id="container">
      <?php include_once('includes/contact_top.inc.php'); ?>
      <?php include_once('includes/head_main.inc.php'); ?>
      <?php include_once('includes/horizontal_nav.inc.php'); ?>
      <div id="sidebar">
        <div id="sidebarFeature">
          <h1>Other ways to contact us:</h1>
          <h2>By mail</h2>
          <p>470 Portage Lakes Drive<br />
          Suite 102<br />
          Akron, OH 44319</p>
          <h2>By phone</h2>
          <p>330.564.4211 (local)<br />
          888.878.5875 (toll free)</p>
          <h2>By email</h2>
          <p>info@cmoresearch.com.</p>
        </div>
        </div>
      <div id="content">
        <h1>Contact Us</h1>
        <?php
          if ($_POST && isset($missing) && !empty($missing)) {
        ?>
          <p class="warning">Please complete the missing item(s) indicated.</p>
        <?php
          }
        elseif ($_POST && !$mailSent) {
        ?>
          <p class="warning">Sorry, there was a problem sending your message. Please try again later.</p>
        <?php
          }
        elseif ($_POST && $mailSent) {
        ?>
          <p class="boldTeal">Your message has been sent. Thank you.</p>
        <?php } ?>
        <p>Complete the form below to request more information from CMOR. (Note: We will never share your personal information with any third party.)</p>
    <p>* indicates a required field</p>
      <form id="form1" name="form1" method="POST" action="<?php echo $editFormAction; ?>">
      <p>  
        <label for="contact_subject">Subject* <?php
          if (isset($missing) && in_array('contact_subject', $missing)) { ?>
            <span class="warning">Please enter a subject</span><?php } ?>
        </label>
        <input type="text" name="contact_subject" id="contact_subject" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['contact_subject']).'"';
    	} ?>
        />
      </p>
      <p>
        <label for="question">Question* <?php
          if (isset($missing) && in_array('question', $missing)) { ?>
            <span class="warning">Please enter a question</span><?php } ?>
        </label>
        <textarea name="question" id="question" cols="45" rows="5">
        <?php if (isset($missing)) {
    	  echo htmlentities($_POST['question']);
    	} ?>
        </textarea>
        <label for="first_name">First name* <?php
          if (isset($missing) && in_array('first_name', $missing)) { ?>
            <span class="warning">Please enter your first name</span><?php } ?>
        </label>
        <input type="text" name="first_name" id="first_name" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['first_name']).'"';
    	} ?>
        />
      </p>
      <p>
        <label for="last_name">Last name* <?php
          if (isset($missing) && in_array('last_name', $missing)) { ?>
            <span class="warning">Please enter your last name</span><?php } ?>
        </label>
        <input type="text" name="last_name" id="last_name" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['last_name']).'"';
    	} ?>
        />
      </p>
      <p>
        <label for="company_name">Company name</label>
        <input type="text" name="company_name" id="company_name" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['company_name']).'"';
    	} ?>
        />
      </p>
      <p>
        <label for="job_title">Job title</label>
        <input type="text" name="job_title" id="job_title" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['job_title']).'"';
    	} ?>
        />
      </p>
      <p>
        <label for="address1">Business address</label>
        <input type="text" name="address1" id="address1" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['address1']).'"';
    	} ?>
        />
      </p>
      <p>
        <input type="text" name="address2" id="address2" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['address2']).'"';
    	} ?>
        />
      </p>
      <p>
        <label for="city">City</label>
        <input type="text" name="city" id="city" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['city']).'"';
    	} ?>
        />
      </p>
      <p>
        <label for="state_or_province">State / Province</label>
        <input type="text" name="state_or_province" id="state_or_province" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['state_or_province']).'"';
    	} ?>
        />
      </p>
      <p>
        <label for="postal_code">Postal code (xxxxx)</label>
        <input type="text" name="postal_code" id="postal_code" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['postal_code']).'"';
    	} ?>
        />
      </p>
      <p>
        <label for="phone">Phone number (xxx-xxx-xxxx)</label>
        <input type="text" name="phone" id="phone" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['phone']).'"';
    	} ?>
        />
      </p>
      <p>
        <label for="email">Email address* <?php
          if (isset($missing) && in_array('email', $missing)) { ?>
            <span class="warning">Please enter a valid email address</span><?php } ?>
        </label>
        <input type="text" name="email" id="email" 
        <?php if (isset($missing)) {
    	  echo 'value="'.htmlentities($_POST['email']).'"';
    	} ?>
        />
      </p>
      <p>
        <input type="submit" name="submit" id="submit" value="Submit" />
    </p>
      <input type="hidden" name="MM_insert" value="form1" />
      </form>
      </div>
    	<br class="clearfloat" />
      <?php include_once('includes/footer.inc.php'); ?>
    </div>
    </body>
    </html>
    Here is the code for the included script that processes the email:

    Code:
    <?php
    if (isset($_SERVER['SCRIPT_NAME']) && strpos($_SERVER['SCRIPT_NAME'], '.inc.php')) exit;
    // remove escape characters from POST array
    if (get_magic_quotes_gpc()) {
      function stripslashes_deep($value) {
        $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
    	return $value;
    	}
      $_POST = array_map('stripslashes_deep', $_POST);
      }
      
    // create empty array for any missing fields
    $missing = array();
    
    // assume that there is nothing suspect
    $suspect = false;
    // create a pattern to locate suspect phrases
    $pattern = '/Content-Type:|Bcc:|Cc:/i';
    
    // function to check for suspect phrases
    function isSuspect($val, $pattern, &$suspect) {
      // if the variable is an array, loop through each element
      // and pass it recursively back to the same function
      if (is_array($val)) {
        foreach ($val as $item) {
    	  isSuspect($item, $pattern, $suspect);
    	  }
    	}
    	else {
    	  // if one of the suspect phrases is found, set Boolean to true
    	  if (preg_match($pattern, $val)) {
    	    $suspect = true;
          }
    	}
      }
      
    // check the $_POST array and any subarrays for suspect content
    isSuspect($_POST, $pattern, $suspect);
    
    if ($suspect) {
      $mailSent = false;
      unset($missing);
      }
    else {
      // process the $_POST variables
      foreach ($_POST as $key => $value) {
        // assign to temporary variable and strip whitespace if not an array
    	$temp = is_array($value) ? $value : trim($value);
    	// if empty and required, add to $missing array
    	if (empty($temp) && in_array($key, $required)) {
    	  array_push($missing, $key);
    	  }
    	// otherwise, assign to a variable of the same name as $key
    	elseif (in_array($key, $expected)) {
    	  ${$key} = $temp;
    	  }
    	}
      }
      
    // validate the email address
    if (!empty($email)) {
      // regex to identify illegal characters in email address
      $checkEmail = '/^[^@]+@[^\s\r\n\'";,@%]+$/';
      // reject the email address if it doesn't match
      if (!preg_match($checkEmail, $email)) {
        $suspect = true;
    	$mailSent = false;
    	unset($missing);
    	}
      }
     
    // go ahead only if not suspect and all required fields OK
    if (!$suspect && empty($missing)) {
      // initialize the $message variable
      $message = '';
      // loop through the $expected array
      foreach($expected as $item) {
        // assign the value of the current item to $val
    	if (isset(${$item})) {
    	  $val = ${$item};
    	  }
    	// if it has no value, assign 'Not selected'
    	else {
    	  $val = 'Not selected';
    	  }
    	// if an array, expand as comma-separated string
    	if (is_array($val)) {
    	  $val = implode(', ', $val);
    	  }
    	// add label and value to the message body
    	$message .= ucfirst($item).": $val\n\n";
    	}
    	
      // limit line length to 70 characters
      $message = wordwrap($message, 70);
      
      // create Reply-To header
      if (!empty($email)) {
        $headers .= "\r\nReply-To: $email";
    	}
    	
      // send it
      $mailSent = mail($to, $subject, $message, $headers);
      if ($mailSent) {
        // $missing is no longer needed if the mail is sent, so unset it
    	unset($missing);
    	}
      }
    ?>
    Can someone please help?

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    In your "if" statement that checks to see if $mailsent is true, first check to see if $mailsent is defined at all. Use isset() for that.

    http://us2.php.net/manual/en/function.isset.php

  • #3
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,492
    Thanks
    8
    Thanked 1,089 Times in 1,080 Posts
    I don't quite follow the code, but try putting a copy of this line ...
    $mailSent = false;

    right above ...

    $mailSent = false;
    if (array_key_exists('submit', $_POST)) {

    I think it never gets defined because it's within an "else" statement.
    Not that my idea will work, but see if the error goes away (it might trigger some ideas).

    EDIT ...
    Fumigator has a better suggestion than mine.



    .

  • Users who have thanked mlseim for this post:

    amm777 (01-19-2009)

  • #4
    New to the CF scene
    Join Date
    Jan 2009
    Posts
    8
    Thanks
    2
    Thanked 0 Times in 0 Posts
    thank you both... defining the variable above worked great! thanks!


  •  

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •