samricheson Posted April 7, 2009 Share Posted April 7, 2009 <?php $message = ""; $message .= "Location of Aerial: " . htmlspecialchars($_POST['locationofaerial'], ENT_QUOTES) . "<br>\n"; $message .= "Phone: " . htmlspecialchars($_POST['phone'], ENT_QUOTES) . "<br>\n"; $message .= "Email: " . htmlspecialchars($_POST['email'], ENT_QUOTES) . "<br>\n"; $message .= "Name: " . htmlspecialchars($_POST['name'], ENT_QUOTES) . "<br>\n"; $lowmsg = strtolower($message); $injection_strings = array ( "content-type:","charset=","mime-version:","multipart/mixed","bcc:","cc:"); foreach($injection_strings as $suspect) { if((eregi($suspect, $lowmsg)) || (eregi($suspect, strtolower($_POST['name']))) || (eregi($suspect, strtolower($_POST['email'])))) { die ( 'Illegal Input. Go back and try again. Your message has not been sent.' ); } } $headers = "MIME-Version: 1.0\r\nContent-type: text/html; charset=iso-8859-1\r\n"; $headers .= "From: \"" . $_POST['name'] . "\" <" . $_POST['email'] . ">\r\n"; $headers .= "Reply-To: " . $_POST['email'] . "\r\n\r\n"; mail("karlfoto@comcast.net", "Aero-Foto web email", $message, $headers); header("Location: index.html"); ?> Quote Link to comment Share on other sites More sharing options...
Fruct0se Posted April 7, 2009 Share Posted April 7, 2009 Can you post the HTML containing your form Quote Link to comment Share on other sites More sharing options...
samricheson Posted April 7, 2009 Author Share Posted April 7, 2009 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="application/xhtml+xml; charset=UTF-8" /> <title>contact</title> <link rel="stylesheet" type="text/css" media="screen, print, projection" href="contact.css"></link> </head> <body> <div id="pid13contact"> <div id="layer6"></div> <div id="clouds"></div> <div id="logo"></div> <div id="id1contacttext"> <p>611 Curtis Avenue</p> <p>Wilmington, Delaware 19804</p> <p>(302) 995•1910</p> </div> <div id="id0contacttext"> <p>16830 Kings Highway</p> <p>Lewes, Delaware 19958</p> <p>(302) 645•1961</p> <br /> </div> <div id="layer4"></div> <div id="homebutton"><a href="home.html" title="home"></a></div> <div id="infotext" onmouseout="P2H_StartClock();" onmouseover="P2H_Menu('PMinfotext', 0, 0);"> <p>611 Curtis Avenue • Wilmington, DE 19804</p> <p>16830 Kings Highway • Lewes, DE 19958</p> <p>(302) 995-1910 • (302) 645-1961</p> <p>Fax (302) 999-1949</p> <p><a href="mailto:Karlfoto@comcast.net">Karlfoto@comcast.net</a></p> </div> <div id="servicesbutton"><a href="services.html" title="services"></a></div> <div id="commercialbutton"><a href="commercial.html" title="commercial"></a></div> <div id="residentialbutton"><a href="residential.html" title="residential"></a></div> <div id="id2contacttext"> <p>Contact Aero-Foto</p> </div> <div id="siteplansbutton"><a href="siteplans.html" title="site plans"></a></div> <div id="contactform"> <form action="contact_id0contact.php" method="post" id="frmcontactform" > <div> <fieldset> <div><label for="name">Name</label> <input type="text" name="name" id="name" size="23" /> </div> <div><label for="email">Email</label> <input type="text" name="email" id="email" size="23" /> </div> <div><label for="phone">Phone</label> <input type="text" name="phone" id="phone" size="23" /> </div> <div><label for="locationofaerial">Location of Aerial</label> <input type="text" name="locationofaerial" id="locationofaerial" size="23" /> </div> <div class="centerac"><input type="submit" name="sendtoaerofoto" id="sendtoaerofoto" value="send to aero-foto" /> </div> </fieldset> </div> </form> </div> <div id="stockphotosbutton"><a href="stockphotos.html" title="stock photos"></a></div> <div id="mail"></div> <div id="contactbutton"><a href="contact.html" title="contact"></a></div> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.