Jump to content

mail() function keeps outputting the message parameter as html

j.smith1981

By j.smith1981
in PHP Coding Help

 Share

Recommended Posts

j.smith1981 Regular Member

j.smith1981

Posted
Posted

I am having problems with this mail function implementation here:

 

$subject = "blog.mydomain.com Account Verification Required";
$message = "Hello testing this script for now from";
$headers = "From: no-reply@mydomain.com\r\n".
                   "Reply-To: no-reply@mydomain.com\r\n".
	   "mydomain.com Mail Service";

// send off email for verification of email address:
mail($email, $subject, $message, $headers);

 

I just don't get why its outputting the test message in the browser window, any ideas?

Link to comment
Share on other sites
j.smith1981 Regular Member

j.smith1981

Posted
  • Author
Posted

No there's quite a bit more, I just thought it might be something I've done in there, here's the full script:

 

<?php
require_once 'init.php';

require_once 'header.html';

if(array_key_exists('action', $_GET)){

  switch ($_GET['action']) {
  
  case 'register':
          
    require_once 'inc.database.php';
          
    if(array_key_exists('register', $_POST)) {
    
  foreach($_POST as $v) {
        trim($v);
      }
          
      if(strlen($_POST['username']) === 0 ||
        strlen($_POST['email']) === 0 ||
        strlen($_POST['password']) === 0 ||
        strlen($_POST['password2']) === 0) {
                  
        $error = 'You missed out some required fields, please try again';
                  
      } else {
                   
        // now make true vars out of them:
        $username = mysql_real_escape_string($_POST['username']);
        $email = mysql_real_escape_string($_POST['email']);
        $password = mysql_real_escape_string(sha1($_POST['password']));
        $password2 = mysql_real_escape_string(sha1($_POST['password2']));
        $salt = md5($username.date('U'));
                   
        // make up the remaining variables:
        $host_ip = $_SERVER['REMOTE_ADDR'];
        
	//creates the unix time stamp (entirely based on BST if its applicable! 
        if(date('I') === '1'){ // if you check date('I') in the php manual, this outputs if you put echo infront of it 1 or 0 (bool value). 1 = BST = 1 kind of!
          $time = date('U') + 3600; // plus 1 hour if BST holds true!
        } else {
          $time = date('U');
        }
                   
        // process the registration further:
        // firstly by validating the username against a set criteria using regex's:
                   
        if(preg_match('/^[A-Za-z](?=[A-Za-z0-9_.]{4,31}$)[a-zA-Z0-9_]*\.?[a-zA-Z0-9_]*$/', $_POST['username'])) { // i want a non regex function to do this!
        // if(preg_match('/^[A-Za-z](?=[A-Za-z0-9_.]$)[a-zA-Z0-9_]*\.?[a-zA-Z0-9_]*$/', $_POST['username'])) {
                   
          if(strlen($_POST['username']) < 5) {
            $error = 'The username must be 5 characters or longer';
          
	  } else {
            // if the username is of alphanumeric chars of _. and a-z (uppercase allowed too), 0-9 then:
            $sql = "SELECT username
                    FROM blog_users
                    WHERE username = '$username'";
                                         
            $result = mysql_query($sql);
                         
            if(mysql_num_rows($result) > 0) {
                           
              $error = 'Username is already taken, please try another';
		  
            } else {
                           
            $sql = "SELECT email
                    FROM blog_users
                    WHERE email = '$email'";
                                 
            $result = mysql_query($sql);
                                 
            if(mysql_num_rows($result) > 0) {
                                   
              $error = 'The email address you entered is already taken, please try a different email address';
                                   
            } else {
                           
              // now check the email address is a valid and then if the domain actually exists!
              if(filter_var($email, FILTER_VALIDATE_EMAIL)) {
                
			// now check if the domain exists:
                $split_email = split('@', $email);
			$host = $split_email[1];

			// now use the dns checker function in php:
                if(checkdnsrr($host, 'ANY')) {
                
			  if(strlen($password) >= 5) {
                    
				if($password2 === $password) {
				  
				  // now process login with mysql database:
                      $sql = "INSERT INTO blog_users (user_id, user_type, username, password, email, user_ip, register_date, last_logged_in, salt, active) VALUES (NULL, 'U', '$username', '$password', '$email', '$host_ip', $time, $time, '$salt', '0');";
                      
				  $result = mysql_query($sql);
                      
				  if($result) {
				    
					$subject = "blog.jeremysmith.me.uk Account Verification Required";
					$message = "Hello testing this script for now from";
					$headers = "From: no-reply@jeremysmith.me.uk\r\n".
					           "Reply-To: no-reply@jeremysmith.me.uk\r\n".
							   "hsmedia.co.uk Mail Service";

					// send off email for verification of email address:
					mail($email, $subject, $message, $headers);

                      } else {
				    
					$error = 'An unexpected error occured, please try again later';

                      }
                                                 
                    } else {
                      
				  $error = 'The password you entered does not match, please try again';
				  
                    }
                                           
                  } else {
                  
                    $error = 'Your password is too short, must be a minimum of 5 characters long and it can contain any value you want';
                  
			  }
                                         
                } else {

                  $error = 'Email domain does not exist, please try again';
			  
                }
                                   
                } else {
                                   
                  $error = 'The email address you entered was not valid, please try again';
                                   
                }                         
              }
            }
          }
        
	} else {
          $error = 'You entered some illegal characters in your username please try again!';
        }
      }
                 
    } else {
      $message = 'Please use the form below to register on this site:';
    }
      
  break;
          
  case 'login':
  
    $message = 'Please use the form below to login to this site:';
    // $error = '';
  break;
        
  default:
// if no other actions are present send user back like below:
    header('location: index.php?error=1');
    break;
  }
  
?>

  <form id="<?=$_GET['action'];?>" name="<?=$_GET['action'];?>" method="post" action="<?=$_SERVER['PHP_SELF'];?>?action=<?=$_GET['action'
];?>">
  
    <p><?=(isset($message)) ? $message : '';?></p>
        
        <table>
          <tr>
            <td><label for="username">Username: </label></td>
                <td><input type="text" id="username" name="username" maxlength="25" size="27" value="" /><?=($_GET['action']==='register') ? '*':'';?></td>
          </tr>
            
          <?php
            // if register then show email:
                if(isset($_GET['action']) && $_GET['action'] === 'register') {
           ?>
           <tr>
             <td><label for="email">Email: </label></td>
                 <td><input type="text" id="email" name="email"  size="27" value="" /><?=($_GET['action']==='register') ? '*':'';?></td>
           </tr>
      <?php
           }
          ?>
          <tr>
            <td><label for="password">Password: </label></td>
                <td><input type="password" id="password" name="password" size="27" value="" /><?=($_GET['action']==='register') ? '*':'';?></td>
          </tr>
          
          <?php
            // if register then show email:
                if(isset($_GET['action']) && $_GET['action'] === 'register') {
           ?>
           <tr>
             <td><label for="password2">Confirm: </label></td>
                 <td><input type="password" id="password2" name="password2" maxlength="25" size="27" value="" /></td>
           </tr>
      <?php
           }
          ?>
          <tr>
            <td colspan="2">
                  <input type="submit" id="<?=$_GET['action'];?>" name="<?=$_GET['action'];?>" value="<?=ucfirst($_GET['action']);?>" />
        </td>
          </tr>
        </table>
        <p><?=(isset($error)) ? $error : '';?></p>
  </form>

<?php
require_once 'footer.html';
} else {
  header('location: index.php?error=1');
}

 

Any help's appreciated again,

Jez.

Link to comment
Share on other sites
kenrbnsn Regular Member

kenrbnsn

Posted
Posted

You're echoing the $message with this line:

<p><?=(isset($message)) ? $message : '';?></p>

 

BTW, you really shouldn't use short tags like "<?" instead of "<?php " and "<?=" instead of "<?php echo ".

 

Ken

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.