PHP Form/Database/Mail help

[Guest garetho123]

Hi i'm having some problems with my coding, i think i may be trying to do too much with a single form. I'm trying to do the following:Take user input from a forms ranging from 4-15 elements.Validate the input, if invalid repost the form with error messagesIf the form is valid, build an XML message using the inputStore the form entries plus the XML document in mySQL (BLOB for the XML)E-Mail the receiver with the file as at attachment (not started this area yet, but will probably appear on the second page).Once this is done i want to forward the user to a next page which basically says, thank you...xml message contents are as follows...and a link to the XML document.I've managed to do all of these things seperately but when i try and bring all the code together something doesn't work correctly.Is there a different way to forward to the user to the second page as the header() function doesn't work when the DB and XML code is placed in the 'else' section of the code. Also it only works when placed at the top of the page and when i do this the error message's then do not appear in the right place.When i did get it to forward to the next page the variables used were not passed through so i couldn't display the contents of the XML document.Basically if someone could just point me in the right direction in relation to structuring the code so the errors are output in the right place (just above where the form is output" and how to forward to a second page as discussed. Any help with PHP's mail() function would be a bonus as well.The error i'm getting with the header() function is "headers already sent".

<?		session_start();		session_destroy();				$submit=$_POST['submit'];		if($submit)		{			$sender = $_SESSION['username'];			$receiver = $_POST['receiver'];				  $orderid = $_POST['orderid'];				 $datereceived = $_POST['datereceived'];				 $shipto = $_POST['shipto'];			$shippingcost = $_POST['shippingcost'];			$datesent = $_POST['datesent'];			$message = $_POST['message'];			  // server side validation initialize a variable to put any errors into an array			$errors = array();	   	   if(!preg_match("/^[0-9]{4,6}$/", $orderid))				{					   $errors[] = "*Order ID Must be between 4 and 6 digits";	//store error in array			 }		  	   if(!preg_match("/^([1-9]|0[1-9]|1[012])\D([1-9]|0[1-9]|[12][1-9]|3[01])\D(19[0-9][0-9]|20[0-9][0-9])$/", $datereceived))	   			   {				$errors[] = "*Invalid Date Received (correct format is mm/dd/yyyy or m/d/yyyy)";			}						//preg_match ship_to				   if(!preg_match("/^\s*[£]?\s*\d+(\.\d{2})?\s*$/", $shippingcost))	   			   {				$errors[] = "*Invalid Shipping Cost, please enter a valid currency value";			}				   if(!preg_match("/^([1-9]|0[1-9]|1[012])\D([1-9]|0[1-9]|[12][1-9]|3[01])\D(19[0-9][0-9]|20[0-9][0-9])$/", $datesent))	   			   {				$errors[] = "*Invalid Date Sent (correct format is mm/dd/yyyy or m/d/yyyy)";			}					  	   if (count($errors)>0)			   {			//if any errors found print and display the errors.				  				echo "<strong>ERROR:<br \>\n";					  foreach($errors as $err)						echo "$err<br \></strong>\n";									} else {								$xmldocument = simplexml_load_file('shippingnotice.xml');				$xmldocument->order[0]->sender = $sender;				$xmldocument->order[0]->receiver = $receiver;				$xmldocument->order[0]->orderid = $orderid;				$xmldocument->order[0]->datereceived = $datereceived;				$xmldocument->shipping[0]->shipto = $shipto;				$xmldocument->shipping[0]->shippingcost = $shippingcost;				$xmldocument->shipping[0]->datesent = $datesent;				$xmldocument->shipping[0]->message = $message;				echo $xmldocument->asXML('shippingnoticenew.xml');				$_SESSION['filename'] = "shippingnoticenew.xml";							// Connect database.			$host="localhost"; // Host name.			$db_user="root"; // MySQL username.			$db_password=""; // MySQL password.			$database="xml"; // Database name.			mysql_connect($host,$db_user,$db_password);			mysql_select_db($database);	$query1="INSERT INTO `shippingnotice` ( `shipping_msg_id` , `sender` , `receiver` , `orderid` , `datereceived` , `shipto` , `shippingcost` , `datesent` , `message` , `xml_file` ) VALUES ( '' , '$sender', '$receiver', '$orderid', '$datereceived', '$shipto', '$shippingcost', '$datesent', '$message', 'shippingnoticenew.xml')";	$result=mysql_query($query1) or die("Couldn't add users");	print "Thank You File Added";		//mail()								header("location:shipping-2.php" );												   }		}		   	?>	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"	"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">	<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">	<head>	<title>Web EDI Interface</title>	<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />	<meta name="description" content="Web EDI Interface" />	<link rel="stylesheet" href="formstyle.css" type="text/css" />	<script LANGUAGE="JavaScript">	function popUp(URL) {	day = new Date();	id = day.getTime();	eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=1,resizable=1,width=800,height=600,left = 300,top = 300');");	}	</script>	</head>	<body>	<div id="left">	<h1>XML</h1>	<h2>Message Interface</h2>	<div id="nav">	<a href="index.php">Home</a> 	<a href="create.php">Create</a> 	<a href="downloads.php">Downloads</a> 	<a href="faq.php">FAQ</a> 	<a href="contact.php">Contact</a> 	<a href="#">Logout</a></div>	<h3>Last Updated</h3>	<p>28/03/2007</p>	</div>	<div id="right">	<h1>Welcome...</h1>	<h2>Username</h2>	<h3> home </a> > Create > Shipping Notice </h3>	<p>Welcome to the 'Create' Area for the Shipping Notice message type. Other message types are available by pressing the back buttton on your browser, for help refer to the FAQ or individual help '?' next to each form entry.</p>	<p>Please fill out all form elements and press the send button. Invalid entries will be rejected and you will be asked to re-type information. Valid entries will be forwarded to the XML create area. </p>	   <form name="shippingnotice" method="post" action="<? echo $_SERVER['PHP_SELF']; ?>">	<table cellspacing='16' cellpadding='0' border='0'  >		<tr>			<td class="form_field" valign='top' align='right'>Receiver </td><td width='10'  aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>			<td class="form_text">	<select name="receiver">	<option value=''>- Select -</option>	<option  value="Number 1"  > Number 1	<option  value="Number 2"   > Number 2	<option  value="Number 3"  > Number 3	</select> <a href="java script:popUp('shippinghelp.php')">?</a>		</td>		</tr>		<tr>			<td class="form_field" valign='top' align='right'>Order Identification Number (6 Digits) </td><td width='10'  aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>			<td class="form_text">	<input type="text" name="orderid" <?php if (isset($errors)){ echo 'value="'.htmlentities($_POST['orderid']).'"';}?>> <a href="java script:popUp('shippinghelp.php')">?</a>		</td>		</tr>		<tr>			<td class="form_field" valign='top' align='right'>Date Recieved (mm-dd-yyyy) </td><td width='10'  aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>			<td class="form_text">			<input type="text" name="datereceived"  <?php if (isset($errors)){ echo 'value="'.htmlentities($_POST['datereceived']).'"';}?>> <a href="java script:popUp('shippinghelp.php')">?</a>		</td>		</tr>		<tr>			<td class="form_field" valign='top' align='right'>Ship To </td><td width='10'  aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>			<td class="form_text">	<textarea name="shipto" rows=4 cols=25 <?php if (isset($errors)){ echo 'value="'.htmlentities($_POST['shipto']).'"';}?>></textarea> <a href="java script:popUp('shippinghelp.php')">?</a>		</td>		</tr>		<tr>			<td class="form_field" valign='top' align='right'>Shipping Cost </td><td width='10'  aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>			<td class="form_text">	<input type="text" name="shippingcost"  <?php if (isset($errors)){ echo 'value="'.htmlentities($_POST['shippingcost']).'"';}?>> <a href="java script:popUp('shippinghelp.php')">?</a>		</td>		</tr>		<tr>			<td class="form_field" valign='top' align='right'>Date Sent (mm-dd-yyyy) </td><td width='10'  aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>			<td class="form_text">			<input type="text" name="datesent"  <?php if (isset($errors)){ echo 'value="'.htmlentities($_POST['datesent']).'"';}?>> <a href="java script:popUp('shippinghelp.php')">?</a>		</td>		</tr>		<tr>			<td class="form_field" valign='top' align='right'>Additional Message (optional) </td><td width='10'  aligh='right' valign='top'></td>			<td class="form_text">	<textarea name="message" rows=4 cols=25 <?php if (isset($errors)){ echo 'value="'.htmlentities($_POST['message']).'"';}?>></textarea> <a href="java script:popUp('shippinghelp.php')">?</a>		</td>		</tr>		<tr><td colspan=3 align='center'><input name='submit' type='submit' value='Submit'>	<input type='button' value='Cancel' onClick="location.href='/';"></td></tr>	</table>	</form>	<h3>Website Information</h3>	<p>© 2007 Design by <a href="mailto:garethowens@gmail.com">Gareth Owens</a></p>	</div>	</body>	</html>

[justsomeguy]

You need to separate the PHP logic from the output, then you can use headers wherever you want. Structure your page like this:

<?php// all processing logic// check for submission, validate form, add to database, save files, send email, etc?><html>  <head>	...  </head>  <body><?php// figure out what to display in the body of the page based on what happened on the top// if there were errors, display them now// if everything is fine, show a thank you message or whatever else?>  </body></html>

The point is to remove all output from the top of the page. The very first thing that the browser should receive as output is the <html> tag, which should be after all of the processing logic. Do not echo out the errors at the top when they happen, instead record them and echo them out later in the body after you're done processing. Same thing with the XML file, read it into a variable if you want, but don't display it until after all of the PHP is finished. If you remove all echo and print statements from the processing area of the page, then you can send a header whenever you want to. You might not even need to redirect, you can just display the thank you message in the body of the page instead of the form. Do what you need to do on top, set variables to tell you what is going on (if there are errors, what step they are on, etc), and then in the body look at those status variables and decide what you need to show the user.

[msd]

A faster way is to add ob_start(); on the first line of your file, but I strongly recommend using justsomeguy's method.