Jump to content

Recommended Posts

Hello all,

 

 I just took over a website for a client and don't have much experience in PHP coding to begin with, but I am trying to figure out why emails are not being sent to external email addresses on a submission form page. Quite frankly, I'm not entirely sure what I am doing. It feels like I've looked everywhere and tried everything but no such luck.

 

The page is set up so that there is a login page for sales reps to log in and send order forms. Once logged in, their email is already automatically written out based on what we have in our sQL database. When they submit the form, we do receive the email perfectly, and everything works. The problem is that they are unable to get a confirmation email back that their order has sent (even though a page will come up on the website saying the order has sent). The only time they do get an email back is if their address is under our domain (e.g. john@ourdomain.com) 

 

I looked at the SPF records, and it's as it should be. I looked at the log files when the submission email is from a gmail account, and the log claims that the email has been received. But it is not in the inbox or spam folder (also tried whitelisting the "from" email address). I even talked with GoDaddy support, and they said everything was working properly on their end and it might be something wrong with the PHP code.

 

So. Here's the code. I apologize if any of this is confusing, I'm still new to the world of coding and this code was thrust into my hands. 

 

<?php
 
session_start();
 
if (!isset($_SESSION['username'])) {
    header("Location: login.php");
    die();
}
 
$user = $_SESSION['username'];
 
$db = new mysqli('localhost', 'ourdomain_user', 'cJW2qpzjHy6eRqzn', 'ourdomain');
$query = "UPDATE users SET email='".$_POST['email']."', rep='".$_POST['rep']."', ponum='".$_POST['po_no']
    ."' WHERE username='".$user."'";
$result = $db->query($query);
 
$cbcTotal = 0;
$workTotal = 0;
 
$cbcTotal += $ext['dpcbc9'] = number_format($_POST['dpcbc9'] * 49.98, 2);
 
$subject = 'Order Form';
$message = '<h1>Order Form Submitted</h1>
 
<table>
  <tr>
    <td>Email</td><td>'.$_POST['email'].'</td>
  </tr>
  <tr>
    <td>Date</td><td>'.$_POST['date'].'</td>
  </tr>
  <tr>
    <td>Rep</td><td>'.$_POST['rep'].'</td>
  </tr>
  <tr>
    <td>PO#</td><td>'.$_POST['po_no'].'</td>
  </tr>
</table>
 
<table>
    <tr>
        <td>
            <h2>Billing Information</h2>
 
            <table>
              <tr>
                <td>Contact</td><td>'.$_POST['contact'].'</td>
              </tr>
              <tr>
                <td>Company</td><td>'.$_POST['company'].'</td>
              </tr>
              <tr>
                <td>Address</td><td>'.$_POST['address'].'</td>
              </tr>
              <tr>
                <td>City</td><td>'.$_POST['city'].'</td>
              </tr>
              <tr>
                <td>State</td><td>'.$_POST['state'].'</td>
              </tr>
              <tr>
                <td>Zip</td><td>'.$_POST['zip'].'</td>
              </tr>
              <tr>
                <td>Phone</td><td>'.$_POST['phone'].'</td>
              </tr>
              <tr>
                <td>Fax</td><td>'.$_POST['fax'].'</td>
              </tr>
            </table>
        </td>
        <td>';
 
if ($cbcTotal + $workTotal > 0) {
  $message .= '<h2>Selected Products</h2>
 
  <table>
    <tr>
      <th>Model</th>
      <th>Qty</th>
      <th>Cost</th>
      <th>Ext</th>
    </tr>';
  if ($ext['dpcbc9'] > 0) {
    $message .= '<tr>
      <td>DPCBC9</td>
      <td>'.$_POST['dpcbc9'].'</td>
      <td>$49.98</td>
      <td>$'.$ext['dpcbc9'].'</td>
    </tr>';
  }
  if ($ext['dpcbc10'] > 0) {
    $message .= '<tr>
      <td>DPCBC10</td>
      <td>'.$_POST['dpcbc10'].'</td>
      <td>$49.98</td>
      <td>$'.$ext['dpcbc10'].'</td>
    </tr>';
  }
  if ($ext['dpcbc13'] > 0) {
    $message .= '<tr>
      <td>DPCBC13</td>
      <td>'.$_POST['dpcbc13'].'</td>
      <td>$49.98</td>
      <td>$'.$ext['dpcbc13'].'</td>
    </tr>';
  }
  if ($ext['dpcgc8'] > 0) {
    $message .= '<tr>
      <td>DPCGC8</td>
      <td>'.$_POST['dpcgc8'].'</td>
      <td>$48.90</td>
      <td>$'.$ext['dpcgc8'].'</td>
    </tr>';
  }
  if ($ext['dpcgc9'] > 0) {
    $message .= '<tr>
      <td>DPCGC9</td>
      <td>'.$_POST['dpcgc9'].'</td>
      <td>$48.90</td>
      <td>$'.$ext['dpcgc9'].'</td>
    </tr>';
}
 
$headers = "From: \"Marketing\" <info@ourdomain.com> \r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
 
  if ($message != '') {
  mail($_POST['email'], $subject, $message, $headers, '-finfo@ourdomain.com');
  mail('info@ourdomain.com', $subject, $message, $headers);
  if ($_POST['email']) {
      mail($_POST['email'], $subject, $message, $headers, '-finfo@ourdomain.com');
  }
}
 
?>
<!doctype html>
<html>
<head>
  <link href="css/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
  <div class="wrapper">
    <h1>Thank You!</h1>
    <p>We've received your order and will be in touch shortly.</p>
    <p><a href="index.php">Place another order</a></p>
  </div>
</body>
</html>


 

My only last hope is that other email servers are interpreting this as spam and are completely rejecting the emails so they don't even show up in spam folders. Is it possible there is something to add to the code to make them accept the outgoing email? (Another peculiar fact: from the webmail site, I can send and forward emails using this domain to any email address, internal or external. It's just this page that won't work.)

 

Thanks so much for taking the time to read all of this, I really hope there is an easy solution that I am missing. 

 

Regards,

Robert

Link to comment
https://forums.phpfreaks.com/topic/302669-email-not-sending-to-external-addresses/
Share on other sites

You have a bigger problem. That code is vulnerable to an Sql Injection Attack. You NEVER EVER send user supplied data directly to the database. You need to use prepared queries. You are also better off using PDO instead of Mysqli.

 

https://phpdelusions.net/pdo

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.