Jump to content

Recommended Posts

Hi guys, basically can't see why this is not functioning. 

 

HTML:

  <section id="contact">
    <div id="contact-us" class="parallax">
      <div class="container">
        <div class="row">
          <div class="heading text-center col-sm-8 col-sm-offset-2 wow fadeInUp" data-wow-duration="1000ms" data-wow-delay="300ms">
            <h2>Contact Us</h2>
            <p>If you would like to attend one of our breakfast meetings please get in touch via the form below, facebook or simply send us an email</p>
          </div>
        </div>
        <div class="contact-form wow fadeIn" data-wow-duration="1000ms" data-wow-delay="600ms">
          <div class="row">
            <div class="col-sm-6">
              <form id="main-contact-form" name="contact-form" method="post" action="sendemail.php">
                <div class="row  wow fadeInUp" data-wow-duration="1000ms" data-wow-delay="300ms">
                  <div class="col-sm-6">
                    <div class="form-group">
                      <input type="text" name="name" class="form-control" placeholder="Name" required="required">
                    </div>
                  </div>
                  <div class="col-sm-6">
                    <div class="form-group">
                      <input type="email" name="email" class="form-control" placeholder="Email Address" required="required">
                    </div>
                  </div>
                </div>
                <div class="form-group">
                  <input type="text" name="subject" class="form-control" placeholder="Subject" required="required">
                </div>
                <div class="form-group">
                  <textarea name="message" id="message" class="form-control" rows="4" placeholder="Enter your message" required="required"></textarea>
                </div>                        
                <div class="form-group">
                  <button type="submit" class="btn-submit">Send Now</button>
                </div>
              </form>   
            </div>
            <div class="col-sm-6">
              <div class="contact-info wow fadeInUp" data-wow-duration="1000ms" data-wow-delay="300ms">
                <p>Sessions are limited therefore you will need to book in advance</p>
                <ul class="address">
                  <li><i class="fa fa-envelope"></i> <span> Email:</span><a href="mailto:hiddenforphpfreaksquery">hiddenforphpfreaksquery</a></li>
                  <li><i class="fa fa-globe"></i> <span> Facebook:</span> <a href="https://www.facebook.com/NewquayBusinessClub/">Newquay Business Club</a></li>
                </ul>
              </div>                            
            </div>
          </div>
        </div>
      </div>
    </div>        
  </section>

sendemail.php

<?php
$name       = @trim(stripslashes($_POST['name'])); 
$from       = @trim(stripslashes($_POST['email'])); 
$subject    = @trim(stripslashes($_POST['subject'])); 
$message    = @trim(stripslashes($_POST['message'])); 
$to   		= 'hiddenforphpfreaks';//replace with your email

$headers   = array();
$headers[] = "MIME-Version: 1.0";
$headers[] = "Content-type: text/plain; charset=iso-8859-1";
$headers[] = "From: {$name} <{$from}>";
$headers[] = "Reply-To: <{$from}>";
$headers[] = "Subject: {$subject}";
$headers[] = "X-Mailer: PHP/".phpversion();

mail($to, $subject, $message, $headers);

die;

Any help would be appreciated.

Is mail() returning true?  I assume you're receiving nothing at a relatively open test address?  What about the server ... can you access the mail logs?  Do you have SPF, DKIM set up properly?

There literally tons of potential issues with email, which is why it's often recommended to use a 3rd party solution (a la Swiftmailer, PHPMailer) for such things.

Edited by dalecosp
  • Like 2

You should be glad that your code doesn't work, because this is a collection of pretty much everything that can go wrong with mails.

 

You've essentially created an open mail relay where anybody can abuse your server to send arbitrary mails (read: spam and malware) to arbitrary people. All they have to do is manipulate the mail headers and inject somebody else's address. On top of that, you forge the From header (this must be the real sender, i. e. you), you expose your exact PHP version (why?), and you allow the user to assemble a full-blown HTML message with no content restriction of any kind.

 

Please, before you do anything on the Internet, you need to understand this is a hostile environment. Unprotected mail servers in particular are a popular target for criminals, and you don't want to be the one who has to explain to your hoster why they've ended up on a blacklist -- not to mention possible legal consequences.

 

Using a library like the already mentioned PHPMailer is the minimum. You also need to limit the abuse potential as much as possible. Don't give random users full control over the e-mails that will be sent from your server. Only allow specific information in specific places.

  • Like 1

Is mail() returning true?  I assume you're receiving nothing at a relatively open test address?  What about the server ... can you access the mail logs?  Do you have SPF, DKIM set up properly?

 

There literally tons of potential issues with email, which is why it's often recommended to use a 3rd party solution (a la Swiftmailer, PHPMailer) for such things.

 

You should be glad that your code doesn't work, because this is a collection of pretty much everything that can go wrong with mails.

 

You've essentially created an open mail relay where anybody can abuse your server to send arbitrary mails (read: spam and malware) to arbitrary people. All they have to do is manipulate the mail headers and inject somebody else's address. On top of that, you forge the From header (this must be the real sender, i. e. you), you expose your exact PHP version (why?), and you allow the user to assemble a full-blown HTML message with no content restriction of any kind.

 

Please, before you do anything on the Internet, you need to understand this is a hostile environment. Unprotected mail servers in particular are a popular target for criminals, and you don't want to be the one who has to explain to your hoster why they've ended up on a blacklist -- not to mention possible legal consequences.

 

Using a library like the already mentioned PHPMailer is the minimum. You also need to limit the abuse potential as much as possible. Don't give random users full control over the e-mails that will be sent from your server. Only allow specific information in specific places.

 

Thanks for the responses gents. I know this form does not function as it's a template and the comments have others looking for a fix. I will take your comments seriously and create a new version using php mailer. The stying looks very nice on the page though, I assume I would just need to keep the input types the same to satisfy the css. Sorry barely get time to design let alone code, trying to make design/developing my main job.

Edited by newtotheland
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.