Subversion Repositories php_library

Rev

Go to most recent revision | Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
1 rodolico 1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
2
<html>
3
 
4
<head>
5
  <title>contact_us.php Documentation</title>
6
  <meta name="GENERATOR" content="Quanta Plus">
7
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
8
  <style>
9
 
10
td {
11
    border: inset 1pt;
12
    text-align : left;
13
    vertical-align : top;
14
  }
15
 
16
 
17
TABLE {
18
    border: outset 1pt;
19
    border-collapse: separate;
20
    border-spacing: 1pt;
21
  }
22
 
23
 
24
pre {
25
    font-size : 8pt;
26
    line-height : 8pt;
27
    word-spacing : 0px;
28
  }
29
 
30
</style>
31
</head>
32
<body>
33
 
34
<h1>contact_us.php</h1>
35
<h2>User Documenation</h2>
36
 
37
<p>contact_us is a series of php scripts to allow rapid creation of a contact us form in any web based application.</p>
38
 
39
<p>It is designed with virtual hosting, ie more than one web site hosted on a given server. In the author's site, a common alias for all domains (named, strangely enough, common-cgi) is created outside any single domains directory tree. Thus, to use the contact form, a particular web site simply creates a link to /common-cgi/contact_us.php. However, for single domain implementations, contact_us.php (and its associated contact_us_lib.php) may be placed in the web sites directory tree, if desired. <em>Note, the web server must allow php code to be executed in this location.</em></p>
40
 
41
<h3>How does it work?</h3>
42
 
43
<p>When called, contact_us.php determines who called it. First, it looks for a session variable named 'contact_us home' and, if that is not populated, it takes HTTP_REFERER and tears it apart to determine the caller. Especially important is the fact the script looks for the calling domain name and path within the domain name. This allows for contact_us.php to be called from not just multiple web sites, but multiple locations within a web site with different actions.</p>
44
 
45
<p>At this point, contact_us.php takes DOCUMENT_ROOT, applies the directory information found above, and applies it to DOCUMENT_ROOT to determine the local path being used by the process that called it. <strong>NOTE that, for this reason, you can not call contact_us.php from any server other than the one your domain is on.</strong> By this, we mean you can not call contact_us.php from a server other than the one your site is hosted on.</p>
46
 
47
<p>contact_us.php then looks for a file named contact_us_local.php in the directory found above. This file is then included (via php's include_once command) in the script and its variables and defines used to build the page dynamically</p>
48
 
49
<p><emp>Other Important Files:</emp> contact_us.css from the root directory of the calling domain is included. See below for information on its structure</p>
50
 
51
<p>Once the user presses the Submit button on the form, validation, contact_us.php is called again. The form is verified and, if all required fields are filled in, the action(s) set up in contact_us_local.php (currently e-mail and database) are performed. If the actions succeed, a success message is displayed, otherwise a failure message is displayed</p>
52
 
53
 
54
<h3>contact_us_local.php structure</h3>
55
 
56
<p>The variables available in contact_us_local.php are defined in tables 1 through 3. Additionally, to implement database storage of acquired data, see section below tables for recommended and required modifications to contact_us_local.php.</p>
57
 
58
<table>
59
  <caption><strong>Table 1:</strong> contact_us_local.php Variables</caption>
60
  <thead>
61
    <tr>
62
      <th>Variable</th>
63
      <th>Description</th>
64
    </tr>
65
  </thead>
66
  <tbody>
67
    <tr>
68
      <td>$HEADER</td>
69
      <td>Contains html that is placed at the top of the contact us form.  This information lives in a &lt;div&gt;&lt;/div&gt; block with an id of header</td>
70
    </tr>
71
    <tr>
72
      <td>$SUCCESS_MESSAGE</td>
73
      <td>Plain text message displayed if the form action is successful</td>
74
    </tr>
75
    <tr>
76
      <td>$FAILURE_MESSAGE</td>
77
      <td>Plain text message displayed if the form action is not successful</td>
78
    </tr>
79
    <tr>
80
      <td>$WINDOW_WIDTH</td>
81
      <td>If the form resizes itself, this will be its width, in pixels</td>
82
    </tr>
83
    <tr>
84
      <td>$WINDOW_HEIGHT</td>
85
      <td>If the form resizes itself, this will be its hieght, in pixels</td>
86
    </tr>
87
    <tr>
88
      <td>$CATEGORIES</td>
89
      <td>An array (hash) of values for each possible category. See details in table 2</td>
90
    </tr>
91
    <tr>
92
      <td>$FIELDS</td>
93
      <td>An array (hash) definining the fields displayed on the form. See table 3 for additional information</td>
94
    </tr>
95
    <tr>
96
      <td>$MAX_DISPLAY_WIDTH</td>
97
      <td>The maximum width of input fields, in characters. Used to limit the max size of all &lt;input&gt; and &lt;textarea&gt; fields</td>
98
    </tr>
99
    <tr>
100
         <td>define(SEND_EMAIL,[true|false])</td>
101
      <td>Not a varialbe, per se, but a constant definition. If this is set to false (allowed values, true or false, 1 or 0), and e-mail is not sent when the form action is performed. Defaults to true if this constant is not defined.</td>
102
    </tr>
103
  </tbody>
104
</table>
105
 
106
<p>contact_us.php generally has multiple categories which are displayed in a &lt;select&gt; at the top of the page. This provides a recipient of the e-mail (so the same form can send to different recipients) and a subject for the e-mail.</p>
107
 
108
<p>$CATEGORIES is an array whose key is numeric. This key determines the order of the categories in the &lt;select&gt;, ie the lowest number is the first, the next lowest is second, etc... The numbers do not have to be sequetial.</p>
109
 
110
<p>Each array element is in turn an additional array (hash), with the keys that are strings. These are defined in Table 2 below</p>
111
 
112
<table>
113
  <caption><b>Table 2:</b> $CATEGORIES field definitions</caption>
114
  <thead>
115
    <tr>
116
      <th>Variable</th>
117
      <th>Use</th>
118
    </tr>
119
  </thead>
120
  <tbody>
121
    <tr>
122
      <td>title</td>
123
      <td>String displayed in &lt;select&gt; box.</td>
124
    </tr>
125
    <tr>
126
      <td>email</td>
127
      <td>e-mail address of recipient for forms submitted with this category</td>
128
    </tr>
129
    <tr>
130
      <td>subject</td>
131
      <td>Subject displayed on e-mail when form submitted</td>
132
    </tr>
133
  </tbody>
134
</table>
135
 
136
<p>There are no predefined fields with contact_us except the inital &lt;select&gt;. The remainder of the fields are defined via the $FIELDS variable.</p>
137
 
138
<p>The $FIELDS variable is an array, similar to the $CATEGORIES variable, with an numeric index that determines the order the fields appear on the form. Again, lowest value goes first, up to highest value. If two values are the same, the second one physically in the definition overwrites the previous one(s)</p>
139
 
140
<p>Each element of the $FIELDS array is itself an array, with string index keys. Some keys, such as <em>title</em>, <em>type</em> and <em>required</em> are available in all fields. However, other fields do not make sense except in fields defined to be of a certain type.</p>
141
 
142
<p>There are two major types defined, <em>text</em> and <em>textarea</em>, which have a direct correlation to the html entities of these names. Currently, there is limited supports for the types but they are placed there for future expansion whereby validation and helper scripts could allow differentiation between text, numeric, dates, etc...</p>
143
 
144
<p>Table 3 shows the variable definitions available in a $FIELDS entity</p>
145
 
146
<table>
147
  <thead>
148
    <tr>
149
      <th>Key</th>
150
      <th>Description</th>
151
      <th>Applicable To</th>
152
      <th>Default</th>
153
    </tr>
154
  </thead>
155
  <tbody>
156
    <tr>
157
      <td>varname</td>
158
      <td>unique name of variable on form. THIS IS REQUIRED and must be distinct from other names. Note that this is also the column name if storing results in a database (see below)</td>
159
      <td>All Elements</td>
160
      <td><strong>None. Required</strong></td>
161
    </tr>
162
    <tr>
163
      <td>type</td>
164
      <td>'text' or 'textarea'. 1-1 correlation with the html entities of the same name</td>
165
      <td>All Elements</td>
166
      <td>text</td>
167
    </tr>
168
    <tr>
169
      <td>cols</td>
170
      <td>Number of columns to display in &lt;textarea&gt;</td>
171
      <td>textarea</td>
172
      <td>$maxDisplayWidth</td>
173
    </tr>
174
    <tr>
175
      <td>rows</td>
176
      <td>Number of rows to display in &lt;textarea&gt;</td>
177
      <td>textarea</td>
178
      <td>10</td>
179
    </tr>
180
    <tr>
181
      <td>class</td>
182
      <td>Overrides the CSS class for the field</td>
183
      <td>All Elements</td>
184
      <td>text-area</td>
185
    </tr>
186
    <tr>
187
      <td>maxlength</td>
188
      <td>Maximum length of &lt;input&gt; field</td>
189
      <td>text</td>
190
      <td>unlimited</td>
191
    </tr>
192
    <tr>
193
      <td>size</td>
194
      <td>display size of &lt;input&gt; field</td>
195
      <td>text</td>
196
      <td>lesser of maxlength and $maxDisplayWidth</td>
197
    </tr>
198
    <tr>
199
      <td>required</td>
200
      <td>if true or 1, the form will not process unless a value is placed within the field</td>
201
      <td>All Elements</td>
202
      <td>false</td>
203
    </tr>
204
  </tbody>
205
</table>
206
 
207
 
208
<h3>Example Code</h3>
209
 
210
<p>Following is an example of a contact_us_local.php, with a discussion below</p>
211
<pre>
212
&lt;?php
213
   $HEADER = 'Daily Data, Inc.&lt;br&gt;
214
              Post Office Box 140645&lt;br&gt;
215
              Dallas  TX  75214-0465&lt;br&gt;
216
              214.827.2170&lt;br&gt;
217
              &lt;p&gt;Please use the form below to send us your questions or concerns.
218
                 We review all messages sent to us and will try to reply as soon as possible.
219
                 Thank you.&lt;/p&gt;';
220
   $SUCCESS_MESSAGE = 'Thank you. Your e-mail has been sent and will be processed by our
221
                       staff on the next business day. We appreciate your comments and suggestions';
222
   $FAILURE_MESSAGE = "I'm sorry, your message was not able to be sent, please try again later";
223
   $WINDOW_WIDTH = 620;
224
   $WINDOW_HEIGHT = 620;
225
   $MAX_DISPLAY_WIDTH = 40;
226
   $CATEGORIES = array(
227
                       7 => array('title' => 'Web Site Issues',
228
                                  'email' => 'webmaster@mydomain.com'
229
                                  ),
230
                       3 => array('title' => 'Request for Information',
231
                                  'email' => 'sales@mydomain.com',
232
                                  'subject' => 'Sales inquiry from web'),
233
                       1 => array('title' => 'Work Request',
234
                                  'email' => 'helpdesk@mydomain.com',
235
                                  'subject' => 'CLIENT WORK REQUEST')
236
                     );
237
 
238
   $FIELDS = array (
239
                     1 => array( 'title'     => 'Name',
240
                                 'type'      => 'text',
241
                                 'varname'   => 'name',
242
                                 'max length'=> 30,
243
                                 'class'     => 'text-field',
244
                                 'required'  => true
245
                              ),
246
                     3 => array( 'title'     => 'Company Name',
247
                                 'type'      => 'text',
248
                                 'varname'   => 'company_name',
249
                                 'max length'=> 30
250
                              ),
251
                     7 => array ('title'    => 'Phone Number',
252
                                 'varname'  => 'phone',
253
                                 'type'      => 'text',
254
                                 'max length'=> '15',
255
                                 'required'  => true
256
                              ),
257
                     8 => array ('title'    => 'e-mail',
258
                                 'varname'  => 'email',
259
                                 'type'      => 'text',
260
                                 'max length'=> '64',
261
                                 'required'  => true
262
                              ),
263
                     9 => array( 'title'     => 'Contact Instructions',
264
                                 'type'      => 'textarea',
265
                                 'varname'   => 'contact_instructions',
266
                                 'columns'   => 40,
267
                                 'rows'      => 4,
268
                                 'class'     => 'text-area'
269
                              ),
270
                     10 => array( 'title'     => 'Message',
271
                                 'type'      => 'textarea',
272
                                 'varname'   => 'message',
273
                                 'columns'   => 40,
274
                                 'rows'      => 10,
275
                                 'class'     => 'text-area'
276
                              )
277
                  );
278
 
279
&gt;
280
</pre>
281
 
282
<h3>Discussion of Example</h3>
283
 
284
<p>The first five lines after &lt;?php are fairly self explainatory. They simply define some variables.</p>
285
<ul><li>$HEADER will be placed at the top of the form. NOTE that this can have embedded graphics, whatever. It is your header</li>
286
<li>$SUCCESS_MESSAGE and $FAILURE_MESSAGE are displayed upon success or failure of the form action</li>
287
<li>$WINDOW_WIDTH and $WINDOW_HEIGHT are used to determine the height and width of the window created</li>
288
<li>$MAX_DISPLAY_WIDTH sets the maximum display width on all text and textarea fields to 40</li>
289
</ul>
290
 
291
<p>The next block defines the categories available. Note that there are three, and the order will be Work Request, then Request for Information, then Web Site issues. Each of these go to a separate e-mail address, and each will have a subject defined in above except for Web Site Issues. Since this has no Subject defined, it will use the category title (Web Site Issues) as its subject line.</p>
292
 
293
<p>The final block definess the fields that are displayed. Note that we are going to ask for 6 fields, two of which are required (e-mail and name). Since Message and Contact Information are free form and may contain multiple lines, we make the type='textarea'</p>
294
 
295
<h3>Database Integration</h3>
296
 
297
<P>contact_us now has the ability to store the results of a form submission into a database in addition to, or instead of, e-mailing the results (ie, any one or more actions)</P>
298
 
299
<p>This is set up currently through a series of defines. Table 4 shows these:</p>
300
 
301
<table>
302
  <caption><emp>Table 4: </emp>Database Required Constants</caption>
303
  <thead>
304
    <tr>
305
      <th>Constant</th>
306
      <th>Description</th>
307
    </tr>
308
  </thead>
309
  <tbody>
310
    <tr>
311
      <td>DATABASE</td>
312
      <td>The database to connect to. This is currently only available for MySQL</td>
313
    </tr>
314
    <tr>
315
      <td>DB_TABLE</td>
316
      <td>The table in the database that contains columns compatible with the form (see notes)</td>
317
    </tr>
318
    <tr>
319
      <td>DB_USERNAME</td>
320
      <td>user name that has write access to the above table</td>
321
    </tr>
322
    <tr>
323
      <td>DB_PASSWORD</td>
324
      <td>Password for above user. NOTE, this is very insecure at this point as anyone with read access to your web directory would have access to your database</td>
325
    </tr>
326
  </tbody>
327
</table>
328
 
329
<p><strong>DB_TABLE Requirements</strong> DB_TABLE must contain a column for each varname defined in the $FIELDS array, and the type of the column must be compatible with the possible values inputted. Remember, Never Underestimate the Power of Human Stupidity (Robert Heinlein, <quote>Time Enough for Love</quote>). Just because you tell someone to put a numnber into a field does not mean they will do so, and the current verions of contact_us does not verify that a field is numeric. I would suggest using only varchar and text columns.</p>
330
 
331
<p>When the form is posted, contact_us will open a connection with the database and insert a new row containing the values from the form. Be very, very careful with this function; consider it beta until further testing is performed.</p>
332
 
333
If the following code were added to the above example, it would add a separate action to be performed after the e-mail was sent.
334
 
335
<pre>
336
   define (DATABASE,'web_requests');
337
   define (DB_TABLE, 'web_info');
338
   switch ($_SERVER['SERVER_NAME']) {
339
      case 'localhost' : define (DB_USERNAME, 'test' );
340
                         define (DB_PASSWORD, 'test' );
341
                         break;
342
       case 'server.mydomain.com' :
343
       case 'alias.mydomain.com'     :
344
       case 'alias'    : define (DB_USERNAME, 'timetracker' );
345
                                define (DB_PASSWORD, 'timetracker' );
346
                                 break;
347
   }
348
</pre>
349
 
350
<p>When a form was submitted, contact_us would connect to the database web_request using the username and password determined by the switch statement. It would then create an SQL statement as follows:</p>
351
 
352
<pre>
353
   insert into web_info (name,company_name,phone,email,contact_instructions,message)
354
      values (
355
         makeSafeSQLValue($_POST['name']),
356
         makeSafeSQLValue($_POST['company_name']),
357
         makeSafeSQLValue($_POST['phone']),
358
         makeSafeSQLValue($_POST['email']),
359
         makeSafeSQLValue($_POST['contact_instructions']),
360
         makeSafeSQLValue($_POST['message']),
361
      )
362
</pre>
363
 
364
<h5>Note: makeSafeSQLValue is a function that validates, escapes and quotes a value in preparation for inclusion in an SQL statement. It also returns the unquoted string <em>null</em> if the value is not set</h5>
365
 
366
 
367
 
368
</body>
369
</html>