Firstly may I just point out that I did not create the URL for this website neither did i choose the business it is my aunties company and she asked for a basic website to be coded for the domain for free, ive only done XHTML coding in my first year at university so I dont know everything. The reason I say this is because I asked for help on another forum and got criticised on everything.
The problem I have is with a site hosted by fasthosts. the URL is http://www.clairesperfectpartyplanning.co.uk. I have got a piece of PHP code from the fasthosts support area that SHOULD send the data in a form on the previous page. But the problem is although ive followed all instructions that are on the support area of fasthosts but when the forms are submitted I just get an error 500 -Internal server error. Just wondering if anyone can help me solve the problem. I have included the html page and the php page also. If anyone can help me I would be grateful.
Like I have said I am a novice, just need some helpful advice rather that negative critique.
I have posted this in the html section of the forum also to try get help. Fasthosts arent very fast at helping.
500 - Internal Server Error
Moderator: General Moderators
-
stefwright1988
- Forum Newbie
- Posts: 4
- Joined: Thu Jul 02, 2009 2:37 pm
500 - Internal Server Error
- Attachments
-
- pages.zip
- (2.74 KiB) Downloaded 14 times
Re: 500 - Internal Server Error
You were missing a closing bracket around line 27. I inserted it for you.
One suggestion about this code is to add some functions to at least scan your user input fields for injection attacks so your mailbox doesn't get hijacked. See this link here for more info.
viewtopic.php?f=34&t=102450
Code: Select all
<?php
/*
=============================================
Sendmail.php - send an email from a web form. Make sure this file is called sendmail.php
when you upload it, otherwise the example form won't find the script and will error.
NOTE: This script is heavily commented. Text after double slashes // is ignored by PHP
=============================================
*/
// You only need to modify the following three lines of code to customise your form to mail script.
$email_to = "claire@clairesperfectpartyplanning.co.uk"; // Specify the email address you want to send the mail to.
$email_subject = "Call Requested"; // Set the subject of your email.
// Specify a page on your website to display a thankyou message when the mail is sent
$thankyou_url = "http://www.clairesperfectpartyplanning.co.uk/thankyou.html";
// Get the details the user entered into the form
$name = $_POST["name"];
$phone = $_POST["phone"];
$timetocall = $_POST["timetocall"];
$email_from = $_POST["email"];
// Validate the email address entered by the user
if(!filter_var($email_from, FILTER_VALIDATE_EMAIL)) {
// Invalid email address
die("The email address entered is invalid.");
}
// The code below creates the email headers, so the email appears to be from the email address filled out in the previous form.
// NOTE: The \r\n is the code to use a new line.
$headers = "From: $email_from . \r\n";
$headers .= "Reply-To: $email_from . \r\n"; // (You can change the reply email address here if you want to.)
// Now we can construct the email body which will contain the name and message entered by the user
$message = "Name: ". $name . "\r\nPhone: " . $phone . "\r\nTime: " . $timetocall;
// This is the important ini_set command which sets the sendmail_from address, without this the email won't send.
ini_set("sendmail_from", $email_from);
// Now we can send the mail we've constructed using the mail() function.
// NOTE: You must use the "-f" parameter on Fasthosts' system, without this the email won't send.
$sent = mail($email_to, $email_subject, $message, $headers, "-f" . $email_from);
// If the mail() function above successfully sent the mail, $sent will be true.
if($sent) {
header("Location: " . $thankyou_url); // Redirect customer to thankyou page
} else {
// The mail didn't send, display an error.
echo "There has been an error sending your message. Please try later.";
}
?>viewtopic.php?f=34&t=102450
-
stefwright1988
- Forum Newbie
- Posts: 4
- Joined: Thu Jul 02, 2009 2:37 pm
Re: 500 - Internal Server Error
thank you so much I am very grateful. I had never even experimented with php before which is why I got so confused. thank you again
-
stefwright1988
- Forum Newbie
- Posts: 4
- Joined: Thu Jul 02, 2009 2:37 pm
Re: 500 - Internal Server Error
im a bit confused about where i would put those bits of code to stop spammers in??? any chance of a hand again please??? also the error message that is used for email address verification at this time is so blad it just goes to a blank page with the text written at the top...can i link it to another page to explain why that error has occured??
Re: 500 - Internal Server Error
I don't have time to help you with the injection filters right now, but for the filter error you can redirect them to another page if you want.
In bademail.html you can create a more elaborate error message.
Code: Select all
if(!filter_var($email_from, FILTER_VALIDATE_EMAIL)) {
// Invalid email address
header("Location: bademail.html");}-
stefwright1988
- Forum Newbie
- Posts: 4
- Joined: Thu Jul 02, 2009 2:37 pm
Re: 500 - Internal Server Error
thank you very much dont worry about the injection rules...we will see how it goes if it starts to get abused I will look into how to have it working.
Re: 500 - Internal Server Error
You must have injection protection in your email form. Otherwise eemails can be sent out from you to anyone. So they will send messages until your servers email outbox is full (probably 10,000+ messages). By the time you figure out what happened your domain will be blacklisted and about half your friends/family/contacts will be unable to get messages from you because your domain is filtered out. It's hell getting that fixed.
You should be able to directly include the functions I posted in your php code and follow the syntax I used in the example calls in the if statements.
You should be able to directly include the functions I posted in your php code and follow the syntax I used in the example calls in the if statements.