wdcockrell89 Posted July 28, 2012 Share Posted July 28, 2012 hi i am in a bit of a time crunch developing this basic web page for my mother. i am new to php (like hours new) but feel like i shouldnt be having this problem. what i want the page to do is this: take the information that the visitor entered into a form and email it to me upon pressing the "submit" button. where the problem is is here: when you hit submit, the browser takes me to a page that chrome warns me has had malware detected on it. something like verygoods-2014.ru, which i have never seen before nor can i find it anywhere in my coding. also, the email does not send. i feel like the php coding should be fine, as i have tested several pre-written form referencing mail() scripts as well as using the most basic mail() script possible, all with the same result. i have also wondered where the email that is supposed to be sent comes from. will it just be a "noreply" email sent by the website the script is run on? do i need to set up a server or email that can be accessed by my php script? i feel like this may be part of my problem. any help constructing a script or tips on building a php script for this would be greatly appreciated. below is the form that i am trying to gather information with. as i said earlier i have tried many mail() scripts of varying complexity, all to no avail, so i will not include one here. the email i want the information to be sent to is [email protected] <form name="contactform" method="post" action="send_contact_info.php"> <table width="450px"> <tr> <td valign="top"> <label for="name">Name *</label> </td> <td valign="top"> <input type="text" name="name" maxlength="50" size="30"> </td> </tr> <tr> <td valign="top""> <label for="Practice_Name">Practice Name *</label> </td> <td valign="top"> <input type="text" name="Practice_Name" maxlength="50" size="30"> </td> </tr> <tr> <td valign="top"> <label for="Email">Email Address *</label> </td> <td valign="top"> <input type="text" name="Email" maxlength="80" size="30"> </td> </tr> <tr> <td valign="top"> <label for="Mailing_address">Mailing address</label> </td> <td valign="top"> <input type="text" name="Mailing_address" maxlength="30" size="30"> </td> </tr> <tr> <td colspan="2" style="text-align:center"> <input type="submit" value="Submit"> </tr> </table> </form> <p> </p> <p> </p> <!-- end .content --></div> <!-- end .container --></div> </body> </html> i dont know how you guys do things here, but i realize my own ignorance and if you feel the need to berate me for it, i'm sure it is deserved. but help is more appreciated Link to comment https://forums.phpfreaks.com/topic/266370-mail-issues/ Share on other sites More sharing options...
NomadicJosh Posted July 28, 2012 Share Posted July 28, 2012 Can you post the contents of send_contact_info.php? Link to comment https://forums.phpfreaks.com/topic/266370-mail-issues/#findComment-1365025 Share on other sites More sharing options...
wdcockrell89 Posted July 28, 2012 Author Share Posted July 28, 2012 send_contact_info.php has been changed many times. it has been as simple as: <?php mail("[email protected]", "test", "test body"); ?> and has changed to: <?php if(isset($_POST['email'])) { $email_to = "[email protected]"; $email_subject = "Pinnacle contact info"; function died($error) { echo "We are very sorry, but there were error(s) found with the form you submitted. "; echo "These errors appear below.<br /><br />"; echo $error."<br /><br />"; echo "Please go back and fix these errors.<br /><br />"; die(); } if(!isset($_POST['name']) || !isset($_POST['Practice_Name']) || !isset($_POST['Email']) || !isset($_POST['Mailing_address'])) { died('We are sorry, but there appears to be a problem with the form you submitted.'); } $name = $_POST['name']; $Practice_Name = $_POST['Practice_Name']; $email_from = $_POST['Email']; $Mailing_address = $_POST['Mailing_address']; $error_message = ""; $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/'; if(!preg_match($email_exp,$email_from)) { $error_message .= 'The Email Address you entered does not appear to be valid.<br />'; } $string_exp = "/^[A-Za-z .'-]+$/"; if(!preg_match($string_exp,$name)) { $error_message .= 'The Name you entered does not appear to be valid.<br />'; } if(!preg_match($string_exp,$Practice_Name)) { $error_message .= 'The Practice Name you entered does not appear to be valid.<br />'; } if(strlen($error_message) > 0) { died($error_message); } $email_message = "Form details below.\n\n"; function clean_string($string) { $bad = array("content-type","bcc:","to:","cc:","href"); return str_replace($bad,"",$string); } $email_message .= "Name: ".clean_string($name)."\n"; $email_message .= "Practice Name: ".clean_string($Practice_Name)."\n"; $email_message .= "Email: ".clean_string($email_from)."\n"; $email_message .= "Mailing Address: ".clean_string($Mailing_address)."\n"; $headers = 'From: '.$email_from."\r\n". 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); @mail($email_to, $email_subject, $email_message, $headers); ?> <www.pinnacleeducationservices.com> Thank you for contacting us. We will be in touch with you very soon. <?php } ?> perhaps it should be said that i did not write this code but edited it to reference the form more correctly. it is entirely possible my editing was the root of my problem, but i do not see why it redirects me to verygoods-2014.ru Link to comment https://forums.phpfreaks.com/topic/266370-mail-issues/#findComment-1365027 Share on other sites More sharing options...
NomadicJosh Posted July 28, 2012 Share Posted July 28, 2012 send_contact_info.php has been changed many times. it has been as simple as: <?php mail("[email protected]", "test", "test body"); ?> and has changed to: <?php if(isset($_POST['email'])) { $email_to = "[email protected]"; $email_subject = "Pinnacle contact info"; function died($error) { echo "We are very sorry, but there were error(s) found with the form you submitted. "; echo "These errors appear below.<br /><br />"; echo $error."<br /><br />"; echo "Please go back and fix these errors.<br /><br />"; die(); } if(!isset($_POST['name']) || !isset($_POST['Practice_Name']) || !isset($_POST['Email']) || !isset($_POST['Mailing_address'])) { died('We are sorry, but there appears to be a problem with the form you submitted.'); } $name = $_POST['name']; $Practice_Name = $_POST['Practice_Name']; $email_from = $_POST['Email']; $Mailing_address = $_POST['Mailing_address']; $error_message = ""; $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/'; if(!preg_match($email_exp,$email_from)) { $error_message .= 'The Email Address you entered does not appear to be valid.<br />'; } $string_exp = "/^[A-Za-z .'-]+$/"; if(!preg_match($string_exp,$name)) { $error_message .= 'The Name you entered does not appear to be valid.<br />'; } if(!preg_match($string_exp,$Practice_Name)) { $error_message .= 'The Practice Name you entered does not appear to be valid.<br />'; } if(strlen($error_message) > 0) { died($error_message); } $email_message = "Form details below.\n\n"; function clean_string($string) { $bad = array("content-type","bcc:","to:","cc:","href"); return str_replace($bad,"",$string); } $email_message .= "Name: ".clean_string($name)."\n"; $email_message .= "Practice Name: ".clean_string($Practice_Name)."\n"; $email_message .= "Email: ".clean_string($email_from)."\n"; $email_message .= "Mailing Address: ".clean_string($Mailing_address)."\n"; $headers = 'From: '.$email_from."\r\n". 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); @mail($email_to, $email_subject, $email_message, $headers); ?> <www.pinnacleeducationservices.com> Thank you for contacting us. We will be in touch with you very soon. <?php } ?> perhaps it should be said that i did not write this code but edited it to reference the form more correctly. it is entirely possible my editing was the root of my problem, but i do not see why it redirects me to verygoods-2014.ru First, I would change your first line to: if(isset($_POST['submit'])) { 2nd, you should take your died function out of your submit statement. And 3rd, update the bottom of your form to include the name attribute: <input type="submit" name="submit" value="Submit"> Link to comment https://forums.phpfreaks.com/topic/266370-mail-issues/#findComment-1365028 Share on other sites More sharing options...
wdcockrell89 Posted July 28, 2012 Author Share Posted July 28, 2012 i changed the first line as you suggested as well as the last line of the form. i see "died" show up a few times throughout the script. where should it be removed? (sorry, like i said, i am quite new to this). <form name="contactform" method="post" action="send.php"> <table width="450px"> <tr> <td valign="top"> <label for="name">Name *</label> </td> <td valign="top"> <input type="text" name="name" maxlength="50" size="30"> </td> </tr> <tr> <td valign="top""> <label for="Practice_Name">Practice Name *</label> </td> <td valign="top"> <input type="text" name="Practice_Name" maxlength="50" size="30"> </td> </tr> <tr> <td valign="top"> <label for="Email">Email Address *</label> </td> <td valign="top"> <input type="text" name="Email" maxlength="80" size="30"> </td> </tr> <tr> <td valign="top"> <label for="Mailing_address">Mailing address</label> </td> <td valign="top"> <input type="text" name="Mailing_address" maxlength="30" size="30"> </td> </tr> <tr> <td colspan="2" style="text-align:center"> <input type="submit" name="submit" value="Submit"> </tr> </table> </form> <?php if(isset($_POST['submit'])) { $email_to = "[email protected]"; $email_subject = "Pinnacle contact info"; function died($error) { echo "We are very sorry, but there were error(s) found with the form you submitted. "; echo "These errors appear below.<br /><br />"; echo $error."<br /><br />"; echo "Please go back and fix these errors.<br /><br />"; die(); } if(!isset($_POST['name']) || !isset($_POST['Practice_Name']) || !isset($_POST['Email']) || !isset($_POST['Mailing_address'])) { died('We are sorry, but there appears to be a problem with the form you submitted.'); } $name = $_POST['name']; $Practice_Name = $_POST['Practice_Name']; $email_from = $_POST['Email']; $Mailing_address = $_POST['Mailing_address']; $error_message = ""; $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/'; if(!preg_match($email_exp,$email_from)) { $error_message .= 'The Email Address you entered does not appear to be valid.<br />'; } $string_exp = "/^[A-Za-z .'-]+$/"; if(!preg_match($string_exp,$name)) { $error_message .= 'The Name you entered does not appear to be valid.<br />'; } if(!preg_match($string_exp,$Practice_Name)) { $error_message .= 'The Practice Name you entered does not appear to be valid.<br />'; } if(strlen($error_message) > 0) { died($error_message); } $email_message = "Form details below.\n\n"; function clean_string($string) { $bad = array("content-type","bcc:","to:","cc:","href"); return str_replace($bad,"",$string); } $email_message .= "Name: ".clean_string($name)."\n"; $email_message .= "Practice Name: ".clean_string($Practice_Name)."\n"; $email_message .= "Email: ".clean_string($email_from)."\n"; $email_message .= "Mailing Address: ".clean_string($Mailing_address)."\n"; $headers = 'From: '.$email_from."\r\n". 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); @mail($email_to, $email_subject, $email_message, $headers); ?> <www.pinnacleeducationservices.com> Thank you for contacting us. We will be in touch with you very soon. <?php } ?> again i really appreciate your help Link to comment https://forums.phpfreaks.com/topic/266370-mail-issues/#findComment-1365033 Share on other sites More sharing options...
NomadicJosh Posted July 28, 2012 Share Posted July 28, 2012 You can place it above this line: if(isset($_POST['submit'])) { Link to comment https://forums.phpfreaks.com/topic/266370-mail-issues/#findComment-1365034 Share on other sites More sharing options...
wdcockrell89 Posted July 28, 2012 Author Share Posted July 28, 2012 ok i have done that but now i am still getting the same error. no email is sent and upon clicking "submit" i am still redirected to http://verygoods-2014.ru/in.cgi?11&ur=1&HTTP_REFERER=statistic.com which i have never seen before in my life... how could this be happening and why? the page/form we are working on is http://pinnacleeducationservices.com/PinnacleCR.html Link to comment https://forums.phpfreaks.com/topic/266370-mail-issues/#findComment-1365036 Share on other sites More sharing options...
NomadicJosh Posted July 28, 2012 Share Posted July 28, 2012 Double check your send.php file to make sure there is nothing weird going on. Link to comment https://forums.phpfreaks.com/topic/266370-mail-issues/#findComment-1365037 Share on other sites More sharing options...
downah Posted July 28, 2012 Share Posted July 28, 2012 I am getting the same malware warning on your web page, why is it redirecting to verygoods-2014.ru ?? if your files really have nothing to do with that then u might want to call up your host and check your server Link to comment https://forums.phpfreaks.com/topic/266370-mail-issues/#findComment-1365046 Share on other sites More sharing options...
Christian F. Posted July 28, 2012 Share Posted July 28, 2012 Here's what I got when I tried to visit the URL manually: URL: http://pinnacleeducationservices.com/send_contact_info.php Method: GET Status: 302 Found Request GET /send_contact_info.php HTTP/1.1 User-Agent: Opera/9.80 (X11; Linux x86_64; U; en-GB) Presto/2.10.289 Version/12.00 Host: pinnacleeducationservices.com Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: en-GB,en;q=0.9,nb;q=0.8,no;q=0.7 Accept-Encoding: gzip, deflate Connection: Keep-Alive Response HTTP/1.1 302 Found Date: Sat, 28 Jul 2012 22:47:16 GMT Server: Apache Location: http://verygoods-2014.ru/in.cgi?11&ur=1&HTTP_REFERER=statistic.com Content-Length: 337 Keep-Alive: timeout=10, max=30 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="http://verygoods-2014.ru/in.cgi?11&ur=1&HTTP_REFERER=statistic.com">here</a>.</p> <hr> <address>Apache Server at pinnacleeducationservices.com Port 80</address> </body></html> I suspect an .htaccess (or something similar) lying hidden in that folder, or a parent folder. Either targeting that file in particular, or php files in general. Might even be that your web server have been compromised, mind you. Link to comment https://forums.phpfreaks.com/topic/266370-mail-issues/#findComment-1365140 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.