vbcubey Posted August 26, 2008 Share Posted August 26, 2008 I'm using a form to email subscription requests. The form is on one page (sis-freesub.html), and it sends its post data to another page (contact.php). The data is emailed to the specified address just fine, but blank emails keep getting received as well. I'm assuming right now that every time someone accesses contact.php, it sends a blank email. If you could tell me how to stop the blank emails, that'd be great. Here's the code for contact.php: <?php $subscription = $_POST['subscription']; $mailing_location = $_POST['mailing_location']; $name = $_POST['name']; $title = $_POST['title']; $company = $_POST['company']; $address1 = $_POST['address1']; $address2 = $_POST['address2']; $city = $_POST['city']; $state = $_POST['state']; $zip = $_POST['zip']; $phone = $_POST['phone']; $fax = $_POST['fax']; $email = $_POST['email']; $to = "publisher@specedpub.com"; $subject = "Success Magazine Subscription Form Submission"; $message = "Success Magazine Subscription". "\n"."\n". "Subscription type: ".$subscription. "\n"."\n". "Mailing location: ".$mailing_location. "\n"."\n". "Name: ".$name. "\n"."\n". "Title: ".$title. "\n"."\n". "Company: ".$company. "\n"."\n". "Address line 1: ".$address1. "\n"."\n". "Address line 2: ".$address2. "\n"."\n". "City: ".$city. "\n"."\n". "State: ".$state. "\n"."\n". "Zip code: ".$zip. "\n"."\n". "Phone: ".$phone. "\n"."\n". "Fax: ".$fax. "\n"."\n". "Email: ".$email. "\n"; $headers = "From: publisher@specedpub.com"; $sent = mail ($to, $subject, $message, $headers); if($sent) { echo "<p>Thank you for subscribing to <em>Success in Seminole Magazine</em>.</p>"; } else { echo "We encountered an error sending your mail."; } ?> It occurs to me that I probably need only one page to accomplish this, not two. It's safe to assume that I don't know much php. David Quote Link to comment https://forums.phpfreaks.com/topic/121417-mail-function-sending-blank-emails/ Share on other sites More sharing options...
JonnoTheDev Posted August 26, 2008 Share Posted August 26, 2008 No, check that the variables have values before running the mail() function. Also you may want to check the referring page from contact.php to make sure that it is the form.html page. This code is wide open to abuse as it is. Quote Link to comment https://forums.phpfreaks.com/topic/121417-mail-function-sending-blank-emails/#findComment-626099 Share on other sites More sharing options...
PFMaBiSmAd Posted August 26, 2008 Share Posted August 26, 2008 And the code is unconditionally executing any time the page is requested. At a minimum you need a conditional statement to check that the form submit button variable name is set. Quote Link to comment https://forums.phpfreaks.com/topic/121417-mail-function-sending-blank-emails/#findComment-626100 Share on other sites More sharing options...
vbcubey Posted August 26, 2008 Author Share Posted August 26, 2008 All of those suggestions sound great. Unfortunately, I don't know how to implement any of them. Can you give me some specifics to get me started? Quote Link to comment https://forums.phpfreaks.com/topic/121417-mail-function-sending-blank-emails/#findComment-626175 Share on other sites More sharing options...
vbcubey Posted August 26, 2008 Author Share Posted August 26, 2008 Okay, I tried to set a conditional so it would check that the submit button was pressed on the html page that sends the post data. Is this good? <?php $submit = $_POST['submit']; if (isset($submit)) { $subscription = $_POST['subscription']; $mailing_location = $_POST['mailing_location']; $name = $_POST['name']; $title = $_POST['title']; $company = $_POST['company']; $address1 = $_POST['address1']; $address2 = $_POST['address2']; $city = $_POST['city']; $state = $_POST['state']; $zip = $_POST['zip']; $phone = $_POST['phone']; $fax = $_POST['fax']; $email = $_POST['email']; $to = "publisher@specedpub.com"; $subject = "Success Magazine Subscription Form Submission"; $message = "Success Magazine Subscription". "\n"."\n". "Subscription type: ".$subscription. "\n"."\n". "Mailing location: ".$mailing_location. "\n"."\n". "Name: ".$name. "\n"."\n". "Title: ".$title. "\n"."\n". "Company: ".$company. "\n"."\n". "Address line 1: ".$address1. "\n"."\n". "Address line 2: ".$address2. "\n"."\n". "City: ".$city. "\n"."\n". "State: ".$state. "\n"."\n". "Zip code: ".$zip. "\n"."\n". "Phone: ".$phone. "\n"."\n". "Fax: ".$fax. "\n"."\n". "Email: ".$email. "\n"; $headers = "From: publisher@specedpub.com"; $sent = mail ($to, $subject, $message, $headers); if($sent) { echo "<p>Thank you for subscribing to <em>Success in Seminole Magazine</em>.</p>"; } else { echo "We encountered an error sending your mail."; } } ?> I edited the html form so that the submit button reads: <input type="submit" name="submit" value="Submit" /> The way I understand it, if the form submits a value of "Submit" for $submit, the isset() returns TRUE and the following code executes. Otherwise, nothing happens. The only thing I think I know how to do to prevent abuse is use htmlentities(). Like this? $subscription = htmlentities($_POST['subscription']); Let me know if I'm on the right track. Quote Link to comment https://forums.phpfreaks.com/topic/121417-mail-function-sending-blank-emails/#findComment-626190 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.