Page 1 of 2

PHP Syntax help!

Posted: Sun Aug 20, 2006 4:33 am
by EddyStone
Everah | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


New to PHP coding so sorry if this is a stupid question.
I have a form on my web site (send.php), which sends me an E-Mail with the form information.
I would like to send the information to two E-Mail address's instead of one. Can someone help
with syntax in the $to=  line please.

Thanks Ed

This works:-

Code: Select all

$Name = $_POST['Name'];
$PhoneNumber = $_POST['PhoneNumber'];
$EMail = $_POST['EMail'];
$Day = $_POST['Day'];
$Month = $_POST['Month'];
$Year = $_POST['Year'];
$Info = $_POST['Info'];
$Comments = $_POST['Comments'];
$msg .= "Name    $Name\n";
$msg .= "PhoneNumber    $PhoneNumber\n";
$msg .= "EMail    $EMail\n";
$msg .= "Day    $Day\n";
$msg .= "Month    $Month\n";
$msg .= "Year    $Year\n";
$msg .= "Info    $Info\n";
$msg .= "Comments    $Comments\n";
$to = "dummyemail@trains.co.uk";
$subject = "Website Feedback";
$mailheaders = "MIME-Version: 1.0\r\n";
$mailheaders.="To: ".$to."\n"; 
$mailheaders .= "From: ".$name."\n\n";

This dosn't:-

Code: Select all

$Name = $_POST['Name'];
$PhoneNumber = $_POST['PhoneNumber'];
$EMail = $_POST['EMail'];
$Day = $_POST['Day'];
$Month = $_POST['Month'];
$Year = $_POST['Year'];
$Info = $_POST['Info'];
$Comments = $_POST['Comments'];
$msg .= "Name    $Name\n";
$msg .= "PhoneNumber    $PhoneNumber\n";
$msg .= "EMail    $EMail\n";
$msg .= "Day    $Day\n";
$msg .= "Month    $Month\n";
$msg .= "Year    $Year\n";
$msg .= "Info    $Info\n";
$msg .= "Comments    $Comments\n";
$to = "dummyemail@trains.co.uk; dummyemail@subs.biz";
$subject = "Website Feedback";
$mailheaders = "MIME-Version: 1.0\r\n";
$mailheaders.="To: ".$to."\n"; 
$mailheaders .= "From: ".$name."\n\n";

Everah | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Sun Aug 20, 2006 4:41 am
by Oren
Well, assuming you are using PHP's mail() function, the syntax would be:

Code: Select all

$to = "dummyemail@trains.co.uk, dummyemail@subs.biz";

Re: PHP Syntax help!

Posted: Sun Aug 20, 2006 5:33 am
by aerodromoi
EddyStone wrote:New to PHP coding so sorry if this is a stupid question.
I have a form on my web site (send.php), which sends me an E-Mail with the form information.
I would like to send the information to two E-Mail address's instead of one. Can someone help
with syntax in the $to= line please.
Another option would be to use an array for multiple email addresses.

Code: Select all

<?php
$to = array("email1@nonexistent.com","email1@nonexistent.com");
$subject = "just testing";
$body = "lorem ipsum dolor sit amet";
$header = "From: another@nonexistent.com";

for($i=0;$i<count($to);$i++){
  mail($to[$i], $subject, $body, $header);
}
?>
The only downside to this solution is its lack of efficiency as a new smtp socket is opened $i times.

Posted: Sun Aug 20, 2006 6:07 am
by EddyStone
Thanks guys.

Oran
Your idea looks to be the easiest. Tried that but the mail only seems to go to the first E-Mail address in the
$to line. I take it there should be a space after the comma seperating the E-Mail address's?

aerodromoi
Thanks seems like a good ide but still not sure how to get the code into my example.

Another Question:-

The form I am using is located at http://www.traspberries.co.uk/Bookings.html

I am also having trouble with spammers entering just anything into the form, I pressume to see if its a working link, the form info
comes through OK in those cases but with assorted dummy information in the fields.

I really appreciate everyone help with this,


Ed

Posted: Sun Aug 20, 2006 9:03 am
by Oren
Well, you can put a space after the comma and you can get rid of this space... it doesn't matter.
Why it's not working? I don't know, we need to see the content of sendmail.php.
I also checked with your form, and found out that it'd send the message without even making sure that the fields are not empty.

Posted: Sun Aug 20, 2006 9:15 am
by aerodromoi
EddyStone wrote:Thanks guys.

Oran
Your idea looks to be the easiest. Tried that but the mail only seems to go to the first E-Mail address in the
$to line. I take it there should be a space after the comma seperating the E-Mail address's?

aerodromoi
Thanks seems like a good ide but still not sure how to get the code into my example.

Another Question:-

The form I am using is located at http://www.traspberries.co.uk/Bookings.html

I am also having trouble with spammers entering just anything into the form, I pressume to see if its a working link, the form info
comes through OK in those cases but with assorted dummy information in the fields.

I really appreciate everyone help with this,


Ed
@spam
You might want to take a look at this article: http://www.securephpwiki.com/index.php/Email_Injection

ps: Even though it's not strictly necessary, I'd suggest mentioning the second email address in the header as well.

Posted: Sun Aug 20, 2006 10:33 am
by RobertGonzalez
Read the PHP manual on mail(). There are some differences in the way Windows servers handle mail and *nix servers do it when it comes to the to address. Make sure you know your server type and code for that.

PS I ran into this myself once when I moved from a Linux box to a Windows box. The problem was the way that Windows server handles the "User Name" <user@email.com> syntax.

Posted: Sun Aug 20, 2006 11:10 am
by feyd
Why not make it easier and use a mailing library like Swift or phpMailer?

Posted: Sun Aug 20, 2006 11:13 am
by EddyStone
Thanks All. Looks like I have some studying to do!

Oran this is the full Sendmail.php code. If any one can suggest changes to help combat spam. The code would be very much appreciated.

Code: Select all

<?
$Name = $_POST['Name'];
$PhoneNumber = $_POST['PhoneNumber'];
$EMail = $_POST['EMail'];
$Day = $_POST['Day'];
$Month = $_POST['Month'];
$Year = $_POST['Year'];
$Info = $_POST['Info'];
$Comments = $_POST['Comments'];
$msg .= "Name    $Name\n";
$msg .= "PhoneNumber    $PhoneNumber\n";
$msg .= "EMail    $EMail\n";
$msg .= "Day    $Day\n";
$msg .= "Month    $Month\n";
$msg .= "Year    $Year\n";
$msg .= "Info    $Info\n";
$msg .= "Comments    $Comments\n";
$to = "emailaddress@rubbish.com";
$subject = "Website Feedback";
$mailheaders = "MIME-Version: 1.0\r\n";
$mailheaders.="To: ".$to."\n"; 
$mailheaders .= "From: ".$name."\n\n";

mail($to, $subject, $msg, $mailheaders);
?>
<HTML>
<HEAD>
<TITLE>Thank You</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.tableBack {
	background-image: url(images/feedback_03.gif);
}
.style1 {color: #330099}
.style2 {color: #FFFFFF}
-->
</style>
</HEAD>
<BODY BGCOLOR=#FFFFCC LEFTMARGIN=0 TOPMARGIN=0 MARGINWIDTH=0 MARGINHEIGHT=0>
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0">
  <tr>
    <td><div align="center">
        <TABLE WIDTH=780 BORDER=0 align="center" CELLPADDING=0 CELLSPACING=0>
          <TR> 
            <TD> <table width="800" height="340" border="0" cellpadding="0" cellspacing="0">
              <tr>
                <td height="127" width="130"><img src="Images/Symbol%20Right.jpg" width="122" height="122"></td>
                <td colspan="3" height="127"><img src="Images/Raspberry%20Font%205b.jpg" width="679" height="126"></td>
              </tr>
              <tr>
                <td height="168" bgcolor="#CC0000" align="center"><p>&nbsp;</p>
                    <p><font size="2" face="Arial, Helvetica, sans-serif"><a href="Index.html" class="Raspberry4 style2">Home</a></font></p>
                    <p>&nbsp;</p>
                    <p>&nbsp;</p></td>
                <td height="168" colspan="3" valign="top"><img src="Images/Montage.jpg" width="679" height="168" align="top"></td>
              </tr>
              <tr>
                <td width="130" height="38" bgcolor="#CC0000">&nbsp;</td>
                <td valign="middle" colspan="3" height="38" align="left" bgcolor="#CC0000"><h1><font face="Arial, Helvetica, sans-serif" size="5" color="#CC0000">x</font><font face="Arial, Helvetica, sans-serif" size="4" color="#FFFFFF">Live
                      music for that special occasion</font></h1></td>
              </tr>
            </table>              <p>&nbsp;</p>
            </TD>
            <TD>&nbsp;</TD>
          </TR>
          <TR>
            <TD>&nbsp;</TD>
            <TD>&nbsp;</TD>
          </TR>
          <TR> 
            <TD>&nbsp;</TD>
            <TD>&nbsp;</TD>
          </TR>
          <TR> 
            <TD colspan="2" class="tableBack"> <div align="center">
              <p align="left">&nbsp;</p>
              <table width="673" border="0" cellspacing="0" cellpadding="2">
                  <tr>
                    <td colspan="2" valign="top"><p class="style1"><font size="2" face="Arial, Helvetica, sans-serif">Thank
                          you for your response, the following details have been
                        mailed. We
                          will contact you shortly</font></p>
                      <p>&nbsp;</p></td>
                  </tr>
                  <tr>
                    <td width="198" valign="top">
                    <div align="left" class="style1"><font size="2" face="Arial, Helvetica, sans-serif">Name </font></div></td>
                    <td width="467"><?php echo "$Name" ?></td>
                  </tr>
                  <tr>
                    <td valign="top"><div align="left" class="style1"><font size="2" face="Arial, Helvetica, sans-serif">PhoneNumber </font></div></td>
                    <td><?php echo "$PhoneNumber" ?>&nbsp;</td>
                  </tr>
                  <tr>
                    <td valign="top"><div align="left" class="style1"><font size="2" face="Arial, Helvetica, sans-serif">EMail </font></div></td>
                    <td><?php echo "$EMail" ?></td>
                  </tr>
                  <tr>
                    <td valign="top"><div align="left" class="style1"><font size="2" face="Arial, Helvetica, sans-serif">Day </font></div></td>
                    <td><?php echo "$Day" ?></td>
                  </tr>
                  <tr>
                    <td valign="top"><div align="left" class="style1"><font size="2" face="Arial, Helvetica, sans-serif">Month </font></div></td>
                    <td><?php echo "$Month" ?></td>
                  </tr>
                  <tr>
                    <td valign="top"><div align="left" class="style1"><font size="2" face="Arial, Helvetica, sans-serif">Year </font></div></td>
                    <td><?php echo "$Year" ?></td>
                  </tr>
                  <tr>
                    <td valign="top"><div align="left" class="style1"><font size="2" face="Arial, Helvetica, sans-serif">Info </font></div></td>
                    <td><?php echo "$Info" ?></td>
                  </tr>
                  <tr>
                    <td height="96" valign="top"><p><span class="style1"><font size="2" face="Arial, Helvetica, sans-serif">Comments </font></span></p>                    </td>
                    <td><?php echo "$Comments" ?></td>
                  </tr>
                </table>
              </div></TD>
          </TR>
          <TR> 
            <TD colspan="2">&nbsp; </TD>
          </TR>
        </TABLE>
      </div></td>
  </tr>
</table>
</BODY>
</HTML>

Posted: Sun Aug 20, 2006 11:18 am
by RobertGonzalez
Change these:

Code: Select all

<?php echo "$Comments" ?>
To these:

Code: Select all

<?php echo $Comments; ?>

Posted: Sun Aug 20, 2006 11:23 am
by EddyStone
Thanks Everah. What will the cahnges actually do?
Ed

Posted: Sun Aug 20, 2006 11:28 am
by feyd
Unnecessarily adding quotes increases processing requirements, not much, but over a large application can accumulate.

Posted: Sun Aug 20, 2006 11:44 am
by RobertGonzalez
Exactly as Feyd said. When you place the var in double quotes, PHP takes the string and tries to parse the string for vars. If you just throw the var to PHP, it won't do that. It is a matter of efficiency and clean coding, in my opinion.

Posted: Mon Aug 21, 2006 3:26 pm
by EddyStone
To help stop SPAM would it be possible to ask a question at the bottom of the form e.g what is sum of two random numbers
and only proceed if the sum is correct, or I am I being just too simplistic?
Thanks Ed

Posted: Mon Aug 21, 2006 3:38 pm
by feyd
Those can help. The code above is vulnerable to header injection however, thus making it a great script to spam people from. The vulnerability is centered around $Name.

I'm still wondering if it would not be easier, and safer, to use a mailing library built to understand these pitfalls. I linked to the too most recommended earlier.