Having a problem in my php form

usvpn · July 4, 2010

Hi,

I have created a form which collects data from my html form and sends to my email address.

Everything is alright but if a user puts a ' or " in his message my php form will append a slash / to it and will send to me!

here is my code:

anyone knows why this happens?

<?

// Create Message Text

foreach($_POST as $key => $value) {

if(!in_array($key, array("Submit"))) {

$message .= "$key : = $value \n";

}

$valid = $img->check($_POST['Captcha']);

mail("[email protected]", "zyx", $message, "From:" . $HTTP_POST_VARS['TransferorEmail']);

header("location:http://www.domain.com/ok.html");

---

Someone told me my server has escape strings turned on in the $_POST method so I need to use html_entities on the message before I send it or use stripslashes.

But I am new to php, can you please tell me how should I use html_entities or stripslashes on my form? I don't know which one to use and how. Please help me!

kenrbnsn · July 4, 2010

Your server has magic quotes turned on, so you have to use the function stripslashes on the data before you send it in email:

<?php
// Create Message Text
foreach($_POST as $key => $value) {
   if ($key != 'Submit')  {
        $message .= "$key : = " . stripslashes($value) . "\n";
   }
}
$valid = $img->check($_POST['Captcha']);
mail("[email protected]", "zyx", $message, "From:" . $_POST['TransferorEmail']);
header("location:http://www.domain.com/ok.html");
?>

Ken

usvpn · July 4, 2010

Thank you kenrbnsn

Sign In

Having a problem in my php form

Recommended Posts

usvpn

Link to comment

Share on other sites

kenrbnsn

Link to comment

Share on other sites

usvpn

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information