Appendix A: Tips

Phorm™ v3.5.2

Appendix A: Tips

If you would like to have the visitor confirm their data before it is sent to you, you'll need to call Phorm twice, with two different configuration files. The first time, don't define $PHORM_TMPL (or any of the text- or MySQL-logging variables). In your ack template, display all the data as desired, and include another HTML form that calls Phorm and contains all the data in HIDDEN fields; this time you'll define $PHORM_TMPL and any desired logging variables, and your ack template will just say something like "Thank you, your information has been received."

For example, let's say your initial form says:

   <FORM METHOD=POST ACTION="phorm.php">
   <INPUT TYPE=HIDDEN NAME="PHORM_CONFIG" VALUE="config1.php">
   Please enter your name: <INPUT TYPE="TEXT" NAME="VisitorName">
   <INPUT TYPE=SUBMIT>

On your acknowledgement page, then, you would have

   <FORM METHOD=POST ACTION="phorm.php">
   <INPUT TYPE=HIDDEN NAME="PHORM_CONFIG" VALUE="config2.php">
   <INPUT TYPE=HIDDEN NAME="VisitorName" VALUE="{{VisitorName}}">

   The name you entered was {{VisitorName}}. If this is correct,
   click on the Submit button below; otherwise, use your browser's
   BACK button to return to the form.
   <INPUT TYPE=SUBMIT>

In the ack template for the first page, be sure to include a HIDDEN field for each field that you want to carry over. In the config file for the first page, you would have nothing but the acknowledgement template set up. In the second one, you would have Phorm do the emailing, logging, etc. Important Note: since you are not sending the data to yourself with the first page, nor logging it anywhere, you need to set the $PHORM_INFONLY variable. See the section Info-Only Forms for details.

Multi-value Form Fields

If a field on your form can have more than one value, for example a group of CHECKBOXes or a SELECT with the MULTIPLE attribute, PHP will return only the last value unless you indicate to it that it's an array. Do this by adding [] to the end of the name. For example:

   <INPUT TYPE=CHECKBOX NAME="Color[]" VALUE="red">
   <INPUT TYPE=CHECKBOX NAME="Color[]" VALUE="blue">
   <SELECT NAME="Type[]" MULTIPLE SIZE=5>

Then you will need to use the Phorm function ArrayToList to convert it to a plain character string. See the section Formatting Your Data for details.

Variable Recipient

If you would like to have the form content sent to a different email based on, say, a dropdown menu on your form, here's the way to do it. First, create your menu with numeric option values:

   <SELECT NAME="Recipient">
     <OPTION VALUE=1>Bob White</OPTION>
     <OPTION VALUE=2>Mia Sparrow</OPTION>
     <OPTION VALUE=3>Steven Seagull</OPTION>
   </SELECT>

Then, in your config file create an array with the desired addresses:

  $Address[1] = 'bobwhite@mydomain.com';
  $Address[2] = 'msparrow@mydomain.com';
  $Address[3] = 'ssgull@mydomain.com';

and assign the appropriate value to $PHORM_TO based on the value of $Recipient:

  $PHORM_TO = $Address[$Recipient];

OR Fields

You can require one field OR another, by concatenating them in a REQ rule. Example:

   CRIT: REQ
   FFLD: Field1.Field2
   MESG:
   You must fill out either Field1 or Field2.
   Please use the BACK button. . . . .
   ###

Setting $PHORM_ROOT

If you are using the Apache web server with the mod_env module installed, you can set $PHORM_ROOT using the SetEnv directive in your .htaccess file:

   SetEnv PHORM_ROOT /path/to/your/directory

Header and Footer templates

Many people have header and footer files which contain formatting and other things that are common across their web site, and would like to have these included in the ack template and error template. You can put PHP code in your templates to accomplish this, but if you don't want to do that, one of the most overlooked features of Phorm is the ability to include PHP code in the config files. You can load your header and footer files into variables using the PHP file() function, then just use regular Phorm variable substitution to include them in your templates. For example:

   $Header = implode("", file("header.html"));
   $Footer = implode("", file("footer.html"));

Then, in your template file:

   {{Header}}

   Thanks for your entry. Blah blah blah.

   {{Footer}}

Timestamp

To create a timestamp to be included in templates or logs, use the PHP date() function. For example:

   $TimeStamp = date("H:i:s m/d/y");

$TimeStamp can then be used like any other variable or form field in your templates and logs. For more information on the date() function, see the PHP documentation.

Formatting a date for DATECMP

The input for the DATECMP criterion must be in m/d/y format. However, you may not want your visitors to have to input in that way; for example you may want to use SELECTs for month, day and year and then convert it to m/d/y format. Again, this requires a little PHP code in your configuration file. Let's say you have fields Month, Day and Year on your form. In your config file, just put:

   $DateValue = "$Month/$Day/$Year";

Of course, make sure that you're passing numeric values for these from your form. Then just use the DateValue variable in your validation rule.

To convert the month/year of a credit card expiration date to a form that can be used with DATECMP, assuming fields named ExpMonth and ExpYear:

  $ExpDate = date('m/t/Y', strtotime("$ExpMonth/1/$ExpYear"));

This creates a date stamp with the last day of the expiration month; just use ExpDate in your validation rule.

Column Headers

If you are converting a set of arrays to a table with the ArrayToTable function, you can add column headers to the table if desired. There is a PHP function called array_unshift(), which adds an element to the beginning of an array. Assuming the arrays used in the examples for the ArrayToTable function, you would add this to your config file:

  array_unshift($Qty,   'Quantity');
  array_unshift($Item,  'Item Description');
  array_unshift($Color, 'Color');

To add headers to a single array which represents table rows, for example, data returned by the dbQuery plugin:

  array_unshift($PHORM_DBQRSLT[1], array('Qty', 'Item', 'Color'));

Compare Fields

You can compare two fields to ensure they match, using the EQ criterion. Example:

   CRIT: EQ
   ARGS: {{ConfirmPassword}}
   FFLD: Password
   MESG:
   The password fields must match.
   ###

Securing Credit Card Data

There is a good method of securing credit card data using Phorm. Putting your form on a secure server to protect your visitors' credit card data is good, but the problem is that, once that data leaves the server in an email to you, it's no longer secure. One solution is to divide the credit card number into two parts; one part is emailed to you, and the other is logged to a text log file that remains on the secure server. Then, when you get the first part in the email, you simply go the URL of that text file and get the other part. To do this, use four fields in your form for the credit card number (you could use two, one for each half of the number, but since most credit card numbers have four groups of digits, this is a more natural division and less confusing to visitors). For example:

   <INPUT TYPE=TEXT NAME="CC1" SIZE=4 MAXLENGTH=4>
   <INPUT TYPE=TEXT NAME="CC2" SIZE=4 MAXLENGTH=4>
   <INPUT TYPE=TEXT NAME="CC3" SIZE=4 MAXLENGTH=4>
   <INPUT TYPE=TEXT NAME="CC4" SIZE=4 MAXLENGTH=4>

Then, simply log CC1 and CC2 to a text file using the text logging feature, and email CC3 and CC4 to yourself.

If you split the number this way and want to check the credit card number with the CCARD criterion, you'll need to join the parts in the FFLD component of the rule:

   CRIT: CCARD
   ARGS: CType
   FFLD: CC1.CC2.CC3.CC4