You are not logged in. [Log In] UBB.threads PHP Forum Software Community » Forums » Managing & Customizing your Board » How do I? » Subscription pages with custom form
Register User    Portal Page     Forum List        Calendar     Active Topics     Search     FAQ
Site Links
Home
Features
Documentation
Pricing & Order
Members Area
Support Options
UBBDev.com
UBBWiki.com
Who's Online
2 registered (Gizmo, SteveS), 38 Guests and 14 Spiders online.
Key: Admin, Global Mod, Mod
Featured Member
Registered: 06/07/07
Posts: 4
Top Posters (30 Days)
Ruben 50
DennyP 24
Gizmo 23
Dunny 15
SteveS 13
AllenAyres 12
dbremer 10
SD 10
drkknght00 9
doug 8
Latest Photos
OK Corral Shoot Out
Testing
Basildon Train Station
Basildon Town Centre looking from the rounderbout
Basildon Town Square
Page 1 of 2 1 2 >
Topic Options
#238609 - 08/10/10 10:26 PM Subscription pages with custom form
Iann128 Offline

enthusiast 		Registered: 03/21/08
Posts: 234
Loc: Austin, AR
OK so we are moving the message board to Mindraven and on our old server we had a form inside the subscription page to update a non ubb database. You can see the form here http://www.fgmcc.com/html/howtojoin.shtml and click on the second link. When you click on the submit button for the form it updates the database, but displays what ever I put in the update.php file, then you have to click back to submit the subscription to ubb. I have been looking at using $PHP_SELF action as the action and adding the php code to the subscription description field in the control panel. Do you think this will work? I have also read that using the $PHP_SELF can be a bad idea because of script kiddies... Any other ways to do this?
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
Express Hosting
Express Hosting "We are the official hosting company of UBB.threads. Ask us about our free migration services to migrate your UBB.threads installation."
#238611 - 08/10/10 10:52 PM Re: Subscription pages with custom form [Re: Iann128]
Gizmo Online cat

Registered: 06/05/06
Posts: 14995
Loc: Portland, OR; USA
So long as you properly sanitize the variable you should be fine:
Php Code:
$this_page = strip_tags(htmlspecialchars($_SERVER["PHP_SELF"]));
_________________________
Forums: UGN Security & VNC Web Design & Development
UBB.Threads: UBB.Wiki, My UBBSkins, UBB.Sitemaps
Longtime UBB Supporter, UBB Beta Tester & Resident Post-A-Holic.
UBB Modifications, Styling, Coding Services, Disaster Recovery, and more!
Top
#238612 - 08/10/10 11:05 PM Re: Subscription pages with custom form [Re: Gizmo]
Iann128 Offline

enthusiast 		Registered: 03/21/08
Posts: 234
Loc: Austin, AR
So this would work? I assume it would not reload the current page?
Code:
<form action="strip_tags(htmlspecialchars($_SERVER["PHP_SELF"]));" 
 method="post">
<?php
Check to see if submit button has been pressed
other php code
?>

html form stuff

</form>
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
#238613 - 08/10/10 11:29 PM Re: Subscription pages with custom form [Re: Iann128]
SD Offline
Registered: 04/19/07
Posts: 4056
Loc: SoCal, USA
Php Code:
form action="<?php echo htmlentities($_SERVER['PHP_SELF']) ?>"
 method="post">
....


is what i do smile

or go total paranoid (which i don't) and do:

Php Code:
substr($_SERVER['PHP_SELF'], 0, (strlen($_SERVER['PHP_SELF']) - @strlen($_SERVER['PATH_INFO'])));


for the echo.. i had that del.icio.us'd somewhere laugh
_________________________

Threads tutorials . Threads & Wordpress experts . UBB resume

If I you, click this link as to why
Top
#238614 - 08/10/10 11:33 PM Re: Subscription pages with custom form [Re: SD]
Iann128 Offline

enthusiast 		Registered: 03/21/08
Posts: 234
Loc: Austin, AR
It has to work inside the subscription template... Right now I just added the <form> ... </form> code to it...
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
#238616 - 08/11/10 11:10 AM Re: Subscription pages with custom form [Re: Iann128]
Iann128 Offline

enthusiast 		Registered: 03/21/08
Posts: 234
Loc: Austin, AR
OK so still learning... Here is what I have in the body of the subscription... It displays the form, and some of the code instead of checking to see if the submit button has been clicked. Can I use php and html in the description filed of a subscription?

Click to reveal..

Code:
<center>
<form action="<?php echo htmlentities($_SERVER['PHP_SELF']) ?>" method="post">
<?php
if(isset($_POST['submit']))		//submit button pressed
  {
  echo '<p>Thank-you for submitting your member information, please choose from one of the options below to pay.</p>'
  
  //Process the individual form controls
  }
else					//display the form
  {
  ?>

<!- HTML code for the form -->


  <table border="0" width="650" height="868" cellpadding="0" align="left">
     <tr>
      <td width="100%" height="750" colspan="2" valign="top" align="left">
        <b>
        <font face="Verdana" size="3">Personal Information</font>
        </b>
        <table border="1" width="100%" height="1" cellspacing="3" bordercolor="#000000" bordercolorlight="#000000" bordercolordark="#000000">
          <tr>
            <td width="23%" height="12" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">First Name:</font></td>
            <td width="77%" height="12" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="F_Name" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="12" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Last Name:</font></td>
            <td width="77%" height="12" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="L_Name" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="12" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Middle Name:</font></td>
            <td width="77%" height="12" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="M_Name" /></font></td>
          </tr>
          <tr>
            <td width="23%" height="13" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Street Address:</font></td>
            <td width="77%" height="13" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="S_Address" /></font></td>
          </tr>
          <tr>
            <td width="23%" height="7" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">City:</font></td>
            <td width="77%" height="7" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="City" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="10" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">State/Province:</font></td>
            <td width="26%" height="10" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="State" /></font></td>
            <td width="25%" height="10" bordercolor="#000000" bgcolor="#E5E5E5"><font face="Verdana" size="3">Zip/Postal Code:</font></td>
            <td width="26%" height="10" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Zip" /></font></td>
          </tr>
          <tr>
            <td width="23%" height="7" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Country:</font></td>
            <td width="77%" height="7" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Country" value="United States" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="9" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Phone
              Number:</font></td>
            <td width="77%" height="9" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Phone" /></font></td>
          </tr>
          <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">E-mail
              Address:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Email" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Year of Monte:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana">
			<select name="Year">
			<option value="1970">1970</option>
			<option value="1971">1971</option>
			<option value="1972">1972</option>
			</select></font></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Engine:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Engine" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Transmission:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Transmission" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Exterior Color:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Ext_Color" /></font></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Interior Color:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="Int_Color" /></font></td>
          </tr>
		  <tr>
            <td width="87%" bgcolor="#E5E5E5" height="19"><font size="3" face="Arial">Vinyl Top</font></td>
            <td width="13%" height="19"><input type="radio" name="V_Top" value="1" /> Yes<br />
  <input type="radio" name="V_Top" value="0" /> No<br /></td>
          </tr>
		  <tr>
            <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000"><font face="Verdana" size="3">Vinyl Top Color:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000"><font size="3" face="Verdana"><input type="text" name="V_Color" /></font></td>
          </tr>
        <b><font size="3" face="Verdana">
      
             <td width="23%" height="1" bgcolor="#E5E5E5" bordercolor="#000000" valign="top" rowspan="2"><font size="3" face="Verdana">Any
              comments?:</font></td>
            <td width="77%" height="1" colspan="3" bordercolor="#000000" valign="top"><font size="3" face="Verdana"><input type="text" name="Comments" />
			</font></td>
          </tr>
 </table>
        <font size="3" face="Verdana">
        <b>Club Roster</b></font>
        <table border="1" width="100%" bordercolor="#000000" cellspacing="3" height="1">
          <tr>
            <td width="87%" bgcolor="#E5E5E5" height="19"><font size="3" face="Arial">Would
              you like to be listed in the club roster?</font></td>
            <td width="13%" height="19"><input type="radio" name="Roster" value="1" /> Yes<br />
  <input type="radio" name="Roster" value="0" /> No<br /></td>
          </tr>
          <tr>
            <td width="87%" bgcolor="#E5E5E5" height="19"><font size="3" face="Arial">Would
              you like your address to be listed in the club roster?</font></td>
            <td width="13%" height="19"><input type="radio" name="Roster_Add" value="1" /> Yes<br />
  <input type="radio" name="Roster_Add" value="0" /> No<br /></td>
          </tr>
          <tr>
            <td width="87%" bgcolor="#E5E5E5" height="1"><font size="3" face="Arial">Would
              you like your phone number listed in the club roster?</font></td>
            <td width="13%" height="19"><input type="radio" name="Roster_Num" value="1" /> Yes<br />
  <input type="radio" name="Roster_Num" value="0" /> No<br /></td>
          </tr>
		  <tr>
		     <td><input type="submit" value="Submit" /></td>
		  </tr>
        </table>
		<?php
   }				//close off the ending bracket for the else statement
?>
<?php
 $F_Name=$_POST['F_Name']; 
 $L_Name=$_POST['L_Name']; 
 $M_Name=$_POST['M_Name'];
 $City=$_POST['City'];
 $State=$_POST['State'];
 $Zip=$_POST['Zip'];
 $Country=$_POST['Country'];
 $S_Address=$_POST['S_Address'];
 $Phone=$_POST['Phone'];
 $Email=$_POST['Email'];
 $Year=$_POST['Year'];
 $Engine=$_POST['Engine'];
 $Ext_Color=$_POST['Ext_Color'];
 $Int_Color=$_POST['Int_Color'];
 $V_Top=$_POST['V_Top'];
 $V_Color=$_POST['V_Color'];
 $Transmission=$_POST['Transmission'];
 $Comments=$_POST['Comments'];
 $Roster=$_POST['Roster'];
 $Roster_Add=$_POST['Roster_Add'];
 $Roster_Num=$_POST['Roster_Num'];  
 mysql_connect("xxx", "xxx", "xxx") or die(mysql_error()); 
 mysql_select_db("xxxxx") or die(mysql_error()); 
 mysql_query("INSERT INTO `xxxx` (F_Name, L_Name, M_Name, City, State, Zip, Country, S_Address, Phone, Email, Year, Engine, Transmission, Ext_Color, Int_Color, V_Top, V_Color, Comments, Roster, Roster_Add, Roster_Num) VALUES ('$F_Name','$L_Name', '$M_Name', '$City', '$State', '$Zip', '$Country', '$S_Address', '$Phone', '$Email', '$Year', '$Engine', '$Transmission', '$Ext_Color', '$Int_Color', '$V_Top', '$V_Color', '$Comments', '$Roster', '$Roster_Add', '$Roster_Num')"); 
 ?> 
		</form>
        </td>
    </tr>
  </table>
  </center>


Edited by Sirdude (08/20/10 04:22 PM)
Edit Reason: put code in spoilers..
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
#238617 - 08/11/10 11:51 AM Re: Subscription pages with custom form [Re: Iann128]
SD Offline
Registered: 04/19/07
Posts: 4056
Loc: SoCal, USA
you'll need to do some serious sanitizing.. i'd recommend running that thru the ubb.engine, which does all that for you 1st..
_________________________

Threads tutorials . Threads & Wordpress experts . UBB resume

If I you, click this link as to why
Top
#238618 - 08/11/10 11:53 AM Re: Subscription pages with custom form [Re: SD]
Iann128 Offline

enthusiast 		Registered: 03/21/08
Posts: 234
Loc: Austin, AR
Where / How?
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
#238649 - 08/15/10 12:35 PM Re: Subscription pages with custom form [Re: Iann128]
Iann128 Offline

enthusiast 		Registered: 03/21/08
Posts: 234
Loc: Austin, AR
Still working on this, it is the last thing I need to get working before I can move the rest of the site to the new host frown Any other pointers / places to look?
_________________________
Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Top
#238774 - 08/20/10 02:37 PM Re: Subscription pages with custom form [Re: Iann128]
Chevy454 Offline
journeyman 		Registered: 01/24/05
Posts: 74
Originally Posted By: Iann128
OK so we are moving the message board to Mindraven and on our old server we had a form inside the subscription page to update a non ubb database. You can see the form here http://www.fgmcc.com/html/howtojoin.shtml and click on the second link. When you click on the submit button for the form it updates the database, but displays what ever I put in the update.php file, then you have to click back to submit the subscription to ubb. I have been looking at using $PHP_SELF action as the action and adding the php code to the subscription description field in the control panel. Do you think this will work? I have also read that using the $PHP_SELF can be a bad idea because of script kiddies... Any other ways to do this?

Hey, another car forum admin here! And one I'm actually a member of & visit!

Wish I could help ya, but it's over my head.
_________________________
www.yenko.net
UBB.Threads 7.5.5
Top
Page 1 of 2 1 2 >



Moderator:  AllenAyres, Harold, Ian, Ron M 
Shout Box

Today's Birthdays
No Birthdays
Recent Topics
Temporary Password email not being received
by
05/24/12 10:02 PM
Ability to "like" individual posts (not Facebook "likes)
by doug
05/23/12 09:03 AM
Island Permissions
by ThreadsUser
05/22/12 03:03 PM
streaming video
by prkrgrp
05/20/12 07:02 PM
New Posts Corrupted? Can someone help?
by PianoWorld
05/19/12 09:41 AM
Forum Stats
10492 Members
36 Forums
33842 Topics
181709 Posts

Max Online: 978 @ 06/24/07 11:19 PM
Random Image
Board Rules · Mark all read
Contact Us · UBBCentral · Top