WebsiteBaker Community Forum

WebsiteBaker Support (2.10.x) => Modules => Topic started by: creativecat on January 17, 2018, 10:10:34 PM

Title: Problem with Form v3.1.4
Post by: creativecat on January 17, 2018, 10:10:34 PM

I updated WebsiteBaker to the very current version and also Form (https://addon.WebsiteBaker.org/pages/en/browse-add-ons.php?id=0C666AD2&lang=EN). When the form is submitted (with no success page set), the success page is empty. I could find out, that $_SESSION['form_submission_id'] is (nearly always) already changed at the beginning of the view.php and this means, that the if-clause in line 320 (view.php) can't be true ... I couldn't repr when the session is changed...
Am I the only guy having troubles on this? Any suggestions?

Title: Re: Problem with Form v3.1.4
Post by: creativecat on January 17, 2018, 10:30:16 PM

I found out, that everything works fine with deactivated JavaScript. But there is nothing about sessions in the loaded script...

Title: Re: Problem with Form v3.1.4
Post by: hgs on January 18, 2018, 07:42:36 AM

We need a little more info
Which WB version?
Which php version
Strict mode of the DB

Title: Re: Problem with Form v3.1.4
Post by: creativecat on January 18, 2018, 10:14:50 AM

Sorry - of course you need some more information ;-)

WB 2.10.0
PHP 7.1.13
mySQL 5.7.20-19 (Percona Server)

The problem appears on different browsers (Chrome, Firefox, Safari) and different versions.

Title: Re: Problem with Form v3.1.4
Post by: Gast on January 18, 2018, 01:30:23 PM

maybe, we talk from different script's....    :| :-o

view.php from Form Vers 3.1.4 (delivered in WB 2.10.0)

Line 319 - 331

if(ENABLED_ASP && ( // form faked? Check the honeypot-fields.
            (!isset($_POST['submitted_when']) OR !isset($_SESSION['submitted_when'])) OR
            ($_POST['submitted_when'] != $_SESSION['submitted_when']) OR
            (!isset($_POST['email']) OR $_POST['email']) OR
            (!isset($_POST['homepage']) OR $_POST['homepage']) OR
            (!isset($_POST['comment']) OR $_POST['comment']) OR
            (!isset($_POST['url']) OR $_POST['url'])
        )) {
            // spam
            header("Location: ".WB_URL."");
            exit();
        }

there is no form_submission_id

every form get a submission_id, if you send it, and the script generates a new one, if it's receive the form, so that you have a new ID, when you send this form again (if you forget to fill-out something)

the control-code here in my quote is the check for ASP (Anti-Spam-Protection). if it's enabled in AdminTools-> Captcha & Spam Protection, it check's the POST-Variables for the Honeypot-fields

maybe you check the POST with

Code: [Select]

echo "<pre>POST: <br />";
print_r( $_POST );
echo "</pre>";
nearly to line 291 after the comment // $_POST form was send

Title: Re: Problem with Form v3.1.4
Post by: creativecat on January 18, 2018, 01:56:21 PM

The Attribute in $_SESSION is called "form_submission_id" (take a look at line 137). The attribute in $_POST is called "submission_id".

ASP is disabled so line 319 is obsolete as first statement returns false.

The problem appears on line 295...

I'm not sure, whether I could solved the problem by updating the NivoSlider javascript. After realizing, that with JS disabled everything works fine, I disabled all scripts and enabled them step by step...
I let you know if I solved the problem successfully after the last checks are made.

Title: Re: Problem with Form v3.1.4
Post by: Gast on January 18, 2018, 11:59:02 PM

i try, to explain it, maybe difficult in english...

view.php

the first lines....

it generate a submission_id (in line 137) and add this submission_id to the (fresh) session (also Line 137)  and also as hidden field into the form (Line 178)

then it loads the form setting and build the form with the hidden submission_id-field. the visitor fill this form and submit it to the same adress (view.php)
in normal case, is now the $_SESSION['form_submission_id'] == $_POST['submission_id']

is everything is okay, the view.php check both ID's (in Line 293ff) and send the form and builds a new $_SESSION['form_submission_id'] in Line 317, so that you can send this form only one time and not with a reload from the page again and again

after sending the mail, the script destroy the session (only in the new version from the actual WB 2.11 RC1-Test)

is $_SESSION['form_submission_id'] is not equal to $_POST['submission_id'], the view.php do nothing, it will show the form again, no proovement for empty required field, no warning for a empty or wrong captcha and no info-mail to the admin, no insert in the submission-list and -databasetable

if the job is done, (insert this result in database, sending the mail(s)), the script reads your form settings, specially the success-Action
if you choose no own success-page, it collect the datas and add it into the template,
if you choose a success-page, it make's a javascript-redirect with
<script>location.href='".$sSuccessLink."';</script> - $sSuccessLink is the wblink to the selected page

to show a text only, you have to define this text in the form settings first

###################

i didnt see any connection to you Nivoslider-Upgrade, if you use no-success-page
Maybe, you can check some little things
- do you have a success-text in your form settings?
- stay this text always, if you reload the form-settings-page in this field?

if you send the form...
- add the script a new record in your database (table: mod_form_submission s)?
- do you see any output about the success in your sourcecode from the page after sending?

a code like this

Code: [Select]

<table class="frm-submission print-email">
    <thead>
        <tr class="frm-thankyou">
            <td colspan="2">Vielen Dank für Ihre Nachricht