[SOLVED] PHP form help!!

[dminadeo]

I need some help figuring out why this form wont send to the replyemail address, which is the email the main form information is supposed to be sent to. thank you ahead of time... the webaddress for the completed form is this: www.pci-email.net/sanjosestairs.com/form.html

the form sends the confirmation email just fine, and i've tried multiple email addresses to send the main form to. PLEASE HELP!!

 

here's the php

 

<?php

// ------- three variables you MUST change below  -------------------------------------------------------
$replyemail="[email protected]"; //change to your email address
$valid_ref1="http://pci-email.net/sanjosestairs.com/form.html"; //chamge to your domain name
$valid_ref2="http://www.pci-email.net/sanjosestairs.com/form.html"; //chamge to your domain name

// -------- No changes required below here -------------------------------------------------------------
//
// email variable not set - load $valid_ref1 page
if (!isset($_POST['email']))
{
echo "<script language=\"JavaScript\"><!--\n ";
echo "top.location.href = \"$valid_ref1\"; \n// --></script>";
exit;
}
$ref_page=$_SERVER["HTTP_REFERER"];
$valid_referrer=0;
if($ref_page==$valid_ref1) $valid_referrer=1;
elseif($ref_page==$valid_ref2) $valid_referrer=1;
if((!$valid_referrer) OR ($_POST["block_spam_bots"]!=12))//you can change this but remember to change it in the contact form too
{
echo '<h2>ERROR - not sent.';

if (file_exists("debug.flag")) echo '<hr>"$valid_ref1" and "$valid_ref2" are incorrect within the file:<br>

                                      contact_process.php <br><br>On your system these should be set to: <blockquote>

								  $valid_ref1="'.str_replace("www.","",$ref_page).'"; <br>

								  $valid_ref2="'.$ref_page.'";

								  </blockquote></h2>Copy and paste the two lines above 

								  into the file: contact_process.php <br> (replacing the existing variables and settings)';
exit;
}

//check user input for possible header injection attempts!
function is_forbidden($str,$check_all_patterns = true)
{
$patterns[0] = 'content-type:';
$patterns[1] = 'mime-version';
$patterns[2] = 'multipart/mixed';
$patterns[3] = 'Content-Transfer-Encoding';
$patterns[4] = 'to:';
$patterns[5] = 'cc:';
$patterns[6] = 'bcc:';
$forbidden = 0;
for ($i=0; $i<count($patterns); $i++)
  {
   $forbidden = eregi($patterns[$i], strtolower($str));
   if ($forbidden) break;
  }
//check for line breaks if checking all patterns
if ($check_all_patterns AND !$forbidden) $forbidden = preg_match("/(%0a|%0d|\\n+|\\r+)/i", $str);
if ($forbidden)
{
  echo "<font color=red><center><h3>STOP! Message not sent.</font></h3><br><b>
        The text you entered is forbidden, it includes one or more of the following:
        <br><textarea rows=9 cols=25>";
  foreach ($patterns as $key => $value) echo $value."\n";
  echo "\\n\n\\r</textarea><br>Click back on your browser, remove the above characters and try again.
        </b>";
  exit();
}
}

foreach ($_REQUEST as $key => $value) //check all input 
{
if ($key == "order") is_forbidden($value, false); //check input except for line breaks
else is_forbidden($value);//check all
}

$name = $_POST["name"];
$email = $_POST["email"];
$company = $_POST["company"];
$address = $_POST["address"];
$city = $_POST["city"];
$zip = $_POST["zip"];
$phone = $_POST["phone"];
$fax = $_POST["fax"];
$order = $_POST["order"];

$success_sent_msg='<p align="center"><strong> </strong></p>
                   <p align="center"><strong>Your order has been successfully sent to us<br>
                   </strong> and we will reply as soon as possible.</p>
                   <p align="center">A copy of your query has been sent to you.</p>
                   <p align="center">Thank you for contacting us.</p>';

$replymessage = "Hi $name

Thank you for your email.

We will respond to reply to you shortly.

Please DO NOT reply to this email.

Below is a copy of the message you submitted:
--------------------------------------------------
Subject: San Jose Stairs Order Request
Query:
$order
--------------------------------------------------

Thank you";

$order = "name: $name \nQuery: $order";
mail("$replyemail",
     "San Jose Stairs Parts Request",
 "$name",
 "From: $email",
 "$company, $address, $city, $zip, $phone, $fax, $order");
mail("$email",
     "Receipt: San Jose Stairs Parts Request",
     "$replymessage",
     "From: $replyemail");
echo $success_sent_msg;

?>

 

[cags]

The 4the argument/parameter of the mail function is for headers, that is to say it should be a string that contains only valid e-mail headers. You have passing it a set of variables from the form.

 

mail("$replyemail",
     "San Jose Stairs Parts Request",
 "$name",
 "From: $email",
 "$company, $address, $city, $zip, $phone, $fax, $order");

 

Basically, by the looks of it you have got the 3rd and 4th arguments the wrong way around.

 

Edit: Ok, so it's late, I can't count. The last parameter you have their is the 5th, those values should assumably be part of the 3rd (ie where name is).

 

 

 

[dminadeo]

that still doesn't fix the problem of it not sending to the replyemail address.

 

any other suggestions?