Trying to call a PHP file hosted on my InfinityFree site

shinyslowqueen · August 28, 2024, 12:52am

https://vitamin-h.com/formSubmit_kamihai2024.php

(please specify the URL of the site on which you are experiencing the problem)

(Blank Screen)

(please share the FULL error message you see, if applicable)

Other Information

I have a weebly site with a form on it that calls a php file on my InfinityFree site, but instead of doing anything, it gives me a blank white screen with “?i=1” after the url. I’ve had several sites look at my code, and the general opinion is that the problem is on the server in how the php script is getting invoked when the form submits a post request to the server. It’s been suggested that I will likely need to involve the web hosting support to solve this.

Here is the code in question:

<?php
if(isset($_POST['email'])) {
     
    // CHANGE THE TWO LINES BELOW
    $email_to = "[email protected]";
    $email_toa = "[email protected]";
     
    $email_subject = "Kami-Con HAI 2024 - AMV Submission";
    $conf_subject = "Kami-Con HAI 2024 - AMV Contest Confirmation"; 
     
    function died($error) {
        // your error code can go here
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
        echo "These errors appear below.<br /><br />";
        echo $error."<br /><br />";
        echo "Please click BACK in your browser and fix these errors.<br /><br />";
        die();
    }
     
    // validation expected data exists
    if(!isset($_POST['handle']) ||
        !isset($_POST['amv_category']) ||
        !isset($_POST['youtube'])) {
        died('We are sorry, but there appears to be a problem with the form you submitted.');       
    }

if(!empty($_POST['first_name'])) {}
else{
died('First name is required.');
}
if(!empty($_POST['last_name'])) {}
else{
died('Last name is required.');
}
if(!empty($_POST['amv_title'])) {}
else{
died('Title of AMV is required.');
}
if(!empty($_POST['amv_song'])) {}
else{
died('Song Used is required.');
}
if(!empty($_POST['amv_artist'])) {}
else{
died('Song Artist is required.');
}
if(!empty($_POST['amv_anime'])) {}
else{
died('Animation sources are required.');
}
if(!empty($_POST['amv_link'])) {}
else{
died('AMV link is required.');
}
if(!empty($_POST['attending'])) {}
else{
died('Are you attending the convention?  This answer is required.');
}
if(!empty($_POST['email'])) {}
else{
died('Email address is required.');
}

if(!isset($_POST['consent'])) {
died('You must check that you have read and understand the AMV League Rules and Criteria to submit a video.');
}

function IsChecked($chkname,$value)
    {
        if(!empty($_POST[$chkname]))
        {
            foreach($_POST[$chkname] as $chkval)
            {
                if($chkval == $value)
                {
                    return true;
                }
            }
        }
        return false;
    }
    $first_name = $_POST['first_name']; // required
    $last_name = $_POST['last_name']; // required
    $handle = $_POST['handle']; // not required
    $amv_title = $_POST['amv_title']; // required
    $amv_category = $_POST['amv_category']; // required
    $amv_song = $_POST['amv_song']; // required
    $amv_artist = $_POST['amv_artist']; // required
    $amv_anime = $_POST['amv_anime']; // required
    $amv_link = $_POST['amv_link']; // required
    $email_from = $_POST['email']; // required    
    $attending = $_POST['attending']; // required
    $youtube = $_POST['youtube']; // not required
    $consent = $_POST['consent']; // required
     
    $error_message = "";
    $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
  if(!preg_match($email_exp,$email_from)) {
    $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
  }
    $string_exp = "/^[A-Za-z' .-]+$/";
  if(!preg_match($string_exp,$first_name)) {
    $error_message .= 'The First Name you entered does not appear to be valid.<br />';
  }
  if(!preg_match($string_exp,$last_name)) {
    $error_message .= 'The Last Name you entered does not appear to be valid.<br />';
  }
    if(strlen($error_message) > 0) {
    died($error_message);
  }
    $email_message = "Form details below.\n\n";
     
    function clean_string($string) {
      $bad = array("content-type","bcc:","to:","cc:","href");
      return str_replace($bad,"",$string);
    }
     
    $email_message .= "Name: ".clean_string($first_name)." ".clean_string($last_name)."\n";
    $email_message .= "Handle: ".clean_string($handle)."\n";
    $email_message .= "Email: ".clean_string($email_from)."\n";
    $email_message .= "Title of AMV: ".clean_string($amv_title)."\n";    
$email_message .= "Category: ".clean_string($amv_category)."\n";
$email_message .= "Song: ".clean_string($amv_song)." by ".clean_string($amv_artist)."\n";
$email_message .= "Anime Used: ".clean_string($amv_anime)."\n\n";
$email_message .= "Youtube: ".clean_string($youtube)."\n\n";
$email_message .= clean_string($amv_link)."\n\n\n"; 

$amv_category = strtoupper($amv_category);
$email_message .= clean_string($amv_category)."\n";
$email_message .= clean_string($amv_title)."\n";
$email_message .= "\"".clean_string($amv_song)."\""."\n";
$email_message .= clean_string($amv_artist)."\n";
$email_message .= clean_string($amv_anime)."\n";
$email_message .= "Editor: ".clean_string($handle)."\n\n";

$email_message .= "Attending? ".clean_string($attending)."\n\n";

$email_message .= "Full Name: ".clean_string($first_name)." ".clean_string($last_name)."\n";    
$email_message .= "Email: ".clean_string($email_from)."\n\n";

$email_message .= "Download: ".clean_string($amv_link)."\n";  
$email_message .= "Streaming: ".clean_string($youtube)."\n\n";  





$conf_message .="Thank you for your interest.  We have received the following submission from you: \n\n";
$amv_category = strtoupper($amv_category);
$conf_message .= clean_string($amv_category)."\n";
$conf_message .= clean_string($amv_title)."\n";
$conf_message .= "\"".clean_string($amv_song)."\""."\n";
$conf_message .= clean_string($amv_artist)."\n";
$conf_message .= clean_string($amv_anime)."\n";
$conf_message .= "Editor: ".clean_string($handle)."\n\n";


$conf_message .= "Full Name: ".clean_string($first_name)." ".clean_string($last_name)."\n";    
$conf_message .= "Email: ".clean_string($email_from)."\n\n";

$conf_message .= "Download: ".clean_string($amv_link)."\n";  
$conf_message .= "Streaming: ".clean_string($youtube)."\n\n";
$conf_message .= "We will review this submission at our earliest convenience and contact you if there are any further issues.\n\n";
$conf_message .= "Regards,\n";
$conf_message .= "Annie Bowyer\n";
$conf_message .= "Vitamin H Productions\n";  



$conf_headers = 'From: '.$email_toa."\r\n".
'Reply-To: '.$email_toa."\r\n" .
'X-Mailer: PHP/' . phpversion();
// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($email_to, $email_subject, $email_message, $headers);  
mail($email_from, $conf_subject, $conf_message, $conf_headers); 

 header( 'Location: https://vitaminh.weebly.com/thankyou.html' ) ; 

}
die();
?>```

If there's any other information you need, let me know.

Frank419 · August 28, 2024, 12:56am

The system do mess up with request some times, but most of the times it doesn’t.

BTW, mail() won’t work here.

EdwardHamHam · August 28, 2024, 1:00am

Since you’re calling it from another website, the request is likely being blocked by the security system.

If you want a seamless experience you could export your site from Weebly and host it on InfinityFree instead.

shinyslowqueen · August 28, 2024, 1:05am

It won’t? How come? Is there any other way to make PHP generate an email?

Greenreader9 · August 28, 2024, 1:05am

Probably not. The OP said it was a form, and the code is looking for a POST request, so that means the user is getting redirected to the website, meaning the security system does not have an affect.

Greenreader9 · August 28, 2024, 1:06am

Yes, use ~~STMP~~ SMTP. It does not work here due to past abuse of the function.

shinyslowqueen · August 28, 2024, 1:08am

What is STMP, and are there any easy guides as to how to use it?

Frank419 · August 28, 2024, 1:08am

There’s PHPMailer.

You’ll need SMTP from it.

This is typo

Yes, this was the issue! When the ?i=1 thing happen, it strips out every other request parameter. The security system is very indeed in effect.

In order for your form to work, please host your site directly here as @EdwardHamHam suggests.

Greenreader9 · August 28, 2024, 1:11am

No. The initial POST request that is sent still reaches the server, the security system is a JS thing, the browser takes care of that, not the server.

Frank419 · August 28, 2024, 1:20am

Well, I just did a quick test and you are wrong. The security system indeed affected the POST parameters, although I don’t exactly know why.

Here are the codes for reference:

form.php (On domain A):

<?php

if( isset( $_POST['param'] ) )
{
    echo $_POST['param'];
} else {
    echo 'Nothing recieved!';
}

form.html (On domain B):

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>

<body>
    <form action="http://domain-a.tld/form.php" method="post">
        <label for="param">Param:</label>
        <input type="text" name="param" id="param" placeholder="Enter the parameter here...">
        <input type="submit" value="Submit">
    </form>
</body>

</html>

Result:

Note that the domain-a.tld in the screenshot is just censorship. I don’t feel like to expose the domain.

shinyslowqueen · August 28, 2024, 2:33am

Is there any way y’all can give me a quick rundown on how to use PHP Mailer and SMTP with my InfinityFree site to generate mail? I’m really kind of clueless here.

Greenreader9 · August 28, 2024, 2:45am

Your test did not actually test what I posted.

I said:

Key word being “initial”. The first POST request reaches the server. The server sees that POST request and responds to the browser. The browser runs the security system and redirects you via a GET request with the ‘i’ parameter. If you told PHP to save the value of your request to a file, SESSION, or database, you would see that the PHP code does in fact run.

Did you click on the GitHub link? There is an example right there in the README, it even tells you how to install it and set it up.

shinyslowqueen · August 28, 2024, 3:30am

I did and a lot of it went over my head. I downloaded Composer and got as far as “Choose the command line PHP you want to use” and I had no idea what to put there, so I downloaded the zip file and now I can’t figure out what to do with that. Do I just upload all the files to my site? I’m really clueless here.

Frank419 · August 28, 2024, 3:53am

You upload these files to your site. You don’t just upload these files to your site, you have to implement these files into your code. Just upload these files have the same effect of not uploading anything.

Proper documentation is also just inside README, including how to use the zip file instead of composer.

Admin · August 28, 2024, 12:16pm

You could also start by taking our contact form example and editing it to suit your purpose. There is a readme with some setup instructions. You can download the file and strip the contact form specific parts and only use the useful parts.

system · September 4, 2024, 12:17pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.