1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 7:58 pm Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Create Form - Send Confirmation To 2 Different Emails

Need help with form

         

kurazi

3:37 pm on Dec 10, 2009 (gmt 0)

10+ Year Member



Hi there,

I am new to PHP and I am having an issue creating a form that sends conformation to two different people. One needs to be sent to the person who fills the form out and one needs to be sent to the company who made the form.

What also needs to happen, is there is a field that asks the customer to enter their credit card. When the person who fills the form out receive the confirmation email, I need the credit card info to be X X X'd out. And when the company receives the email the credit card needs to be visible.

I have tried and what I have come up with sends 2 emails to both customer and company. They both receive 2 emails, one with it X X X'd out and another with the credit card, but that is not what I want. I need only 1 email each, customer with the credit card X X X'd out and company with it visible. Can anyone help me?

Here is my code: 

 <form name="form1" method="post"
 action="<?php echo $me;?>">
Too Large To Post 
</form>
<?php
 } else {
 error_reporting(0);
 $recipient = 'contact@example.com';
 $ID_Number = stripslashes($_POST['ID_Number']);
 $Surname = stripslashes($_POST['Surname']);
 $Given_name = stripslashes($_POST['Given_name']);
 $Email_Address = stripslashes($_POST['Email_Address']);
 $Contact_Change = stripslashes($_POST['Contact_Change']);
 $Address = stripslashes($_POST['Address']);
 $Municipality = stripslashes($_POST['Municipality']);
 $Province = stripslashes($_POST['Province']);
 $Postal_Code = stripslashes($_POST['Postal_Code']);
 $Phone_Home = stripslashes($_POST['Phone_Home']);
 $Phone_Work = stripslashes($_POST['Phone_Work']);
 $Phone_Work_Extension = stripslashes($_POST['Phone_Work_Extension']);
 $Card_Type = stripslashes($_POST['Card_Type']);
 $CreditCardName = stripslashes($_POST['CreditCardName']);
 $CardNumber = stripslashes($_POST['CardNumber']);
 $CardNumber1 = stripslashes($_POST['CardNumber1']);
 $CardNumber2 = stripslashes($_POST['CardNumber2']);
 $CardNumber3 = stripslashes($_POST['CardNumber3']);
 $Expiry_Month = stripslashes($_POST['Expiry_Month']);
 $Expiry_Year = stripslashes($_POST['Expiry_Year']);
 $Amount_Paid = stripslashes($_POST['Amount_Paid']);
 $vet_clinic_name = stripslashes($_POST['vet_clinic_name']);
 $Animal1_Name = stripslashes($_POST['Animal1_Name']);
 $Rabies_Month_Animal1 = stripslashes($_POST['Rabies_Month_Animal1']);
 $Rabies_Year_Animal1 = stripslashes($_POST['Rabies_Year_Animal1']);
 $Animal2_Name = stripslashes($_POST['Animal2_Name']);
 $Rabies_Month_Animal2 = stripslashes($_POST['Rabies_Month_Animal2']);
 $Rabies_Year_Animal2 = stripslashes($_POST['Rabies_Year_Animal2']);
 $Animal3_Name = stripslashes($_POST['Animal3_Name']);
 $Rabies_Month_Animal3 = stripslashes($_POST['Rabies_Month_Animal3']);
 $Rabies_Year_Animal3 = stripslashes($_POST['Rabies_Year_Animal3']);
 $DogOrCat = stripslashes($_POST['DogOrCat']);
 $Notes = stripslashes($_POST['Notes']);
 
 $sendto = $_POST['Email_Address'];
 $headers = "From: $recipient\r\n\r\n";
 $subject = "Dog & Cat Tag Renewal";
 $message = "Thank you for registering your pet with .\n
 Please keep this email as proof of your application for your 
 dog licence or cat identification tag.<br />
 Your confirmation Id is \n
 
 If you have any questions or concerns please call (xx)xx-xx
 and have your confirmation id available.\n
 Please allow 3 to 6 weeks for processing and delivery of your tags.\n
 
 ID #: $ID_Number\r\n
 Name: $Surname $Given_name\r\n
 E-Mail Address: $Email_Address\r\n
 Have you had a change in address or phone number over the last year?: $Contact_Change\r\n
 Address: $Address\r\n
 Municipality: $Municipality\r\n
 Province: $Province\r\n
 Postal Code: $Postal_Code\r\n
 Phone # - Home: $Phone_Home\r\n
 Phone # - Work: $Phone_Work\r\n
 Work Ext: $Phone_Work_Extension\r\n
 Card Type: $Card_Type\r\n
 Name of Cardholder: $CreditCardName\r\n
 Card #: #*$!X-#*$!X-#*$!X-$CardNumber3\r\n
 Expiry Date: $Expiry_Month $Expiry_Year\r\n
 Please indicate amount to be paid: $Amount_Paid\r\n
 Veterinarian Clinic Name: $vet_clinic_name\r\n
 Name of First Animal: $Animal1_Name\r\n
 Month and Year of Vaccination: $Rabies_Month_Animal1 $Rabies_Year_Animal1\r\n
 Name of Second Animal: $Animal2_Name\r\n
 Month and Year of Vaccination: $Rabies_Month_Animal2 $Rabies_Year_Animal2\r\n
 Name of Third Animal: $Animal3_Name\r\n
 Month and Year of Vaccination: $Rabies_Month_Animal3 $Rabies_Year_Animal3\r\n
 Breed Certification: $DogOrCat\r\n
 Notes: $Notes\r\n
 ";
 // Send mail to customer, refer to http://php.net/manual/en/function.mail.php
 mail($recipient, $subject, $message, $headers, $sendto);
 if (!mail) {
 echo "Message failed to send, please notify our Web Team.";
 } else {
 echo nl2br ("<center><br><br><br><br><br><br><br><br><br><br>Thank you. Your request has been sent and we will contact you shortly.<br><br><br><br><br><br><br><br><br><br></center>");
 }
 // Send mail to company
 $to = "contact@justspiffy.ca"; // who gets this one?
 $from = $sendto; // Set From to the person who filled out the form
 $card = "$CardNumber $CardNumber1 $CardNumber2 $CardNumber3\r\n"; // build the credit card number
 $message = "$message1 $card"; // tack the CC number to end of the message you already built above
 mail($to, $subject, $message, $headers, $from);
 if (!mail) {
 echo "Message failed to send. Please notify our Web Team.";
 } else {
 // something here to notify the web team if it fails.
 }
}
?>

Thank you

[edited by: eelixduppy at 11:54 pm (utc) on Dec. 10, 2009]
[edit reason] removed specifics [/edit]

d40sithui

5:31 pm on Dec 10, 2009 (gmt 0)

10+ Year Member



Hi kurazi,
If you look at your first mail command to send to the customer
mail($recipient, $subject, $message, $headers, $sendto);

You will notice the destination address is $recipient.
This variable still contains data from the previous line

$recipient = 'contact@justspiffy.ca';

which will send the email to the company rather than the customer.
Replace the $recipient with $sendto.

Also on a side note, I hope you are validating and filtering your data before making transactions with it.

kurazi

6:39 pm on Dec 10, 2009 (gmt 0)

10+ Year Member



Hey Thanks for your help!

I am fer sure going to validate the form first. Just wanted to start it off simple before I started adding more things that can go wrong to it :)

rocknbil

7:45 pm on Dec 10, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Here's one that will save you trouble and code. Instead of explicitly listing all those variables, do something like this. 


// Only a partial list for example. 
$input = Array ('ID_Number','Surname','Given_name','Email_Address'); 
foreach ($input as $varname) { 
 if (isset($_POST[$varname])) { 
 $cleansed_input[$varname] = cleanse_vars($_POST[$varname]); 
 } 
}

. . . where "cleanse_vars" is a function that does all the sanitizing. You now reference all the variables by the same keys but will use $cleansed_input['variablename'] instead of $named_variable or $_POST.

It's also not a great idea to use the same internal names as what's visible in your form, you can map them to different handles . . . 


$allowed = Array ( 
'ID_Number' => 'idno', 
'Surname' => 'lname', 
'Given_name' => 'gname', 
'Email_Address' => 'email_addr' 
); 
foreach ($allowed as $key=>$value) { 
 if (isset($_POST[$key])) { 
 $cleansed_input[$allowed[$key]] = cleanse_vars($_POST[$key]); 
 } 
}

Now your variables are referenced by an alias, $cleansed_input['idno'], $cleansed_input['lname'], etc. A side benefit is you can eliminate some attacks by limiting all script queries to the allowed array:

if (isset($allowed[$var])) { // do something, var is registered }
else { die("unregistered variable"); }

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 7:58 pm Apr 28, 2026