Welcome to WebmasterWorld Guest from 107.20.122.81

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

sending email with php

     

MBAngel

7:59 pm on Feb 18, 2013 (gmt 0)

5+ Year Member



guys can you take a peek at my code and help me find where I'm doing this wrong? or maybe figure out how to figure it out?

It was working and now I'm trying to add the from and reply to info to the headers. I may have fubar'd that part.

$to = "me@example.com";
$from = $_POST["name"];
$subject = "mysubject";
$reason = $_POST["reason"];
$email = $_POST["email"];
$phone = $_POST["phone"];
if ($_POST["method"] == "email")
{
$prefer = "email";
}
else
{
if ($_POST["method" == "phone"])
{
$prefer = "phone";
}
else
{
$prefer = "no preference";
}
}
$comments = $_POST["comments"];
$text = "<html><body><p>";
$text .= "From: " . $from . "<br />";
$text .= "Reason: " . $reason . "<br />";
$text .= "E-mail address: " . $email . "<br />";
$text .= "Phone: " . $phone . "<br />";
$text .= "Preferred method of contact: " . $prefer . "<br />";
$text .= "Comments: " . $comments;
$text .= "</p></body></html>";
$header .= 'MIME-Version: 1.0' . "\r\n";
$header .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$header .= "From: me@example.com" . "\r\n";
$header .= "Reply-To: $email";
if ($name == "" &&($email == "" && $phone == ""))
{
$msg = "<p>Name and contact fields are required. Your information was not submitted.<br>Please try again.</p><p><a href='contact.php'>Back to form</a></p>";
}
else
{
if (mail($to,$subject,$text,$header))
{
$msg = "<p style='text-align: center; height: 350px;'>Thank you for your submission. Someone will contact you shortly.</p>";
}


[edited by: tedster at 7:59 pm (utc) on Feb 19, 2013]

[edited by: coopster at 6:45 pm (utc) on Feb 20, 2013]
[edit reason] fixed a typo [/edit]

tommytx

9:56 pm on Feb 18, 2013 (gmt 0)

10+ Year Member



$text = "<html><body><p>";
$text .= "From: " . $from . "<br />";
$text .= "Reason: " . $reason . "<br />";

$header .= 'MIME-Version: 1.0' . "\r\n";
$header .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$header .= "From: me@example.com" . "\r\n";

May not fix your problem, but its horrible programming to start the adding a lot of text to a variable with a .=, always begin the first one without the dot.... so how you correctly started the:
$text = "<html><body><p>"; correctly without the . on the first one...Do the same for the header.. as shown below...

$header = 'MIME-Version: 1.0' . "\r\n";

MBAngel

10:41 pm on Feb 18, 2013 (gmt 0)

5+ Year Member



I've tried just doing this...
 
$header = 'From: Adventure Ropes Course' . "\r\n" . 'Reply-To: $email' . "\r\n";
$header .= "MIME-Version: 1.0\n";
$header .= "Content-type: text/html; charset=iso-8859-1";

but it doesn't seem to work either.. the email goes to someone else, but he's got an autoresponder set up, so I should get an instant autoreply if the reply to email is correct... shouldn't I?



I've tried so many variations of this code, lol, I'm fried now. (I'm not a good coder, just a mutilator with tools..) I found where my double quotes were wrong and tried to replace them too...

lucy24

1:06 am on Feb 19, 2013 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



$header = 'From: Adventure Ropes Course' . "\r\n" . 'Reply-To: $email' . "\r\n";
$header .= "MIME-Version: 1.0\n";

It should have no effect on the execution of the code --unless you've got a persnickety mail handler-- but why are you using two kinds of line ending?

Yup, quotation marks and newlines are tricky. I remember getting bitten by that one too ;)

Are all those separate $text = statements just to make it easier for you to read and debug?

tommytx

1:55 am on Feb 19, 2013 (gmt 0)

10+ Year Member



if ($name == "" &&($email == "" && $phone == ""))

You are saying if the name is blank and the email is blank and the phone is blank send a fail message... Hell that makes no sense to me...

This messes up my mind.... what would work better is below:

if ($name == "" OR $email == "" OR $phone == "") {
Send fail message
}
else
{
Lets do our thing..
}

makes more sense to me..

Basically its saying you gotta have all 3 to dance...

MBAngel

1:56 am on Feb 19, 2013 (gmt 0)

5+ Year Member



lol, yeah, and for me to make sure I've got all the periods and semi colons and such.. (note I DID say I suck)

two kinds of line ending because some parts were there, I'm just trying to get the reply-to email addy to be the senders as it should be, not the web site owner's. Many tutorials show the \r\n ending. It's a linux server.. (godaddy.. shh no cursing at me, and laffin's ok as long as you don't point)

tommytx

3:39 am on Feb 19, 2013 (gmt 0)

10+ Year Member



OK.. here it is.. I tested it thoroughly and it works fine. Also its in the test mode and injects the posts for test.. so be sure to remark out the test code at the top.. but leave in for T/S later.
also you need to enter your email in the to: field to see the results.. also you can turn on the troubleshooter inside if you like in the lower part of the code...


******************* Begin code **************************

<?php

// Begin Testing......
// Once testing is complete remark out this entire testing block
$_POST["name"] = "Tommy Tucker <tommy@tucker.com>";
$_POST["reason"] = "My reason is not your business.";
$_POST["email"] = "pogo@hogo.com";
$_POST["phone"] = "123-456-5432";
$_POST["method"] = "email";
$_POST["comments"] = 'Please visit my site when you are ready to purchase.<br><b><font color="green"> You can visit my site at</b></font> <a href="http://www.example.com">here</a>. Could you do that for me please?';
// End Testing......






// Place your email here so that you will receive the response.
$to = "me@example.com";


$from = $_POST["name"];
$subject = "mysubject";
$reason = $_POST["reason"];
$email = $_POST["email"];
$phone = $_POST["phone"];
$comments = $_POST["comments"];
$name = $_POST["name"];


if ($_POST["method"] == "email")
{
$prefer = "email";
}
else
{
if ($_POST["method" == "phone"])
{
$prefer = "phone";
}
else
{
$prefer = "no preference";
}
}
$comments = $_POST["comments"];
$text = "<html><body><p>";
$text .= "From: " . $from . "<br />";
$text .= "Reason: " . $reason . "<br />";
$text .= "E-mail address: " . $email . "<br />";
$text .= "Phone: " . $phone . "<br />";
$text .= "Preferred method of contact: " . $prefer . "<br />";
$text .= "Comments: " . $comments;
$text .= "</p></body></html>";
$header .= 'MIME-Version: 1.0' . "\r\n";
$header .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$header .= "From: " . $from . "\r\n";
$header .= "Reply-To: $email";


// Remove quotes below during testing..if you like.
// Use to view that correct data is being sent.
// print "$email<br>";
// print "$text<br>";
// print "<br><br><br>";
// print "$header<br>";

// Used to test a fail below..
// By removing one "" at a time you can see the failure.
// $name = "";
// $phone = "";
// $email = "";


// Go here if name, phone, or email is missing.
if (!$name OR !$phone Or !$email) {
$msg = "<p>Name and contact fields are required. Your information was not submitted.<br>Please try again.</p><p><a href='contact.php'>Back to form</a></p>";
echo "$msg<br>";
exit;
}


// Go here if all is well...
if (mail($to,$subject,$text,$header))
{
$msg = "<p style='text-align: center; height: 350px;'>Thank you for your submission. Someone will contact you shortly.</p>";
echo "$msg<br>";
}

?>
**************** End Code *******************

[edited by: tedster at 8:02 pm (utc) on Feb 19, 2013]
[edit reason] switch URL to example.com [/edit]

swa66

10:15 am on Feb 19, 2013 (gmt 0)

WebmasterWorld Senior Member swa66 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



You've got a bunch of security issues as well.

input validation is mostly missing and it is quite important.
E.g.
- variables that you enter in a mail encoded as ISO-LATIN-1, need to be valid strings in that encoding.
- using "==" to check if a variable of unknown origin is equal to a string is dangerous in PHP: always use "===" to make sure the types of the variables are also equal as automatic conversion happens otherwise with surprising results. (e.g. a string being "equal" to the number 0.)
- input you use as email address: it better be a valid email address
- input you use in header lines for email: it better not have things like newlines in it now would it. (or other control characters)

also output filtering seems like a good idea:
- since you're going to look at the email parsing it as html: I'd strip it so it doesn't contain html (using e.g. htmlentities() on things like comment fields.

If you don't want to bother, be aware that hackers out there are *very* interested in converting your script into a gateway to send spam around the world - by the zillions. And failing that, they'll happily settle for spamming you and/or "owning" you.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month