PHP email problems

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
webdev
Forum Commoner
Posts: 25
Joined: Tue Jun 05, 2007 2:07 am

PHP email problems

Post by webdev »

Hi guys,

Here are the php script:

Code: Select all

<?php
//Headers---
$name = $_POST['name'];
$message = $_POST['comments']; 
$from = $_POST['email'];
$mail_sent = $_POST['submit'];

//send the email---
//define the receiver of the email
$to = 'wade@austasiagroup.com'.",";
$to .= '';
//define the subject of the email
$subject = 'Kiri Park Enquiry'; 
//define the message in the email
$body = "The following enquiry was submitted via the Kiri Park website on ".date('l, d M Y H:i:s') . "\n\nName: ". $name ."\n\nEmail: ". $from ."\n\nComments: ". $message;
//mail sent.
$mail_sent = mail( $to, $subject, $body, "From: $from" );

/*Simple form validation check to see if an email and message were entered*/
//if no name entered, no message entered and no email entered print an error 
if (empty($message) && empty($from) && empty($name)){
echo "<div class=\"bodytext\">No name, email address and comment was entered. Please enter your name, email address and a comment.</div>";
}
//if no message entered and no email entered print an error 
elseif (empty($message) && empty($from)){
echo "<div class=\"bodytext\">No email address and comment was entered. Please enter your email address and a comment.</div>";
}
//if no name entered and no message entered print an error 
elseif (empty($name) && empty($message)){
echo "<div class=\"bodytext\">No name and comment was entered. Please enter your name and a comment.</div>";
}
//if no name entered and no email address entered print an error 
elseif (empty($name) && empty($from)){
echo "<div class=\"bodytext\">No name and email address was entered. Please enter your name and email address.</div>";
}
//if no message entered send print an error 
elseif (empty($message)){
echo "<div class=\"bodytext\">No comment was entered. Please enter a comment.</div>";
}
//if no email entered send print an error 
elseif (empty($from)){
echo "<div class=\"bodytext\">No email address was entered. Please enter your email address.</div>";
}
//if no name entered send print an error 
elseif (empty($name)){
echo "<div class=\"bodytext\">No name was entered. Please enter your name.</div>";
}

//Thank the user by name if they entered a name
elseif (!empty($name)) {
echo "<div class=\"bodytext\">Thank you, $name. Your mail was sent successfully.</div>";
}
?>
Now, when the user fill the form, its automatically send to my email. If the user forgot to fill the name, email address and comment on the form, they have to repeat and fill the form again. With my script, when the user forgot to fill the name, email and comment, its automatically send to my email but I don't want this.

Can you give me what is the code for this please? That's be great!

Thanks alots.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

The mailing code must be run after the conditional checks.

Also, you have a lovely hole in the security of this script. One that would allow anyone to make your mail server into a spam house. I suggest you read up on header injection, or preferably use a library with built-in protection for such things like SwiftMailer.
suyeic
Forum Newbie
Posts: 6
Joined: Wed Jun 13, 2007 9:22 pm
Location: Bejing China

Post by suyeic »

The code in the same page, right?
you can set a value which is hidden, such "<input type="hidden" name="sent" value="sent">", when user submit this form, yours php code had better check whether this value ($_POST['sent']) existing, if true, do the next steps, verify value of subject, name,comments is valid, if true, you sent mail out. but if false, you should tell user what's wrong.
User avatar
Gente
Forum Contributor
Posts: 252
Joined: Wed Jun 13, 2007 9:43 am
Location: Ukraine, Kharkov
Contact:

Checking input

Post by Gente »

Also imagine that you have 10 or even 20 fields in your email form. Imagine the number of lines in your code.
Possible solution: make a following array ('field' => 'field description'), do foreach on $_POST and collect the $errors array
Post Reply