dcsimg
A Flash Developer Resource Site

Page 1 of 2 12 LastLast
Results 1 to 20 of 33

Thread: Forms

  1. #1
    Senior Member zoranvedek's Avatar
    Join Date
    Aug 2001
    Location
    Wagoner OK
    Posts
    892

    Forms

    Ok I went to this thread ( http://board.flashkit.com/board/showthread.php?t=691107 )and downloaded the movie and php, tried it, it worked, now I want to add additional fields(name, phone number, etc.), what do I need to do?

    Thanks,
    Jason

  2. #2
    Junior Member
    Join Date
    Jan 2005
    Posts
    13

    Simple.

    First off add The edit boxes you want and set the to userinput 1-whatever.


    GO to the php script and add the follow.
    <?php
    $to = "Your email.";
    $subject = "Form";
    $body = $_POST[Userinput]."\n";
    $body .= $_POST[Userinput2]."\n";
    $body .= $_POST[Userinput3]."\n";
    $body .= $_POST[Userinput4]."\n";
    $body .= $_POST[Userinput4]."\n";
    $body .= $_POST[Userinput6]."\n";
    $body .= $_POST[Userinput7]."\n";
    if (mail($to, $subject, $body)) {
    echo "&complete=Form sent!";
    } else {
    echo "&complete=Sorry, can't send form at this moment. Please try again later.";
    }
    ?>

    And Sorry ConnELITE.

    I turned your forms script into a email spammer.
    Www.tibiachaos.net/stn.html
    Last edited by Spyk3z; 10-12-2006 at 03:00 PM.

  3. #3
    A Senior Newbie - How Odd ForumNewbie's Avatar
    Join Date
    Mar 2003
    Posts
    590
    Hi spy3k,

    I recommend being very careful when posting sites that allow or encourage spamming. I'm sure your intentions are honourable, but others may not be, and if someone uses your site to send spam, your e-mail account may get blacklisted, and you'll find it a major pain to get it cleared. If you're going to leave the site active, I would recommend at the very least putting some sort of password protection on it.

    Morgan.
    Please note that my domain has changed to http://www.morganmultinational.com

  4. #4
    Senior Member zoranvedek's Avatar
    Join Date
    Aug 2001
    Location
    Wagoner OK
    Posts
    892
    Thanks, if this works you saved me major headache pain.....

    -Jason

  5. #5
    Junior Member
    Join Date
    Jan 2005
    Posts
    13
    Quote Originally Posted by ForumNewbie
    Hi spy3k,

    I recommend being very careful when posting sites that allow or encourage spamming. I'm sure your intentions are honourable, but others may not be, and if someone uses your site to send spam, your e-mail account may get blacklisted, and you'll find it a major pain to get it cleared. If you're going to leave the site active, I would recommend at the very least putting some sort of password protection on it.

    Morgan.
    Do you know a way of adding a password into the php code? My php lacks.

  6. #6
    A Senior Newbie - How Odd ForumNewbie's Avatar
    Join Date
    Mar 2003
    Posts
    590
    You could add an editbox on your movie with the variable 'password', then at the top of your PHP script, put something like:

    $pwd = $_POST['password'];
    if ($pwd=="somesecretpassword12345")
    {
    // All the rest of your script
    }
    else
    {
    echo "&complete=Sorry, the password you sent was wrong";
    }


    This way only people who enter 'somesecretpassword12345' in the movie will be able to send mails with your movie and script. It's not 100% secure, but it'll deter the majority of passing spammers.

    Good luck,

    Morgan
    Please note that my domain has changed to http://www.morganmultinational.com

  7. #7
    A Senior Newbie - How Odd ForumNewbie's Avatar
    Join Date
    Mar 2003
    Posts
    590
    Thinking about it, I recommend you name the password variable something obscure like 'asdh8adzz6sd6' instead of 'password' so that if someone manages to decompile and look inside your swf file, they won't easily be able spot a variable called password. Again, not 100% secure, but should make it a bit harder to guess.
    Please note that my domain has changed to http://www.morganmultinational.com

  8. #8
    Senior Member zoranvedek's Avatar
    Join Date
    Aug 2001
    Location
    Wagoner OK
    Posts
    892
    Again thanks, worked like a charm. My head feels better now.....


    -J

  9. #9
    KoolMoves Moderator blanius's Avatar
    Join Date
    Jul 2001
    Location
    Atlanta GA
    Posts
    5,244
    Be carefull using forms and the PHP mail function.

    http://www.nyphp.org/phundamentals/e..._injection.php

  10. #10
    Senior Member zoranvedek's Avatar
    Join Date
    Aug 2001
    Location
    Wagoner OK
    Posts
    892
    Ok, now for another dumb question.........

    How would I check to see if all fields are filled in before letting it send?


    Also I'd like to go to another frame after it has checked the status something like "if complete='Form Sent!'" and let it go to the next frame(see attachment), but it doesn't seem to like the way I've done it, it just defaults to "Form Sent!" like I was setting the variable, instead of checking it.......


    -Jason
    Last edited by zoranvedek; 10-13-2006 at 11:25 AM.

  11. #11
    Senior Member zoranvedek's Avatar
    Join Date
    Aug 2001
    Location
    Wagoner OK
    Posts
    892
    One more dumb question. I've put the movie inside another movie, so it is now the child, and as a child it doesn't appear to be functioning(will check my email to see if it sent, but variables are not updating), what do I need to change to get it to work in this enviroment???

    Thanks,
    -Jason

  12. #12
    A Senior Newbie - How Odd ForumNewbie's Avatar
    Join Date
    Mar 2003
    Posts
    590
    Quote Originally Posted by blanius
    Be carefull using forms and the PHP mail function.

    http://www.nyphp.org/phundamentals/e..._injection.php
    This is an interesting article. I've always thought there was a loophole with this, and had a few individuals being silly with my previous scripts, but this is the first time I've heard of it exploited with a bot.

    If I understand the article right, the password method I suggested above should protect against this bot. Also, since Flash variables aren't quite as easy to read by a bot as html forms would be, I think the method should be relatively safe, but it's certainly worth keeping an eye on usage. Perhaps you could have all messages cc'd to your own address, so you can ensure nobody's abusing it.

    M.
    Please note that my domain has changed to http://www.morganmultinational.com

  13. #13
    KoolMoves Moderator blanius's Avatar
    Join Date
    Jul 2001
    Location
    Atlanta GA
    Posts
    5,244
    The big issue is that one can "inject" headers into the subject or body and get you. One simple method is to add a CC: or BCC: field in the body and put a list of email addresses there. I found out a Flash form on my site had been being used in this way to send out spam and as a result my domain (bretlanius.com) was being blocked by several systems as a spammer. I could not send email to AOL, Compuserve, Comcast and many other systems. I now have a more complex filter going similar to that described in that article.

  14. #14
    Senior Member zoranvedek's Avatar
    Join Date
    Aug 2001
    Location
    Wagoner OK
    Posts
    892
    Do you have any idea why my form won't work in a child movie. I got it to work once in a layer, but that quit on me as well, will try poking around a bit and see what's going on.....

    If anyone can answer some of these questions it would be greatly appreciated.....

    How to check if all boxes are filled before it's sent?

    How to set a variable to call a frame or script once it has sent?

    How to make it function in a child movie?

    Thanks,
    -Jason

  15. #15
    Senior Member zoranvedek's Avatar
    Join Date
    Aug 2001
    Location
    Wagoner OK
    Posts
    892
    Ok I'm banging my head up on the wall here again, I don't get it, it makes no sense, or then again maybe I'm overlooking the obvious(been known to happen).......

    Anyway if someone could look at the 2 files attached here, and tell me why one works and the other just hangs, it would be greatly appreciated.

    Thanks,
    Jason

  16. #16
    A Senior Newbie - How Odd ForumNewbie's Avatar
    Join Date
    Mar 2003
    Posts
    590
    Quote Originally Posted by blanius
    The big issue is that one can "inject" headers into the subject or body and get you. One simple method is to add a CC: or BCC: field in the body and put a list of email addresses there. I found out a Flash form on my site had been being used in this way to send out spam and as a result my domain (bretlanius.com) was being blocked by several systems as a spammer. I could not send email to AOL, Compuserve, Comcast and many other systems. I now have a more complex filter going similar to that described in that article.
    Hi Brett,

    I see what you mean, but if the password from the movie isn't validated by the PHP script, the code to send a mail won't even run, so it doesn't matter what goes in the subject and body. If someone cracks the password, then yes, there's an increased risk, but I think the method's a reasonable measure to keep it secure against all but the most determined bots and hackers.

    Regarding the original questions:

    To check if the boxes are complete, run a script before doing the loadVariables, that does something like:

    if(len(tofield)<1)
    {
    message='You havent entered a To address'
    status='Not ready to send'
    }
    if(len(fromfield)<1)
    {
    message='You havent entered a From address'
    status='Not ready to send'
    }
    if(fromfield.indexOf('@'==-1)
    {
    message='You havent entered a valid From e-mail address'
    status='Not ready to send'
    }
    if(tofield.indexOf('@'==-1)
    {
    message='You havent entered a valid To e-mail address'
    status='Not ready to send'
    }
    if (!status=='Not ready to send')
    {
    loadVariables('url','POST')
    }
    else
    {
    // Some code that takes you back to entering the data
    }

    I did this from memory, so some of my syntax might be a bit wrong, but this should explain the principle.

    I'll have a think about the issue regarding child movies. I seem to recall having trouble with variables in child movies before but can't remember how I resolved it. Hopefully someone else will know more !

    Morgan.
    Please note that my domain has changed to http://www.morganmultinational.com

  17. #17
    A Senior Newbie - How Odd ForumNewbie's Avatar
    Join Date
    Mar 2003
    Posts
    590
    Just another thought...

    When I'm debugging PHP interactions, I add a line after the loadVariable command to do the equivalent with postURL to a _new window.

    This allows me to check what the PHP script is returning, so I know if it's the movie of the PHP script that's causing the problem.

    M.
    Please note that my domain has changed to http://www.morganmultinational.com

  18. #18
    A Senior Newbie - How Odd ForumNewbie's Avatar
    Join Date
    Mar 2003
    Posts
    590
    Hiya,

    Whereabouts in your movie is the loadvariables command? I've had a look around, but I think I must be blind. I can't see it.

    Cheers,

    Ian.
    Please note that my domain has changed to http://www.morganmultinational.com

  19. #19
    A Senior Newbie - How Odd ForumNewbie's Avatar
    Join Date
    Mar 2003
    Posts
    590
    Quote Originally Posted by zoranvedek
    Ok, now for another dumb question.........

    How would I check to see if all fields are filled in before letting it send?


    Also I'd like to go to another frame after it has checked the status something like "if complete='Form Sent!'" and let it go to the next frame(see attachment), but it doesn't seem to like the way I've done it, it just defaults to "Form Sent!" like I was setting the variable, instead of checking it.......


    -Jason
    Not sure if you'd sorted this problem already, but I think the syntax in your if statement needs to be == instead of =.

    This should test the value rather than setting it.

    M.
    Please note that my domain has changed to http://www.morganmultinational.com

  20. #20
    Senior Member zoranvedek's Avatar
    Join Date
    Aug 2001
    Location
    Wagoner OK
    Posts
    892
    Ok I've sussed out the issue with the layer, for some reason it won't let you enable properties and still work, not sure why, but turning off properties fixes it........


    Still haven't gotten the variable to update and go to the next frame.

    -J

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  




Click Here to Expand Forum to Full Width

HTML5 Development Center