simple php mail function error

Forum Moderators: coopster

Message Too Old, No Replies

simple php mail function error

getting unexpected t_variable error

togethercomms

11:21 am on Aug 17, 2009 (gmt 0)

Hi everyone,

I have ceated a simple mail script and was wondering if someone can help me find an error in the code.

I am getting an error on line 4 which is an unexpected T_VARIABLE i have had these before and its usually a space on the <?php or missing a curly brace or semi-colon, but a cannot see that in this.

Can anyone notice anything or am i just being stupid?

Many Thanks


<?php
$to = "email goes here";
$subject = "Contact form";
$message = "From:"$_REQUEST['name']"<br><br> Reply E-mail:"$_REQUEST['email']"<br><br> Telephone Number:"$_REQUEST['tel']"<br><br> Current Job Title:"$_REQUEST['jobtitle']"<br><br> Current Employer:"$_REQUEST['employer']"<br><br> Does this person wish to be contacted:"$_REQUEST['contact'];
$headers = "From: $email";
$sent = mail($to, $subject, $message, $headers) ;
if($sent)
{print "Congrats"; }
else
{print "We encountered an error sending your mail"; }
?>

rocknbil

4:17 pm on Aug 17, 2009 (gmt 0)

Your variables are echoed raw next to quoted text literals, try concatinating - note the dots I've added.

// changes here
$message = "From:" . $_REQUEST['name'] . " Reply E-mail:" . $_REQUEST['email'] . " Telephone Number:" . $_REQUEST['tel'] . " Current Job Title:" . $_REQUEST['jobtitle'] . " Current Employer:" . $_REQUEST['employer'] . " Does this person wish to be contacted:" . $_REQUEST['contact'];
// end changes

Also I know you're just trying to get this to work, but I hope you are filtering $_REQUEST before putting them in your program, this is a recipe for email injection.

togethercomms

4:25 pm on Aug 17, 2009 (gmt 0)

How do you mean?
I'm using a validator on the form and anti-spam code.

Also it's now working but it's not actually sending the email, i know this is pretty newbie stuff.

Many Thanks

sonjay

5:27 pm on Aug 17, 2009 (gmt 0)

Where do you want it to send the email to? You need to specify that address as the value for the $to variable:

$to = "email goes here";

Should be something like this:

$to = "me@example.com";

rocknbil

3:24 am on Aug 18, 2009 (gmt 0)

How do you mean?

Are you referring to my comment about filtering?

Do a search for this:

email injection site:webmasterworld.com

There are hundreds of ways to abuse mailers to send spam. A hacker doesn't even need to visit your form, they just need to know the location of your form processor and they can post data to it via command line.

Did the concatenation work? It should . . .

togethercomms

10:15 am on Aug 18, 2009 (gmt 0)

thanks got it all working, i was looking in the wrong email box, on the wrong server, i have servers coming out of my ears.

Hard to keep track of eberything.

Many Thanks for your help

togethercomms

11:22 am on Aug 19, 2009 (gmt 0)

i just noticed that the radio box selection isn't appearing on the email.

You can select yes or no and none of them are appearing.