Jump to content

Email address not showing

JulianWill

By JulianWill
in PHP Coding Help

 Share

Recommended Posts

cyberRobot Prolific Member

cyberRobot

Posted
Posted

I think it depends on what editor you are using...

 

I write most of my code in Dreamweaver or notepad++ and both seem to keep formatting when I paste them here.

 

When I copy from Dreamweaver and paste to the forum, it keeps the formatting. But when I copy from the forum and paste into Dreamweaver, all the linebreaks disappear. I've also tried regular Notepad.

 

I haven't tried Notepad++ though...

Link to comment
Share on other sites
  • 6 years later...
JulianWill Member

JulianWill

Posted
  • Author
Posted

I appreciate this post is over 6 years old now however i have come up with the same issue again with the following script. It shows the mail as coming from the server address and not the users email address. I have tried adding $headers in lots of different locations but I still cannot get it to work. Any assistance would be greatly appreciated.

 

Heres the code:

<?php 
	
	// your email
$user_email = "**************.co.uk";

$headers = "From: " . strip_tags($_POST['cf-email']);
			

	$mail = array(
		"name" => htmlspecialchars($_POST['cf-name']),
		"email" => htmlspecialchars($_POST['cf-email']),
		"subject" => htmlspecialchars($_POST['cf-subject']),
		"message" => htmlspecialchars($_POST['cf-message']),
	
		
	);
	
	function validate($arr){

		return !empty($arr['name']) && strlen($arr['message']) > 20 && filter_var($arr['email'],FILTER_VALIDATE_EMAIL);

	}
		
	
	if(validate($mail)){

		echo mail($user_email, $mail['subject'],
			"Name : {$mail['name']}\n" 
			."E-mail : {$mail['email']}\n"
			."Message : {$mail['message']}"
				 
			
	   
		);
		
		

	}






?>
Link to comment
Share on other sites
JulianWill Member

JulianWill

Posted
  • Author
Posted

The mail is sending successfully however the server address is showing and not the senders email address (as before). I have been trying to figure it out for two days now  : . Hence my post here. 

 

I will keep trying, but it is driving me crazy  :o

Link to comment
Share on other sites
JulianWill Member

JulianWill

Posted
  • Author
Posted

Ha ha okay.

 

I am assuming that somewhere in this piece of code I need to put $headers:

	if(validate($mail)){

		echo mail($user_email, $mail['subject'],
			"Name : {$mail['name']}\n" 
			."E-mail : {$mail['email']}\n"
			."Message : {$mail['message']}"
				 
			
	   
		);

Would I be correct?

Link to comment
Share on other sites
Jacques1 Prolific Member

Jacques1

Posted
Posted

So you've dug out your thread after 6 years, but you cannot be bothered to read your own code in this exact thread?

 

Anyway, none of this matters, because the code is wrong on every single level. You have header injection vulnerabilities all over the place, you're forging the From header, you're using completely wrong functions. Why on earth would you try to strip HTML tags from an e-mail header? What is HTML-escaping supposed to do with a plaintext message? If any of this "worked" in the last 6 years, you have been very, very lucky -- or you just haven't noticed the problems.

 

Stop messing with low-level functions like mail() and at least try to understand what the code you're writing/copypasting actually does.

  • You need a high-level mail library like the already mentioned PhpMailer. Forget about trying to assemble the raw message yourself. It will fail and produce all kind of defects and security vulnerabilities.
  • The From address must be your address. You cannot just pretend that the mails you're sending from your server come from the user. Forged headers are a common spammer tactic, and many systems deliver those e-mails straight to the spam folder. Or even reject them altogether.
  • You need to apply the right functions to each specfic context. An e-mail header is not HTML. Plaintext is not HTML. Those are all entirely different contexts with entirely different syntax rules. Mail headers are handled by PhpMailer. Plaintext is plaintext -- there's nothing to escape.
Link to comment
Share on other sites
JulianWill Member

JulianWill

Posted
  • Author
Posted

Jacques

 

Thank you for your message. I would firstly like to apologise for not being as knowledgeable on the subject as you clearly are. I am trying to learn, and the help I was afforded on here six years ago was superb. Clearly things have changed. The code is not my code however it was the code that was provided to me within a very expensive template that I have purchased. 

 

I have now resolved the issue and the form is working fine. Sorry to have bothered you. 

Link to comment
Share on other sites
Jacques1 Prolific Member

Jacques1

Posted
Posted

“Knowledgeable on the subject”? What are you talking about?

 

Your job was to look at this line of your old code:

mail($your_email, $email_subject, $email_content, $headers)

and then figure out where the $headers go. That was – literally – the only thing you had to do.

 

This doesn't require PHP knowledge. You don't have to be a programmer. You probably don't even have to be able to read. This is pattern recognication at the most basic level. Trained monkeys do it. And you're saying you couldn't?

 

Anyway, if you paid money for the code, then you've been ripped off. The code is not only amateur-level at best, it's harmful. Demand a refund.

Link to comment
Share on other sites
Jacques1 Prolific Member

Jacques1

Posted
Posted (edited)

No. I think you're just very, very lazy.

 

And that's not the good kind of laziness which makes you look for smart solutions to avoid extra work. It's the laziness where you just shut down your brain and wait for somebody else to tell you what to do.

Edited by Jacques1
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.