Html template WTF
-
So, one friend asked me to build him a small website. Just a couple of static pages with a gallery and a contact form, the usual boring stuff.
I'm not a web designer/developer but i've built some web UIs with HTML/CSS/Javascript so that's no big deal.I bought an html template that he liked and then i started to put the content on it.
The quality was mediocre and some stuff wtf-ish, but sufficiently usable.
Then i got to the contact form.(WTF, no button to code-format on thedailywtf wysiwyg editor)
script.js:
$(document).ready(function(){
$("form").submit(function(){
var str = $("form").serialize();
$.ajax({
type: "POST",
url: "contactform/contact.php",
data: str,
success: function(msg){
$("#note").ajaxComplete(function(event, request, settings){
if(msg == 'OK'){ // Message Sent? Show the 'Thank You' message and hide the form
result = '<div class="notification_ok">Your message has been sent. Thank you!</div>';
$("#fields").hide();
}else{
result = msg;
}
$(this).html(result);
});
}});
return false;
});
});contact.php:
<?php
include 'config.php';
error_reporting (E_ALL ^ E_NOTICE);
$post = (!empty($_POST)) ? true : false;
if($post)
{
include 'functions.php';
$name = stripslashes($_POST['name']);
$email = trim($_POST['email']);
$subject = stripslashes($_POST['subject']);
$message = htmlspecialchars($_POST['message']);
$error = '';
// Check name
if(!$name)
{
$error .= 'Please enter your name.<br />';
}
// Check email
if(!$email)
{
$error .= 'Please enter an e-mail address.<br />';
}
if(!$subject)
{
$error .= 'Please enter a subject.<br />';
}
if($email && !ValidateEmail($email))
{
$error .= 'Please enter a valid e-mail address.<br />';
}
// Check message
if(!$message)
{
$error .= "Please enter your message.<br />";
}
if(!$error)
{
$mail = mail(WEBMASTER_EMAIL, $subject, $message,
"From: ".$name." <".$email.">\r\n"
."Reply-To: ".$email."\r\n"
."X-Mailer: PHP/" . phpversion());
if($mail)
{
echo 'OK';
}
}
else
{
echo '<div class="notification_error">'.$error.'</div>';
}
}
?>WTFs:
- the script hooks the submission of any form. The script is included in every page.
- registering a global ajax completition handler INSIDE the completition handler itself
- magic strings and html mixed with the mail sending logic
- obvious comment, which also lies since there is no element called "fields"
- useless ternary operator
- wrong logic in "email" argument checking
- unhandled error return condition from mail()
- functions.php only contains the ValidateEmail function, which checks if the regex succeeds by checking if the resulting array is not empty
-
@Zmaster said:
registering a global ajax completition handler INSIDE the completition handler itself
Success is the success handler, not the complete handler.
- The success handler runs before the complete handler, when the request gets a 20x successful response.
- The error handler runs before the complete handler, when the request gets a 40x or 50x client or server error as a response.
- The complete handler always runs and will do so after either a success or error handler, if any is specified.
Having said that: it doesn't make the code any less of a WTF.
-
Ok, that was a typo. What i meant is that it's registering a new global handler every time the ajax is successful instead of just executing what it needs to be done in that success handler.
-
@Ragnax said:
- The success handler runs before the complete handler, when the request gets a 20x successful response.
- The error handler runs before the complete handler, when the request gets a 40x or 50x client or server error as a response.
- The complete handler always runs and will do so after either a success or error handler, if any is specified.
Thank you for having me learn something useful while browsing TDWTF today ;)