Hi,
I need some help to enable a contact form I've been using to handle Japanese input.
I'm not a PHP programmer or developer and really appreciate any feedback. The form was a download from a free resource.
I have inserted some statements into the code, but have not been successful in getting the Japanese text to display correctly in the email I get back.
Here is the code: (the statements I have inserted are within ****)
=== HTML FORM ====
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
**** <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />****
</head>
<body>
<form name="fcform2" method="post" action="process_form.php" onsubmit="return validate.check()">
<div id="fcf2">
<h4>Contact Form</h4>
Alternatively, you can send us an email through this contact form.
<br />
<p>* is a mandatory field </p>
<div class="r">
<label for="name">Name: <em>*</em></label>
<span class="f">
<input type="text" name="name" id="name" onblur="trim('name')" />
</span>
</div>
<div class="r">
<label for="company">Company:</label>
<span class="f">
<input type="text" name="company" id="company" onblur="trim('company')" />
</span>
</div>
<div class="r">
<label for="phone" class="req">Telephone: <em>*</em></label>
<span class="f">
<input type="text" name="phone" id="phone" onblur="trim('phone')" />
</span>
</div>
<div class="r">
<label for="email" class="req">Email Address: <em>*</em></label>
<span class="f">
<input type="text" name="email" id="email" onblur="trim('email')" />
</span>
</div>
<div class="r">
<label for="address" class="req">Postal Address:<em>*</em></label>
<span class="f">
<textarea cols="30" rows="8" name="address" id="address" onblur="trim('address')"></textarea>
</span>
</div>
<div class="r">
<label for="postcode" class="req">Postcode: <em>*</em></label>
<span class="f">
<input type="text" name="postcode" id="postcode" onblur="trim('postcode')" />
</span>
</div>
<div class="r">
<label for="interested_in" class="req">Interested in: <em>*</em></label>
<span class="f">
<select name="interested_in" id="interested_in">
<option value="">Please select</option>
<option value="personal_advice">Personal Advice</option>
<option value="business_advice">Business Advice</option>
</select>
</span>
</div>
<div class="r">
<label for="contact_me_by" class="req">Contact me by:<em>*</em></label>
<span class="f">
<select name="contact_me_by" id="contact_me_by">
<option value="">Please select</option>
<option value="email">Email</option>
<option value="telephone">Telephone</option>
</select>
</span>
</div>
<div class="r">
<label for="hear_about_us">How did you hear about us?</label>
<span class="f">
<textarea cols="30" rows="8" name="hear_about_us" id="hear_about_us" onblur="trim('hear_about_us')"></textarea>
</span>
</div>
<div class="r">
<label for="comment" class="req">Comment: <em>*</em></label>
<span class="f">
<textarea cols="30" rows="8" name="comment" id="comment" onblur="trim('comment')"></textarea>
</span>
</div>
<div class="r">
<p>The following is a spam prevention question and we appreciate your cooperation in filling it in:</p>
</div>
<!-- the section below MUST remain for the magic to work -->
<!-- although feel free to change the style / layout -->
<div class="r">
<label for="quest" class="req"><?php echo $question; ?> <em>*</em></label>
<span class="f">
<input type="text" name="answer_out" size="6" id="answer_out" onblur="trim('answer_out')" />
</span>
</div>
<!-- section above must remain -->
<div class="sp"> </div>
<?php
if(isset($_GET['done'])) {
echo '<div align="center" style="color:red;font-weight:bold">'.$confirmation_message.'</div><br />';
}
?>
</div>
<center><input class="send-btn" type="submit" value="Submit" /></center>
<br />
<!-- the 2 hidden fields below must REMAIN for the magic to work -->
<input type="hidden" name="answer_p" value="<?php echo $answer_pass; ?>" />
<input type="hidden" name="enc" value="<?php echo $enc; ?>" />
<!-- above 2 hidden fields MUST remain -->
</form>
</body>
</html>
===END HTML=======
====process_form.php ====
<?php
// THIS CODE IS KEPT LINEAR FOR EASE OF USER UNDERSTANDING
/* YOU DO NOT NEED TO CHANGE ANYTHING IN HERE */
include 'config.php';
// set-up redirect page
if($send_back_to_form == "yes") {
$redirect_to = $form_page_name."?done=1";
} else {
$redirect_to = $success_page;
}
if(isset($_POST['enc'])) {
/* THIS IS THE NEW FORM VALIDATION SECTION */
include 'validation.class.php';
// check for any human hacking attempts
class clean {
function comments($message) {
$this->naughty = false;
$this->message = $message;
$bad = array("content-type","bcc:","to:","cc:","href");
$for = array( "\r", "\n", "%0a", "%0d");
foreach($bad as $b) {
if(eregi($b, $this->message)) {
$this->naughty = true;
}
}
$this->message = str_replace($bad,"#removed#", $this->message);
$this->message = stripslashes(str_replace($for, ' ', $this->message));
// check for HTML/Scripts
$length_was = strlen($this->message);
$this->message = strip_tags($this->message);
if(strlen($this->message) < $length_was) {
$this->naughty = true;
}
}
} // class
// function to handle errors
function error_found($mes,$failure_accept_message,$failure_page) {
if($failure_accept_message == "yes") {
$qstring = "?prob=".urlencode(base64_encode($mes));
} else {
$qstring = "";
}
$error_page_url = $failure_page."".$qstring;
header("Location: $error_page_url");
die();
}
/* SET REQUIRED */
$reqobj = new required;
// ADD ALL REQUIRED FIELDS TO VALIDATE!
$reqobj->add("name","NOT_EMPTY");
$reqobj->add("phone","NUMERIC");
$reqobj->add("email","EMAIL");
$reqobj->add("address","NOT_EMPTY");
$reqobj->add("postcode","ALPHANUMSPACE");
$reqobj->add("interested_in","NOT_EMPTY");
$reqobj->add("contact_me_by","NOT_EMPTY");
$reqobj->add("comment","NOT_EMPTY");
$reqobj->add("answer_out","NUMERIC");
$out = $reqobj->out();
$val = new validate($out, $_POST);
if($val->error) {
$er = $val->error_string;
error_found($er,$failure_accept_message,$failure_page);
die();
}
/* validate the encrypted strings */
$dec = false;
$valid = false;
$dec = valEncStr(trim($_POST['enc']), $mkMine);
if($dec == true) {
$valid = true;
} else {
$er = "Field data was incorrect.<br />$dec";
error_found($er,$failure_accept_message,$failure_page);
die();
}
// check the spam question has the correct answer
$ans_one = $_POST['answer_out'];
$fa = new encdec;
$ans_two = $fa->decrypt($_POST['answer_p']);
if($ans_one === $ans_two) {
$valid = true;
} else {
$er ='Your spam prevention answer was wrong.';
error_found($er,$failure_accept_message,$failure_page);
die();
}
if($valid) {
$email_from = $_POST['email'];
$email_message = "The information below comes from the contact form on your website and was submitted on ".date("Y-m-d")." at ".date("H:i")."\n\n";
// loop through all form fields submitted
// ignore all fields used for security measures
foreach($_POST as $field_name => $field_value) {
if($field_name == "answer_out" || $field_name == "answer_p" || $field_name == "enc") {
// do not email these security details
} else {
// run all submitted content through string checker
// removing any dangerous code
$ms = new clean;
$ms->comments($field_value);
$is_naughty = $ms->naughty;
$this_val = $ms->message;
$email_message .= $field_name.": ".$this_val."\n\n";
****$email_message = html_entity_decode($email_message, ENT_QUOTES, $internal_enc);
$email_message = mb_convert_encoding($email_message, $internal_enc, 'AUTO');
$field_value = mb_convert_encoding($field_value, $internal_enc, 'AUTO');
$field_value = mb_convert_kana($field_value, 'KV');
$field_value = htmlspecialchars($field_value, ENT_QUOTES); *****
}
}
if($is_naughty) {
if($accept_suspected_hack == "yes") {
// continue
} else {
// pretend the email was sent
header("Location: $redirect_to");
die();
}
$email_subject = $email_suspected_spam;
}
// create email headers
$headers = 'From: '.$email_from."\r\n" .
'Reply-To: '.$email_from."\r\n" .
****mb_language('ja');
mb_internal_encoding($internal_enc);****
'X-Mailer: PHP/' . phpversion();
// send the email
@mail($email_it_to, $email_subject, $email_message, $headers);
// redirect
header("Location: $redirect_to");
die();
}
} else {
echo "register globals may be on, please switch this setting off (look at php.net for details, specificall ini_set() function )";
}
?>
====END process_form.php ============
===config.php ========
<?php
// error_reporting(E_ALL); // uncomment this to show errors
// ini_set('display_errors', '1'); // uncomment this to show errors
/*
THIS IS YOUR CONFIGURATION FILE
PLEASE ONLY EDIT THE PARTS WHICH
ARE INDICATED
*/
// script name of your contact form
$form_page_name = "form.php";
/* where to send emails to */
$email_it_to = "claudia@cjwebteam.co.uk";
// email subject line
$email_subject = "TEST Form";
****//set encoding
$internal_enc = 'UTF-8';****
// email subject line - used on suspected form hack attempts
// for example, if someone enters HTML or scripts into the form - it will be removed
// if you choose to receive these cleaned up emails, you can set the subject line
// this lets you filter them out in your email client or mail server
$email_suspected_spam = "*SUSPECT Contact Us Form";
// do you wish to receive emails which had HTML or SCRIPTS (code will be stripped)?
$accept_suspected_hack = "no"; // change to "no" to silently reject
// success page - the page the user gets when the form is successful
$success_page = "thankyou.php";
// OR
// if you prefer to have the user sent back to the contact form (with a confirmation message shown)
$send_back_to_form = "no"; // change to "no" to redirect to above $success_page
// failure page - can be html or php (use php if you want to show actual error message, see next declaration)
$failure_page = "form_error.php";
// do you want to receive an error messaage passed into your failure page
$failure_accept_message = "yes";
// if $send_back_to_form is set to "yes", set your confirmation message bellow
$confirmation_message = "Thank you, we have received your message and will be in touch if required.";
/* your secret unique code used as part of our encryption */
// please edit the values within the double quotes.
// only use a-zA-Z0-9, other characters have been found to cause problems
// keep the string length to 3,6,9 or 12 characters long
$mkMine = "t3st3r";
/* ONLY EDIT BELOW HERE IF YOU HAVE SOME PHP/PROGRAMMING EXPERIENCE */
if(phpversion() < "5.1") {
// date setting should be fine
} else {
// feel free to edit the value as desired
date_default_timezone_set('UTC');
}
/* your unique question and answer section */
// if you want to keep the default random maths questions
// just leave the next few lines as they are.
$rnumA = rand(0,49);
$rnumB = rand(0,49);
// if you want to create your own custom question and answer
// edit the two lines below.
$question = "$rnumA plus $rnumB?";
$answer = $rnumA+$rnumB;
class encdec {
// __construct
function encdec() {
$this->cseta = $this->charset_a();
$this->csetb = $this->charset_b();
}
// public
function encrypt($s) {
$s = str_replace(" ", "", $s);
$s = base64_encode(trim($s));
$a = $this->charset_a();
$b = $this->charset_b();
$len = strlen($s);
$new = "";
for($i=0; $i < $len; $i++){
$new .= $b[array_search($s[$i],$a)];
}
return $new;
}
// public
function decrypt($s) {
$a = $this->charset_a();
$b = $this->charset_b();
$len = strlen($s);
$new = "";
for($i=0; $i < $len; $i++){
$new .= $a[array_search($s[$i],$b)];
}
return trim(base64_decode($new));
}
// protected
function charset_a() {
return array("a","b","c","j","7","8","9","A","B",
"G","H","o","p","q","r","s","t","u","h","i","Q",
"R","S","C","k","l","m","n","6","T","D","E","F",
"U","V","W","X","Y","Z","v","w","x","y","z","0",
"1","2","3","4","5","I","J","K","L","M","N","O",
"P","d","e","f","g","=","*");
}
// protected
function charset_b() {
return array("G","H","o","p","z","q","r","s","t",
"1","2","3","4","5","I","J","K","L","M","N","O",
"u","h","i","Q","R","S","C","k","l","m","n","6",
"0","P","d","e","f","g","T","D","E","F","a","b",
"c","j","7","8","9","A","B","U","V","W","X","Y",
"Z","v","w","x","y","*","=");
}
}
$e = new encdec;
// pass the answer into the function below
$answer_pass = $e->encrypt($answer);
$mkNow = date("YmdHi");
$enc = $e->encrypt($mkNow)."::".$e->encrypt($mkMine);
function valEncStr($s,$m) {
$sides = explode("::", $s);
$f = new encdec;
$sides[0] = $f->decrypt($sides[0]);
$sides[1] = $f->decrypt($sides[1]);
if(!count($sides) == 2) {
$error = "String invalid!";
}
// compare date/time
$plTime = date("YmdHi",mktime(date("H"),date("i")+60));
$msTime = date("YmdHi",mktime(date("H"),date("i")-60));
if($sides[0] > $plTime || $sides[0] < $msTime) {
$error = "Date not valid!";
}
// compare custom word
if(!$m == $sides[1]) {
$error = "words do not match!";
}
if(isset($error)) {
return $error;
} else {
return true;
}
}
?>
====END config.php ===========Sorry about the lengthy thread but couldn't think of a better way to go through the steps!
I have a feeling I'm close but not quite getting the code syntax and placement!
Thanks in advance.