Basic mail ( ) function questions

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
optimus203
Forum Newbie
Posts: 2
Joined: Fri Apr 10, 2009 5:06 pm
Location: CT

Basic mail ( ) function questions

Post by optimus203 »

Hey everyone. I am brand new to PHP. I have this PHP mail script which I can't get to run properly. The only thing I get is the subject and message. What I would like is for the variables "superpowers" and "find" to be included in the message being retrieved. I tried to incorporate these through $headers variables, but they also do not show up in the message from the HTML form. Any help would be greatly appreciated:

Code: Select all

 
<?php
$to = 'recipient@email.com' ;
$email = $_POST['email'] ;
$superpower = $_POST['superpower'] ;
$find = $_POST['find'] ;
$subject = $_POST['subject'] ;
$message = $_POST['message'] ;
$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= "From:".$email."\r\n";
$headers .= "Superpower:".$superpower."\r\n";
$headers .= "Find:".$find."\r\n";
 
// HTML form validation
function is_valid_email($email) {
  return preg_match('#^[a-z0-9.!\#$%&\'*+-/=?^_`{|}~]+@([0-9.]+|([^\s]+\.+[a-z]{2,6}))$#si', $email);
}
 
function contains_bad_str($str_to_test) {
  $bad_strings = array(
                "content-type:"
                ,"mime-version:"
                ,"multipart/mixed"
        ,"Content-Transfer-Encoding:"
                ,"bcc:"
        ,"cc:"
        ,"to:"
  );
  
  foreach($bad_strings as $bad_string) {
    if(eregi($bad_string, strtolower($str_to_test))) {
      echo "$bad_string found. Suspected injection attempt - mail not being sent.";
      exit;
    }
  }
}
 
function contains_newlines($str_to_test) {
   if(preg_match("/(%0A|%0D|\\n+|\\r+)/i", $str_to_test) != 0) {
     echo "newline found in $str_to_test. Suspected injection attempt - mail not being sent.";
     exit;
   }
} 
 
if($_SERVER['REQUEST_METHOD'] != "POST"){
   echo("Unauthorized attempt to access page.");
   exit;
}
 
if (!is_valid_email($email)) {
  echo 'Sorry, invalid email';
  exit;
}
 
contains_bad_str($email);
contains_bad_str($subject);
contains_bad_str(body);
 
contains_newlines($email);
contains_newlines($subject);
// End HTML form validation
 
mail( $to, $subject, $message , $headers);
header( "Location: http://www.website.com/mailconfirm.html" );
?>
nyoka
Forum Commoner
Posts: 45
Joined: Thu Apr 09, 2009 12:53 pm

Re: Basic mail ( ) function questions

Post by nyoka »

Hi, it looks like you are passing the two required (but missing) fields as part of the header info rather than the body. Try removing the following lines:

Code: Select all

 
 $headers .= "Superpower:".$superpower."\r\n";
 $headers .= "Find:".$find."\r\n";
 
If you add them to the message body using the following lines:

Code: Select all

 
 $message .= "Superpower:".$superpower."\r\n";
 $message .= "Find:".$find."\r\n";
 
Hope this helps you.
optimus203
Forum Newbie
Posts: 2
Joined: Fri Apr 10, 2009 5:06 pm
Location: CT

Re: Basic mail ( ) function questions

Post by optimus203 »

Yes, this worked perfectly. Of course, it makes sense now. Thanks for your quick response and your help!
Post Reply