#1
  1. Learning all I can
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2007
    Location
    Pleasanton, California, USA
    Posts
    287
    Rep Power
    8

    Sending mail redirects to login page


    Pressing the Submit button on any of my website's email forms sends the mail successfully but immediately redirects me back out to the login page instead of displaying the "email sent successfully" message page (called 'genSuc' for 'general success' in the fourth and final hidden input field at the bottom of the included code).

    Is the email form code displayed below enough to help you tell me why I get kicked out to the login page instead of being shown the success page?
    Curtis

    PHP Code:
    //Capture the name/value pair that was passed in and build the appropriate email page
    if(array_key_exists('email'$_GET)){
      
    $emailForm $_GET['email']; 
        if(isset(
    $_GET['name']) && isset($_GET['trgt'])){
          
    $name $_GET['name']; $recipient $_GET['trgt'];
        }
        echo
    '<div id="emailForm">';
        switch(
    $emailForm){
          case 
    "gen":            
            echo
    '<h2>Write to '.$name.'</h2>';
            if(
    $name == "Us"){
              echo
    '<p class="introP">This form is for general questions and comments.</p>';
            }
            echo
    '
              <form onsubmit="return emailValidate(this)" action="http://formmail.myHostCompany.com/cgi-bin/formmail.cgi" method="post">
                <fieldset>
                  <legend>Your Contact Details</legend>
                  <ol>
                    <li>
                      <label for="name">Name</label>
                      <input id="name" name="name" class="text" type="text" />
                    </li>
                    <li>
                      <label for="email">E-mail</label>
                      <input id="email" name="email" class="text" type="text" />
                    </li>
                    <li>
                      <label for="telephone">Phone</label>
                      <input id="telephone" name="telephone" class="text" type="text" />
                    </li>
                    <li>
                      <label for="comments">Comments</label>
                      <textarea id="comments" name="comments" class="text" rows="5" cols="60"></textarea>
                    </li>
                    <li>
                      <input id="emailSubmit" type="submit" value="Send the Message" />&nbsp;&nbsp;<input id="emailReset" type="reset" value="Reset" />
                    </li>
                  </ol>
                </fieldset>
                <div>
                  <input type="hidden" name="recipient" value="'
    .$recipient.'" />
                  <input type="hidden" name="subject" value="*** General E-mail ***" />
                  <input type="hidden" name="required" value="name, email, comments" />
                  <input type="hidden" name="redirect" value="http://www.myDomain.com/email.php?email=genSuc" />
                </div>
              </form>
            '
    ;
           break;

            
    //many switch statement cases follow, as do closing braces, etc...

            /* 
             genSuc is a switch statement case that displays a general 
             success message after the email form Submit button is clicked.
            */
            
    case "genSuc":
              
    $content="
                <h3>Thank You For Writing!</h3>
                <p>
                   We usually check our e-mail several times a day 
                   and will respond to yours as soon as we read it.
                   Someone will call if you asked us to do so.
                </p>
                <p id=\"successThanks\">Thank you again!
                   <br />The DT E-mail Answering Team
                </p>
              "
    ;
              echo 
    $content; break; 
    Last edited by cstallins; November 22nd, 2012 at 12:05 AM.
    Curtis
    - living a newbie's dream
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2003
    Posts
    3,503
    Rep Power
    594
    Please edit your post and enclose your code in [ PHP ] tags rather than [ CODE ] tags. Also while indentation helps make your code readable, you have too much requiring lots of left/right scrolling making it just as hard to read as no indentation.

    Having said that, what you display after the submit button is pressed is determined by the action on the form tag. You do not show what you do with the field 'redirect'.
    There are 10 kinds of people in the world. Those that understand binary and those that don't.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Posts
    677
    Rep Power
    7
    I would say no, as long as the address provided at the end works fine on its own. The issue will be in what seems to be your cgi script processing everything. It seems to not be using the provided address when it does the redirect.
  6. #4
  7. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Sep 2002
    Location
    Seattle, U.S.A.
    Posts
    712
    Rep Power
    13
    I don't think we have enough information.

    Are you using some sort of dedicated mail script to handle your form? Are the hidden fields setup correctly, ie are you using the right variable names.

    Also what does email.php look like?
  8. #5
  9. Learning all I can
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2007
    Location
    Pleasanton, California, USA
    Posts
    287
    Rep Power
    8
    Thank you all for your valuable time.
    I changed the code wrap to PHP tags and reduced my indent. I included at the bottom of the code snippet the switch statement case that should be displayed as the email submit success message. The email form and success message are part of the same PHP file, called email.php. Might that be the problem--should/must the success message exist in a different file?

    Curtis
    Curtis
    - living a newbie's dream
  10. #6
  11. No Profile Picture
    I haz teh codez!
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2003
    Posts
    2,549
    Rep Power
    2337
    Your email script is submitting to this script here:

    http://formmail.myHostCompany.com/cgi-bin/formmail.cgi

    We don't know what's in that script, but that's where there should be some action taken on the "redirect" form variable that would send the user to the provided URL.
    I ♥ ManiacDan & requinix

    This is a sig, and not necessarily a comment on the OP:
    Please don't be a help vampire!
  12. #7
  13. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Sep 2002
    Location
    Seattle, U.S.A.
    Posts
    712
    Rep Power
    13
    I was wondering if maybe the formmail.cgi is stripping out the email=genSuc. Couple of things to try:

    1. Add a default: to your switch and see if for some reason it ends up there.

    e.g.

    PHP Code:
    default:
       
    print_r$_REQUEST );
    exit; 
    2. Try redirecting to a page that doesn't have any parameters and see if that works.

    Good luck
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Posts
    677
    Rep Power
    7
    msteudel, his genSuc case WILL NEVER be ran, as currently writtien. The ONLY time it would, is if the formmail.cgi script redirects back to the file containing this case arguement and provides the case value of genSuc.

    cstallins, as stated, this entire conversation we are having has nothing to do with the code provide, nor the file it's in. The file you've posted your scripting from is executing and processing successfully. If possible, we would love to see your formmail.cgi scripting to help you out. Thank you.
  16. #9
  17. Learning all I can
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2007
    Location
    Pleasanton, California, USA
    Posts
    287
    Rep Power
    8
    Again, thank you all for your valuable advice.
    I'll contact Dreamhost and see what their policies are concerning letting me view/modify the script.

    I can tell you that my email forms have always redirected properly. It stopped working only when I began using the form with a website to which users need to authenticate and log in. I checked to make sure the email.php file header displays the session_start() command at the top of the file, and it does.

    I'll check with Dreamhost.
    Thank you again for your time and insight.
    Curtis
    Curtis
    - living a newbie's dream
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Posts
    677
    Rep Power
    7
    Aight. I suppose if the formmail.cgi is not your scripting, you could maybe write a little on your redirected-to page and see if any $_POST[] variables or anything are being sent as well, or if it's just a clean fresh redirect to a base URL/directory.
  20. #11
  21. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Sep 2002
    Location
    Seattle, U.S.A.
    Posts
    712
    Rep Power
    13
    Make sure you are redirecting to the same domain, eg if the user is authenticated using WW.domain.com and they get redirected to domain.com they'll lose their session.

    In your form you want to dynamical construct the redirect URL.

    $_Server['http_host'] . "/email.php?";

    So that the user is redirected back tot the domain that they have ther authenticated session with.
  22. #12
  23. Learning all I can
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2007
    Location
    Pleasanton, California, USA
    Posts
    287
    Rep Power
    8
    To troubleshoot, I changed my email form's redirect to point to another website I manage, one that requires no authentication or login. The redirect works perfectly, as it always did before I employed the email form on my site that requires login. The Formmail script appears to work as it should.

    Thinking it through, it seems that the email form's redirect is trying to redirect to the "email sent successfully" page (the genSuc case in email.php's switch statement), but the authentication mechanism is, for some reason, stopping the attempt. Perhaps it's not detecting the session?

    For you brave ones, here's my login page script, and beneath it is the header file script that begins the email.php file:

    PHP Code:
    <?php 
    // process this block only if the form has been submitted
      
    if (array_key_exists('login'$_POST)) {
        
    session_start(); // start the session
        
    $textfile 'filetest03.txt'//filetext03 lists the login/password values (I know; not secure. Moving it to the db soon)
        
    if (file_exists($textfile) && is_readable($textfile)) {
          
    $users file($textfile); // read the file into an array called $users
          
          
    for ($i 0$i count($users); $i++) { // loop through the array to process each line
            
    $tmp explode(', '$users[$i]); // separate each element and store in a temporary array
            
    $users[$i] = array('name' => $tmp[0], 'password' => rtrim($tmp[1])); // assign each element of the temp array to a named array key
            // check for a matching record
            
    if ($users[$i]['name'] == $_POST['username'] && $users[$i]['password'] == $_POST['pwd']) {
              
    $_SESSION['authenticated'] = 'secretWord'// if there's a match, set a session variable
              
    break;
            }
          }
            
          if (isset(
    $_SESSION['authenticated'])) { // if the session variable has been set, redirect
            
    $_SESSION['start'] = time(); // get the time the session started
            
    header('Location: http://myDomain.com');
            exit;
          }
          
    // if the session variable has not been set, refuse entry
          
    else {
            
    $error 'Invalid username or password.';
          }
        }
        
    // error message to display if text file not readable
        
    else {
          
    $error 'Login facility unavailable. Please try later.';
        }
      }

    //more stuff before the closing php tag...
    Here's some of the header code that appears at the top of my email.php file:
    PHP Code:
    <?php
      session_start
    ();
      
    ob_start();
      
    $timelimit 900// fifteen minutes
      
    $now time(); // get the current time
      
    $redirect 'http://myDomain.com/login.php'// redirect to login page if rejected
        
      // if session variable not set, redirect to login page
      
    if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] != 'secretWord') {
        
    header("Location: $redirect");
        exit;
      }
      
    // if timelimit has expired, destroy session and redirect
      
    elseif ($now $_SESSION['start'] + $timelimit) {
        
    $_SESSION = array(); // empty the SESSION array
        
        
    if (isset($_COOKIE[session_name()])) { // invalidate the session cookie
          
    setcookie(session_name(), ''time() - 86400'/');
        }

        
    session_destroy(); // end session and redirect with query string
        
    header("Location: {$redirect}?expired=yes");
        exit;
      }
        
      else { 
    // update the start time
        
    $_SESSION['start'] = time();
      }
    ?>
    Curtis
    - living a newbie's dream
  24. #13
  25. Learning all I can
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2007
    Location
    Pleasanton, California, USA
    Posts
    287
    Rep Power
    8
    Well, I'll be.....

    In my login.php script,this block appears:
    PHP Code:
    // if the session variable has been set, redirect
    if (isset($_SESSION['authenticated'])) {
      
    $_SESSION['start'] = time(); // get the time the session started
      
    header('Location: http://myDomain.com');
      exit;

    In the header at the top of the email.php file, this block appears:
    PHP Code:
    <?php
      session_start
    ();
      
    ob_start(); 
      
    $timelimit 900// fifteen minutes
      
    $now time(); // get the current time
      
    $redirect 'http://myDomain.com/login.php'// redirect to login page if rejected
        
      
    if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] != 'secretWord') { // if session variable not set, redirect to login page
      
    header("Location: $redirect");
      exit;
      }
    // more code follows...
    And at the bottom of my email.php form is this redirect:
    PHP Code:
    <input type="hidden" name="redirect" value="http://www.myDomain.com/email.php?email=genSuc" /> 
    The first two use http://myDomain and the third uses http://www.myDomain

    After making all three use http://myDomain, the darn thing works perfectly. I tried it from three different email forms, and all sent the email and immediately redirected as specified in the genSuc case of my email form's switch statement.

    Thank you all very much for investing your time to help me figure this out. Bonus points to msteudel for nailing the beeyatch!

    Curtis

    Originally Posted by msteudel
    Make sure you are redirecting to the same domain; e.g. if the user is authenticated using www.domain.com and they get redirected to domain.com, they lose their session.
    Last edited by cstallins; November 23rd, 2012 at 09:25 PM.
    Curtis
    - living a newbie's dream

IMN logo majestic logo threadwatch logo seochat tools logo