math4975 Posted April 4, 2017 Share Posted April 4, 2017 Hi I got my html5 form build, with CSS, JS and HTML, but i am strugling with the PHP.... when i enter, name, subject and mail in the contact form and press submit, i do get a mail with the information. Problem is, when i press submit on contact page, it is opening a new empty page, that says ('response'=>'success'), no matter if the i get the mail or not, and no matter if the fields are filled in or not.here is my IF function: if(!$mail->Send()) { $arrResult = array ('response'=>'error'); } $arrResult = array ('response'=>'success'); echo json_encode($arrResult); } else { $arrResult = array ('response'=>'error'); echo json_encode($arrResult); } Link to comment Share on other sites More sharing options...
ginerjm Posted April 4, 2017 Share Posted April 4, 2017 You seem to be outputting that information. Why are you doing those echos instead of a more well-designed response to the client? You are going to have a response to the client in any case so you have to think about it. Link to comment Share on other sites More sharing options...
Jacques1 Posted April 4, 2017 Share Posted April 4, 2017 That small code snippet doesn't really tell us anything. An obvious problem is that you are always overwriting $arrResult with a success message, even if you've previously assigned an error message to it. However, there may be deeper issues, so I suggest you show the whole code or at least all relevant parts. Link to comment Share on other sites More sharing options...
math4975 Posted April 4, 2017 Author Share Posted April 4, 2017 <?php session_cache_limiter('nocache'); header('Expires: ' . gmdate('r', 0)); header('Content-type: application/json'); require 'php-mailer/class.phpmailer.php'; $to = 'mvschutt@gmail.com'; $subject = $_POST['subject']; if($to) { $name = $_POST['name']; $email = $_POST['email']; $fields = array( 0 => array( 'text' => 'Name', 'val' => $_POST['name'] ), 1 => array( 'text' => 'Email address', 'val' => $_POST['email'] ), 2 => array( 'text' => 'Message', 'val' => $_POST['message'] ) ); $message = ""; foreach($fields as $field) { $message .= $field['text'].": " . htmlspecialchars($field['val'], ENT_QUOTES) . "<br>\n"; } $mail = new PHPMailer; $mail->IsSMTP(); $mail->From = $email; $mail->FromName = $_POST['name']; $mail->AddAddress($to); $mail->AddReplyTo($email, $name); $mail->IsHTML(true); $mail->CharSet = 'UTF-8'; $mail->Subject = $subject; $mail->Body = $message; if(!$mail->Send()) { $arrResult = array ('response'=>'error'); } $arrResult = array ('response'=>'success'); echo json_encode($arrResult); } else { $arrResult = array ('response'=>'error'); echo json_encode($arrResult); } ?> Link to comment Share on other sites More sharing options...
math4975 Posted April 4, 2017 Author Share Posted April 4, 2017 i think it might be an error loading the jacascript? Link to comment Share on other sites More sharing options...
Jacques1 Posted April 4, 2017 Share Posted April 4, 2017 The reason for your problem I've already explained in my previous reply. Read the whole thing, not just the first sentence. Then your overall logic is flawed. You blindly assume that every request will be a POST request with all required data. But that obviously won't always be true. You need to check the request method and validate the parameters. Never trust the user. <?php header('Content-Type: application/json'); // Did we even receive a POST request? if ($_SERVER['REQUEST_METHOD'] == 'POST') { // collect all errors like missing parameters, invalid input etc. $errors = []; // Does the request contain no subject or an empty subject? if (!isset($_POST['subject']) || trim($_POST['subject']) == '') { $errors[] = 'Missing parameter: subject.'; } // TODO: validate the other parameters if (!$errors) { // TODO: send e-mail } else { // show the errors http_response_code(400); echo json_encode([ 'response' => 'error', 'info' => $errors, ]); } } else { // show an error http_response_code(400); echo json_encode([ 'response' => 'error', 'info' => ['Invalid request: expected POST method.'], ]); } Note that you must not forge the From header. When you send the e-mail from your server and claim it's coming from the user's account, this can be classified as spam. Use your address in the From header and the user's address in Reply-To. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.