Combining Email Contact & addForm.php... a few bugs

By Rusty - January 28, 2011 - edited: January 28, 2011

So I'm trying to combine a PHP contact form (being used as an "order request" submission form, and I'm trying to incorporate addForm.php into it. This way when someone submits an order the business gets an email, AND there is a record created listing what was requested.

So right now I have two problems.
  • The Quantity isn't being properly passed into the DB

  • My new line commands aren't working


Here's the code
<form name="form" id="form" class="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" onsubmit="return validate(this)"
method="post">
<?php foreach ($favoriteRecords as $record): ?>
<!--Quantity -->
<td><input type="text" id="<?php echo $record['form_number'] ?>_qty" name="<?php echo $record['form_number'] ?>_qty"
maxlength="4" size="4" tabindex="1" value="1"/></td>
<?php endforeach?>
<h4><button id="submit" type="submit" value="Submit Order" tabindex="5" class="submit" name="submit" style="height:36px;
padding-bottom:2px; margin-left:6px; background-color:#C00; color:#FFF; margin-right:20px;" >Submit Order</button>Please
review your order, enter your desired quantities, and click Submit when complete</h4>


</form>
<?php }else{ ?>
<!-- START SEND MAIL SCRIPT -->
<div id="done">
<h2>Order Successfully Submitted!</h2>
<p>Your order has been placed.<br/ >
Thank you for your business, should you have any questions please call us at 800-555-1212.</p>
</div>
<?php

error_reporting( E_ALL & ~E_NOTICE );


$mail = $_POST['email'];


$to = "rusty@website.com";
$subject = "New Order from Website";
$headers = "From: Website <noreply@website.com>";
$message = "Sent from the Website\n";

$message .= "Company: " . $accountsRecord['company'] . "\n";
$message .= "Address: " . $accountsRecord['street_address'] . "\n";
$message .= $accountsRecord['city'] . ", " . $accountsRecord['state'] . " " . $accountsRecord['zip_code'] . "\n";
$message .= "\n";
$message .= "\nHas Ordered the Following:";
This is the foreach to match the foreach above .
This was done to create unique names for each input field
This portion works on its on (the send email bit works great}
foreach ($favoriteRecords as $record) {
$message .= "\n________________________________________________________________";
$qty_string = $record['form_number'] . "_qty";
$message .= "\nQuantity:" . $_POST[$qty_string];
$message .= "\nItem Number:" . $record['form_number'];
$message .= "\nDescription:" . $record['title'];
}

$message .= "\n________________________________________________________________";

$message .= "\nOrder was placed by business: " . $accountsRecord['company'] . "on 01/27/2011";
$message .= "\nOrder was placed by user: " . $_POST['contactname'];

//Receive Variable
$sentOk = mail($to,$subject,$message,$headers);

This is where I added the addForm.php portions
The issue is that the quantity that IS properly working above
isn't properly working below, I get a default 1 value.
And the other thing, my \n New Lines aren't coming through at all.

Any suggestions?

//Begin Submission of Order to Order History DB
if (@$_REQUEST['submit']) {

// turn off strict mysql error checking for: STRICT_ALL_TABLES
mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later)

// add record
//if (!@$errorsAndAlerts) {
foreach ($favoriteRecords as $record) {
$order .= "\n________________________________________________________________";
$qty_string = $record['form_number'] . "_qty";
$order .= "\nQuantity:" . $_POST[$qty_string];
$order .= "\nItem Number:" . $record['form_number'];
$order .= "\nDescription:" . $record['title'];

}


mysql_query("INSERT INTO `{$TABLE_PREFIX}order_history` SET
title = '".mysql_real_escape_string( $accountsRecord['company'] )."',
I removed the real escape string thinking it might have been stripping the \n
content = '". $order ."',

createdDate = NOW(),
updatedDate = NOW(),
createdByUserNum = '0',
updatedByUserNum = '0'")
or die("MySQL Error Creating Record:<br/>\n". htmlspecialchars(mysql_error()) . "\n");
$recordNum = mysql_insert_id();

// display thanks message and clear form
$errorsAndAlerts = "Thanks, we've added that record!";
$_REQUEST = array();
//}

}
}
?>


Like I said, it submits the text data, pulled from stored CMSBuilder values for the item description, however the Quantity and new lines aren't going through.
Rusty

Re: [Rusty] Combining Email Contact & addForm.php... a few bugs

By Jason - January 31, 2011

Hi Rusty,

Could you please attach the .php file you're working with so I can see all your code. It looks like this code is part of an "if-else" statement, but I can't see the initial "if"

Thanks
---------------------------------------------------
Jason Sauchuk - Project Manager
interactivetools.com

Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/

Re: [Jason] Combining Email Contact & addForm.php... a few bugs

By Rusty - February 1, 2011

I got it working, issue was that the new line commands, are for email, and not CMSB, CMSB needed to have the new lines passed as HTML.

A few things to note, if you're going to use this code:

1. The order number is based off of the current time, down to seconds, and adds the current user num to this stamp, to create a unique ID for
the order. This way if two orders are placed at the exact same time, though the timestamp itself will be the same, the order number will still be unique.
2. The initial IF statement has to include the check for the contactname or contactphone being empty, else if the form is submitted and they're empty,
it'll see that the there's a post count (though the form wasn't submitted) and it wont't display the form.
3. The portion of code where it adds the order to the database has been modified so that it will update the DB to reflect that the current user is the user who created this record. This is useful for filtering the orders by usernum for listing past orders.

It may be ugly code, but it DOES work.

QUESTION -
Is there a way to pass the PHP that makes the Favorites Add/Remove functionality work through the submit form where it writes info to the Database,
so that when a customer goes to their Order History, and reviews a prior order they can then click the "Add to Order" link and have it add an item from their
previous order to their new order right from that page?


I ask because I was able to pass the PHP through the system, however past the first < the additional less than signs were getting formatted as
&lt;. I have yet to try encoding it in HEX, or DECIMAL to see if that works.


Here's a copy of my working code, just to add to the knowledge base.<!--Begin Submission Form -->
<?php
if (!count($_POST) || $_POST['contactname']=="" || $_POST['contactphone']==""){
?>

<div style="float:left;"><h2>Order Review Page</h2></div><div style="float:left;padding-top:27px;padding-left:30px;">
<a href="index.php" title="Click Here to return to the Catalog and Add More Items">If you aren't finished click here to the Catalog and Add More Items</a>
</div>
<div style="clear:both;">

<form name="form" id="form" class="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" onsubmit="return validate(this)" method="post">

<!--END SUBMIT ORDER PART ONE -->
<table border="1" width="100%" class="order" style="font-family:Arial, Helvetica, sans-serif;">
<tr style="font-size:14px;"><th width="6%">&nbsp;</th><th width="5%">Qty</th><th width="10%">Form<br />
Number</th><th width="10%">Unit<br />
Price</th><th>Qty. per Unit</th><th width="54%">Description</th><th width="10%">Delivery<br />
Estimate</th></tr>
<?php if (!$favoriteRecords): ?>
<tr><td colspan="3"></td><td colspan="3"><h3>You haven't added any items to your cart yet!</h3></td></tr><br/>
<br/>
<?php else : { foreach ($favoriteRecords as $record): ?>
<?php
$tableOrTag = 'forms'; // Update with your section's table name
$recordNum = $record['num']; // Update this with current record number
?>
<!--Row -->
<tr style="font-size:12px;">
<!--Remove -->
<td><span class="<?php wsf_cssClassFor($tableOrTag, $recordNum, 'remove'); ?>" style="<?php wsf_displayStyleFor($tableOrTag, $recordNum, 'remove');
?>"><a href="#" onclick="<?php wsf_onClickFor($tableOrTag, $recordNum, 'removeAndReload'); ?>" title="Click to Remove this Item Your Order">
<span style="text-decoration:line-through">- Remove</span></a></span></td>
<!--Quantity -->
<td><input type="text" id="<?php echo $record['form_number'] ?>_qty" name="<?php echo $record['form_number'] ?>_qty" maxlength="4" size="4"
tabindex="1" value="1"/></td>
<!--Form Number -->
<td><a href="<?php echo $record['_link'] ?>" title="Click Here to View this Item"><?php echo $record['form_number'] ?></a></td>
<!--Unit Price -->
<td><span style="color:#C00">$
<?php $discount = (100-$accountsRecord['discount_rate']) / 100;
$discount = $discount * $record['price_per_unit'];
$discount = sprintf("%01.2f", $discount);
?>
<?php echo $discount ?>
</span>
</td>
<!-- Qty per Item -->
<td><?php echo $record['qty_per_package']?></td>
<!--Description -->
<td><a href="<?php echo $record['_link'] ?>" title="Click Here to View this Item"><?php echo $record['title'] ?></a></td>
<!--Delivery Estimate -->
<td><?php echo $record['delivery_estimate'] ?></td>
<!--End Row -->
</tr>
<?php endforeach; ?>
<?php } endif?>



<!--SUBMIT ORDER PART TWO -->
<tr><td colspan="2">&nbsp;</td><td colspan="3"><strong>Enter Your Name</strong></td><td colspan="2"><input type="text" tabindex="2"
id="contactname" name="contactname" size="20" value="<?php echo htmlspecialchars(@$_REQUEST['contactname']) ?>"/>&nbsp;&nbsp;
<?php if (!count($_POST)){
echo ' *Required';}
else{ $contactname = $_POST['contactname'];
if (empty($contactname)) {
echo '<font color="red"><b>You forgot to enter your Full Name</b></font>';}}?></td></tr>
<tr><td colspan="2">&nbsp;</td><td colspan="3"><strong>Please enter your phone number</strong></td><td colspan="2"><input type="text"
tabindex="3" id="contactphone" name="contactphone" size="14" value="<?php echo htmlspecialchars(@$_REQUEST['contactphone']) ?>"/>&nbsp;&nbsp;
<?php if (!count($_POST)){
echo ' *Required';}
else{ $contactphone = $_POST['contactphone'];
if (empty($contactphone)) {
echo '<font color="red"><b>You forgot to enter your Phone Number</b></font>';}}?></td></tr>
</table>


<h4><button id="submit" type="submit" value="Submit Order" tabindex="5" class="submit" name="submit" style="height:36px; padding-bottom:2px;
margin-left:6px; background-color:#C00; color:#FFF; margin-right:20px;" >Submit Order</button>Please review your order, enter your desired quantities,
and click Submit when complete</h4>


</form>

<?php }else{ ?>
<!-- START SEND MAIL SCRIPT -->
<div id="done">
<h2>Order Successfully Submitted!</h2>
<p>Your order has been placed.<br/ >
Thank you for your business, should you have any questions please call us at 888-555-5555.</p>
</div>
<?php

error_reporting( E_ALL & ~E_NOTICE );
//$today = date("F j, Y, g:i a");
$timezone = new DateTimeZone( "America/Los_Angeles" );
$date = new DateTime();
$date->setTimezone( $timezone );


$mail = $_POST['email'];


$to = "rusty@website.com";
$subject = "New Order from Website - " . time() . @$CURRENT_USER['num'];
$headers = "From: Website <noreply@website.com>";
$message = "Sent from the Website\n";

$message .= "Order Number: " . time() . @$CURRENT_USER['num'] . "\n";
$message .= "Company: " . $accountsRecord['company'] . "\n";
$message .= "Address: " . $accountsRecord['street_address'] . "\n";
$message .= $accountsRecord['city'] . ", " . $accountsRecord['state'] . " " . $accountsRecord['zip_code'] . "\n";
$message .= "\n";
$message .= "\nHas Ordered the Following:";
//$message .= "\nName: " . $_POST['contactname'];
//$message .= "\nEmail: " . $_POST['contactemail'];
//$message .= "\nTelephone: " . $_POST['contactphone'];

foreach ($favoriteRecords as $record) {
$message .= "\n________________________________________________________________";
$qty_string = $record['form_number'] . "_qty";
$message .= "\nQuantity: " . $_POST[$qty_string];
$message .= "\nItem Number: " . $record['form_number'];
$message .= "\nDescription: " . $record['title'];

}
$message .= "\n________________________________________________________________";

$message .= "\nOrder was placed on: " . $date->format( 'g:i:s A \o\n D, M jS, Y' );
$message .= "\nOrder was placed by: " . $_POST['contactname'] . ", Contact Number: " . $_POST['contactphone'];


//Receive Variable
$sentOk = mail($to,$subject,$message,$headers);


//Begin Submission of Order to Order History DB
if (@$_REQUEST['submit']) {

// turn off strict mysql error checking for: STRICT_ALL_TABLES
mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later)

// add record
//if (!@$errorsAndAlerts) {

foreach ($favoriteRecords as $record) {


$order .= "<hr>";
$qty_string = $record['form_number'] . "_qty";
$order .= "Quantity: " . $_REQUEST[$qty_string] . "<br>";
$order .= "Item Number: <a href=\"form-detail.php?" . $record['_link'] . "\">" . $record['form_number'] . "</a><br>";
$order .= "Description: <a href=\"form-detail.php?" . $record['_link'] . "\">" . $record['title'] . "</a><br>";
$order .= "<br>";

}
$new_order_num = time() . @$CURRENT_USER['num'];
mysql_query("INSERT INTO `{$TABLE_PREFIX}order_history` SET
title = '".mysql_real_escape_string( $accountsRecord['company'] )."',
order_num = '". $new_order_num ."',
placed_by ='".mysql_real_escape_string( $_REQUEST['contactname'] )."',
contact_phone ='".mysql_real_escape_string( $_REQUEST['contactphone'] )."',
content = '". $order ."',

createdDate = NOW(),
updatedDate = NOW(),
createdByUserNum = '".@$CURRENT_USER['num']."',
updatedByUserNum = '0'")
or die("MySQL Error Creating Record:<br/>\n". htmlspecialchars(mysql_error()) . "\n");
$recordNum = mysql_insert_id();

// display thanks message and clear form
$errorsAndAlerts = "Thanks, we've added that record!";
$_REQUEST = array();
//}

}
}
?>
<!-- END SEND MAIL SCRIPT -->
<!--End Submission Form -->
<!--END SUBMIT ORDER PART TWO -->

Rusty