PHP email form help

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
CadencePro
Forum Newbie
Posts: 2
Joined: Sun Apr 18, 2010 10:03 am

PHP email form help

Post by CadencePro »

I've been running an email script on a website that processes the actual form correctly. However, the intended recipient of these emails keeps getting random emails with blank input, and a strange "From" email that reads:

charner@p3slh215.shr.phx3.secureserver.net.

This is not a valid address, but seems to becoming directly from the server. The website is hosted on GoDaddy, so I contacted their tech support. They said that (and I've tested to make sure) that an random email will be sent whenever someone types the URL into the browser's address bar. (http://swingshiftandthestars.com/emailscript.php). Is there any way to prevent that from happening? The data collected in the form is not sent to a database. It is just sent to the end user. I just need some way to prevent these blank, random emails from popping up. Any suggestions?
User avatar
omniuni
Forum Regular
Posts: 738
Joined: Tue Jul 15, 2008 10:50 pm
Location: Carolina, USA

Re: PHP email form help

Post by omniuni »

That's the typical server email address you'd get if you have submission with no default reply-to. Check if the form is getting blank submissions and you are doing proper data validation.
User avatar
Architek
Forum Commoner
Posts: 44
Joined: Wed Jul 01, 2009 5:01 am
Location: Portland OR

Re: PHP email form help

Post by Architek »

if your emailscript.php file has a default destination address set in it you could change it to a variable like $toaddress which can then be populated by a hidden form field that will push the value eliminating the stated... any user that simply clicks on the link out on the web will generate a random email messge.


I agree with omniuni that you should try to do some form data validation to ensure a mail message never gets sent unless certain criteria is met.
CadencePro
Forum Newbie
Posts: 2
Joined: Sun Apr 18, 2010 10:03 am

Re: PHP email form help

Post by CadencePro »

I'm using front-end validation with Javascript (via Dreamweaver). The form won't actually send unless there's some data input. The problem is that the URL of the PHP script that processes the form gets typed into the address bar, and it sends out a blank email with the strange header. I'm not sure if people are typing it in randomly, or if there's some spam automation going on somewhere.

It seems if I can keep the PHP page from being accessed in such a manner then it will stop the random emails. I just need a way to do that. I'd like to continue to process email forms without setting up a MySQL database.
User avatar
omniuni
Forum Regular
Posts: 738
Joined: Tue Jul 15, 2008 10:50 pm
Location: Carolina, USA

Re: PHP email form help

Post by omniuni »

Javascript can be easily circumvented. For example, bots don't support it, and thus, will likely ignore the restriction. Turn JS off in your browser, and make sure it still won't send.
User avatar
Architek
Forum Commoner
Posts: 44
Joined: Wed Jul 01, 2009 5:01 am
Location: Portland OR

Re: PHP email form help

Post by Architek »

You need to try and do some sort of server side validation. Check at least one field coming over from the form. As I recall GoDaddy hosting when you turn on the email form function it places a copy of their "emailscript.php" file in your directories. Try and make a similar change as shown below where a variable is being captured then using a simple if statement to wrap the rest of the form in else brackets.

If you wrap the whole script with a little snippet like this you need to ensure the variable of "$name" is not being used else where in the email script...If it is make sure you are not defining it a different value than what it expects. obviously safer to ensure you send something unique for validation other wise I could guess and add something in the URL www.somesite.com/emailscript.php?name="Architek"

Code: Select all

//Capturing and setting form variable.
if(isset($_POST["name"])) $name=$_POST["name"];

//Checking variable contents before proceeding.
if(empty($name) {echo "<p>Looks like we may still need your NAME!<br />Please go back and confirm the information you provided.</p>"; }
     else {

            .... Insert script content in this bracket set.

            }
Post Reply