Ok for the most part this script gets the job done. However, for some strange reason when I receive the email from them, instead of having their email address in the "From:" it has some weird address like: $email@p3nlh023.shr.prod.phx3.secureserver.net
Now in the body of the email it will list their correct address. Here is part of the script I'm using...
<?php
/* Subject and Email Variables */
$to = 'myemail@mydomainname.com';
$subject = 'Form Submission';
/* Data Variables */
$name = $_POST['name'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$name = $_POST['name'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$email = $_POST['email'];
$type = $_POST['type'];
$reason = $_POST['reason'];
$value = $_POST['value'];
$owed = $_POST['owed'];
$repairs = $_POST['repairs'];
$agent = $_POST['agent'];
$offer = $_POST['offer'];
/* What Will Appear in Body of Email */
$body = <<<EOD
<br><hr><br>
Name = $name <br>
Phone = $phone <br>
Address = $address <br>
City = $city <br>
State = $state <br>
Email = $email <br>
Type = $type <br>
Reason = $reason <br>
Value = $value <br>
Owed = $owed <br>
Repairs = $repairs <br>
Agent = $agent <br>
Offer = $offer <br>
EOD;
/* To send HTML mail, the Content-type header must be set */
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
/* Additional headers */
$headers .= 'From: $email' . "\r\n";
$headers .= 'Cc: myalternateemail@whatever.com' . "\r\n";
$headers .= 'Bcc: myalternateemail@whatever.com' . "\r\n";
/* Mail it */
mail($to, $subject, $body, $headers);
Also, once in awhile I will get an email where the body is completely empty. It will still list
Name =
Phone =
Address =
City =
State =
Email =
Type =
Reason =
Value =
Owed =
Repairs =
Agent =
Offer =
It just doesn't show the answer they gave. I'm a beginner so any help would be greatly appreciated. Thanks!
PHP Mail Form Problems
Moderator: General Moderators
- jaoudestudios
- DevNet Resident
- Posts: 1483
- Joined: Wed Jun 18, 2008 8:32 am
- Location: Surrey
Re: PHP Mail Form Problems
Is that a form on your website? You have no protection! That code will bring you mailserver down!
I would use something like this...
http://www.forum.jaoudestudios.com/view ... ?f=13&t=13
Where there is header injection prevention.
Give it a go and let me know how you get on.
I would use something like this...
http://www.forum.jaoudestudios.com/view ... ?f=13&t=13
Where there is header injection prevention.
Give it a go and let me know how you get on.
-
TheSaint97
- Forum Newbie
- Posts: 2
- Joined: Tue Dec 02, 2008 1:19 pm
Re: PHP Mail Form Problems
I added the following to my code:
/* Strip out injected headers */
function validate($value, $linebreaks=true)
{
if ($linebreaks) {
//Remove line feeds
$ret = str_replace(chr(10), "", $value);
$ret = str_replace(chr(13), "", $ret);
} else {
$ret = $value;
}
// Remove injected headers
$find = array("/bcc\:/i",
"/Content\-Type\:/i",
"/Mime\-Type\:/i",
"/cc\:/i",
"/to\:/i");
$ret = preg_replace($find,
"**injected header removed**",
$ret);
// Ensure there aren't nested injections, e.g.: ContContent-Typeent-Type
if ($ret == $value) {
return $ret;
} else {
return $this->validate($ret, false);
}
}
However, I am still receiving emails with the wrong value?:( Obviously I thought by having "From: $email" as defined in my headers, that the customers email would appear in the "From:" part of my email but it still isn't.
Remember I'm a newbie when it comes to php. What is the easiest way to fix this? Thank you.
/* Strip out injected headers */
function validate($value, $linebreaks=true)
{
if ($linebreaks) {
//Remove line feeds
$ret = str_replace(chr(10), "", $value);
$ret = str_replace(chr(13), "", $ret);
} else {
$ret = $value;
}
// Remove injected headers
$find = array("/bcc\:/i",
"/Content\-Type\:/i",
"/Mime\-Type\:/i",
"/cc\:/i",
"/to\:/i");
$ret = preg_replace($find,
"**injected header removed**",
$ret);
// Ensure there aren't nested injections, e.g.: ContContent-Typeent-Type
if ($ret == $value) {
return $ret;
} else {
return $this->validate($ret, false);
}
}
However, I am still receiving emails with the wrong value?:( Obviously I thought by having "From: $email" as defined in my headers, that the customers email would appear in the "From:" part of my email but it still isn't.
Remember I'm a newbie when it comes to php. What is the easiest way to fix this? Thank you.
- jaoudestudios
- DevNet Resident
- Posts: 1483
- Joined: Wed Jun 18, 2008 8:32 am
- Location: Surrey
Re: PHP Mail Form Problems
To be honest, it is really easy to use the class in the link I posted. There is an example at the top of the class.
Give it a go and post what code you have, then we can take it from there.
Give it a go and post what code you have, then we can take it from there.