Jump to content

PHP forum help desperately needed


Recommended Posts

Could any one take a look at my php forum script? The links are set correctly
I can get to my confimation site but i dont recieve the email after submiting it
I would greatly appreciate anyone givng me pointers

This first bit sets the email address that you want the form to be submitted to.
You will need to change this value to a valid email address that you can access.
$webmaster_email = "___________@gmail.com";

This bit sets the URLs of the supporting pages.
If you change the names of any of the pages, you will need to change the values here.
$feedback_page = "feedback_form.html";
$error_page = "error_message.html";
$thankyou_page = "thank_you.html";

This next bit loads the form field data into variables.
If you add a form field, you will need to add it here.
$email_address = $_POST['email_address'] ;
$full_name = $_POST['full_name'] ;
$phone_number = $_POST['phone_number'] ;
$comments = $_POST['comments'] ;
$fudge_brownie = $_POST['fudge_brownie'] ;
$italian_biscotti = $_POST['italian_biscotti'] ;
$chocolatechip_cookies = $_POST['chocolatechip_cookies'] ;
$oatmeal_cookie = $_POST['oatmeal_cookie'] ;
$french_bread = $_POST['french_bread'] ;
$kaiser_delirolls = $_POST['kaiser_delirolls'] ;
$hamburger_rolls = $_POST['hamburger_rolls'] ;
$sub_rolls = $_POST['sub_rolls'] ;
$slider_rolls = $_POST['slider_rolls'] ;
$snickerdoodle_cookies = $_POST['snickerdoodle_cookies'] ;
$sticky_buns = $_POST['sticky_buns'] ;
$woopie_pie = $_POST['woopie_pie'] ;
$coconut_macaroons = $_POST['coconut_macaroons'] ;
$special_comments = $_POST['special_comments'] ;

The following function checks for email injection.
Specifically, it checks for carriage returns - typically used by spammers to inject a CC list.
function isInjected($str) {
$injections = array('(\n+)',
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str)) {
return true;
else {
return false;

// If the user tries to access this script directly, redirect them to the feedback form,
if (!isset($_POST['email_address'])) {
header( "Location: $feedback_page" );

// If the form fields are empty, redirect to the error page.
elseif (empty($email_address) || empty($comments)) {
header( "Location: $error_page" );

// If email injection is detected, redirect to the error page.
elseif ( isInjected($email_address) ) {
header( "Location: $error_page" );

// If we passed all previous tests, send the email then redirect to the thank you page.
else {
mail( "$webmaster_email", "DessertsOnDemandOrder",
$special_comments, $coconut_macaroons, $woopie_pie, $sticky_buns, $snickerdoodle_cookies, $slider_rolls, $sub_rolls, $hamburger_rolls, $kaiser_delirolls, $french_bread, $oatmeal_cookie, $chocolatechip_cookies, $italian_biscotti, $fudge_brownie, $comments, $phone_number, $full_name, "From: $email_address" );
header( "Location: $thankyou_page" );


Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.