Dreamweaver Code

[gwx03]

As you know, dreamweaver does a lot of junk with PHP code... I did some housekeeping and here's what I got..


<?php require_once('Connections/mydb.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";


return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert])) && ($_POST["MM_insert] == "contact")) {
$insertSQL = sprintf("INSERT INTO contact (name, email, title, message) VALUES (%s, %s, %s, %s)",
GetSQLValueString($_POST['name'], "text"),
GetSQLValueString($_POST['email'], "text"),
GetSQLValueString($_POST['title'], "text"),
GetSQLValueString($_POST['message'], "text"));

mysql_select_db($database_mydb, $mydb);
$Result1 = mysql_query($insertSQL, $mydb) or die(mysql_error());

$insertGoTo = "contact_success.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo = "contact_success.php";
}

}
?>

The problem is that it would work, but there is no redirect to contact_success.php. Actually, what I deleted was just a switch, which contained like 10 lines. That switch does nothing but determine if the text input is string, integer, or anything, and as you see, I put the one for the integer.

I was not the one who wrote this messy code so I do not know what is actually happening. To me, it is just one whole lump of messed-up, very very fragily inter-linked code.

Can someone please help reverse engineer this, and tell me what I should do to do the redirect to "contact_success.php". I don't know what the variable $insertGoTo does, it all seems sooo confusing..

<form action="<?php echo $editFormAction; ?>" method="POST" name="contact" id="contact">


Name :
<input name="name" type="text" id="name" size="30" maxlength="30">
</p>



Email :
<input name="email" type="text" id="email" size="30" maxlength="30">
</p>


Title :
<input name="title" type="text" id="title" size="50" maxlength="50">
</p>


Message :</p>



<textarea name="message" cols="70" rows="8" id="message"></textarea>
</p>



<input name="clearval" type="reset" id="clearval" value="Clear Values">
<input name="Send" type="submit" id="Send" value="Send">
</p>
<input type="hidden" name="MM_insert" value="contact">
</form>

That's the form code above. But its actually nothing..

[gwx03]

And yes, can anyone explain to me what this code does..
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

This is as far as I can tell..

1st line : $editFormAction (variable) is given a value of the $_SERVER(variable) and we see some stuff enclosed in [].. whats that!!

2nd and 3rd line :
if isset ( don't know whats isset.. ) and the stuff in the further enclosed () I do not understand!.. then variable $editFormAction is set to '?' + htmlentities(some alien code)

Ahh.. The 3rd Line I don't get it at all.

PLEASE! Someone explain! Arghh.

[Webforumz Staff]

Firstly on your last post. The first line uses a server variable. A server variable is information about the server environment. For example, the server name, the IP of the visiting user, your browser type, etc. In this case _SERVER["PHP_SELF] is the name of the page that has been called.

Here is PHPINFO - A built in command in PHP that will display all the server variables and environment information. http://www.digital-end.com/phpinfo.php
You can do this on your own server using the phpinfo() function.

Now as for isset, it does exactly what it says on the tin! It checks if a variable exists. If it does then the contents of the if statement are executed. If not, then...not!

By now you can probably guess what $_SERVER['QUERY_STRING'] is? It's the query strings (the variables passed via an URL. Eg: mypage.php?page=contact

$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

This is actually quite simple... this creates (or changes) a variable called editFormAction to be a question mark and whatever query string has been passed. htmlentities simply converts all characters to HTML entities, so that spaces become %20 and so on.
The idea here, I presume, is that a form is sent to the relevant place. Basically, this script can display a form and then send it to any number of places depending on what query string you have passed. So in order to go to contact_success.php just put that as the query string. It appears that the querystring should be $theValue, but this script IS very confusing, badly written and has no comments at all! There should at least be a short description of what the script does as well as comments to which variables do what, etc.

I can't determine what insertgoto does?

[gwx03]

I just got the error :
Parse error: parse error in /home/cvgwx/public_html/contact.php on line 15

Line 15 happened to be $editFormAction.=$_SERVER['PHP_SELF'];

I guessed it was pretty much unrelated, because I don't see $theValue variable anywhere except the function GetSQLValueString...

Is there a way to get around this or could you tell me how I could go about doing a redirect with PHP once the submit button is clicked..? If you could tell me how to do so, I would rather use that than relying on Dreamweaver...

[iamzoli]

this code will never work because the variable $insertgoto whatever what is asignet the value string text contact_success.php so maybe a part of the code is missing.I supose something like this if(condition)
{
$insertgoto="contact_success.php";
}
else
{
$insertgoto="contact_failed.php";
}

and then must be a function that takes the variabile $insertgoto
function something($insertgoto)
{
redirectto($insertgoto);
}
Please tell us what exactly you are try'ing to do and we will try to find another way to do this.