Page 1 of 1

Email forwarding Form HELP

Posted: Fri Sep 03, 2010 10:03 am
by munks
Okay I have no idea why this doesn't work!! Anyone help?

It sends some of them depending on what email you put in the form!! which doesn't make sense because they all are valid emails and get through the validation!

Eg. sends when you put your email is name@live.co.uk but not 1111@live.co.uk

can look at it working on www.bishcycles.co.uk on the contact page.

FORM:
<form method="POST" action="cont.php" style="text-align:center" onsubmit="return validateForm()" name="cont">
<p>Name:
<input type="text" name="Name" />
Contact Number:<br />
<input type="text" name="Number" />
Email:
<input type="text" name="EmailFrom" />
Inquiry Details:
<textarea name="Comments" cols="45" rows="5"></textarea>
<input type="submit" name="submit" value="Submit" />
</p>
</form>




PHP:
<?php
if ($_SERVER['HTTP_REFERER'] != 'http://bish.herobo.com/contact.php'){
echo "Invalid referer";
die;
}

$EmailFrom = $_POST['EmailFrom'];
$Name = $_POST['Name'];
$Comments = $_POST['Comments'];
$Number = $_POST['Number'];

$Body = "";
$Body .= "Name: ";
$Body .= $Name;
$Body .= "\n";
$Body .= "Email: ";
$Body .= $EmailFrom;
$Body .= "\n";
$Body .= "Contact Number: ";
$Body .= $Number;
$Body .= "\n \n";
$Body .= "Inquiry Details: ";
$Body .= "\n";
$Body .= $Comments;
$Body .= "\n";

if (preg_match('#^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+.[a-zA-Z]{2,6}$#', $EmailFrom)) {
mail('MYEMAIL@hotmail.com', 'BishCycles Inquiry', $Body, 'From: <'.$EmailFrom.'>');
header('Location: sucess.php');
} else {
header('Location: error.php');
}
?>




Thanks

Re: Email forwarding Form HELP

Posted: Fri Sep 03, 2010 3:21 pm
by Jonah Bron
Replace

Code: Select all

if (preg_match('#^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+.[a-zA-Z]{2,6}$#', $EmailFrom)) {
with

Code: Select all

if (preg_match('#^[a-zA-Z0-9\._-]+@[a-zA-Z0-9\._-]+\.[a-zA-Z]{2,6}$#', $EmailFrom)) {
I just escaped the dot.

Re: Email forwarding Form HELP

Posted: Mon Sep 06, 2010 7:34 am
by munks
Thanks but no luck... it still only sends with certain emails :s which makes no sense as theres no reason why the imputed email should make a difference!!! so confused!

Re: Email forwarding Form HELP

Posted: Tue Sep 07, 2010 11:47 am
by Jonah Bron

Code: Select all

if (preg_match('#^[a-zA-Z0-9\._\-]+@[a-zA-Z0-9\._\-]+\.[a-zA-Z]{2,6}$#', $EmailFrom)) {
Try this.

Re: Email forwarding Form HELP

Posted: Tue Sep 07, 2010 12:37 pm
by jarofgreen
Have you checked your spam folder? (Or do you see an error message so you know it's the regular expression?)

Sending emails from your server that claim to be from another server is a sure way to trip some spam filters.

Your best having "noreply@yourserver.com" as the from address and putting the submitted address as the "Reply-To" header.

Also, isn't your form vulnerable to injection attacks? Could I put my email address as "test@test.com>\nCC: 100 other addressses" and use your server to spam at will? EDIT: Oh of course, the regular expression should catch that. Doh!

Re: Email forwarding Form HELP

Posted: Tue Sep 07, 2010 4:14 pm
by munks
Right! I have these two lines in now...

mail('email@bishcycles.co.uk', 'BishCycles Inquiry', $Body, 'From: <'.$EmailFrom.'>');
mail("email@bishcycles.co.uk", "BishCycles Inquiry", $Body, "From: <$EmailFrom>");

the top one is the original which is still only sending certain emails.... but the bottom one is sending anything like saeiuoh@iashgergf.com but as spam...
:banghead:

Re: Email forwarding Form HELP

Posted: Tue Sep 07, 2010 4:39 pm
by Jonah Bron
If the sender field and the address that actually sent the email don't match, It will most likely be marked as spam.