taralee Posted April 8, 2019 Share Posted April 8, 2019 I am brand new at php coding so I am struggling to understand why my php code is not working in my website. I would like my html form to send me data to my email. Whatever I try, it just will not work. I have ftp'ed it to my website and I checked with my web host, they do support php. Anyone who can help out a newbie, please? This is my very simple form to capture email addresses of new clients: <form action="send_mail.php" method="post"> <input name="Email" placeholder="Enter your email..." required="" type="email"> <button class="btn1 btn"><span class="fa fa-paper-plane-o" aria-hidden="true"></span></button> </form> This is the php coding I have placed in a document called send_mail.php: <?php /* This first bit sets the email address that you want the form to be submitted to.You will need to change this value to a valid email address that you can access.*/$webmaster_email = "hollandertaralee@gmail.com";/*This bit sets the URLs of the supporting pages.If you change the names of any of the pages, you will need to change the values here. */$feedback_page = "feedback_form.html";$error_page = "error_message.html";$thankyou_page = "thank_you.html";/*This next bit loads the form field data into variables.If you add a form field, you will need to add it here. */$email_address = $_REQUEST['email_address'] ; "Email: " . $email_address . "\r\n" . ; /*The following function checks for email injection.Specifically, it checks for carriage returns - typically used by spammers to inject a CC list.*/function isInjected($str) { $injections = array('(\n+)', '(\r+)', '(\t+)', '(%0A+)', '(%0D+)', '(%08+)', '(%09+)' ); $inject = join('|', $injections); $inject = "/$inject/i"; if(preg_match($inject,$str)) { return true; } else { return false; }} // If the user tries to access this script directly, redirect them to the feedback form,if (!isset($_REQUEST['email_address'])) {header( "Location: $feedback_page" );}// If the form fields are empty, redirect to the error page.elseif (empty($first_name) || empty($email_address)) {header( "Location: $error_page" ); }/* If email injection is detected, redirect to the error page.If you add a form field, you should add it here.*/elseif ( isInjected($email_address) || isInjected($first_name) || isInjected($comments) ) {header( "Location: $error_page" ); }// If we passed all previous tests, send the email then redirect to the thank you page.else { mail( "$webmaster_email", "Feedback Form Results", $msg ); header( "Location: $thankyou_page" ); }?> Quote Link to comment Share on other sites More sharing options...
gw1500se Posted April 8, 2019 Share Posted April 8, 2019 Your code it nearly impossible to read. Please edit it and use the code tag (<>) and choose the proper code type (PHP). The first thing I notice is that you should be using $_POST rather than $_REQUEST. The second thing I see is you are not using PHPMailer with is infinitely easier than 'mail'. Quote Link to comment Share on other sites More sharing options...
taralee Posted April 8, 2019 Author Share Posted April 8, 2019 Thank you for your reply. My apologies for the untidy nature of the code, as I said, I am brand new at php coding and therefore don't really understand the natural flow of the code yet. I will have a look at the suggestions you have made. Thanks again. Quote Link to comment Share on other sites More sharing options...
maxxd Posted April 8, 2019 Share Posted April 8, 2019 gw1500se means in your original post here, not the code itself. Notice the button that looks like '<>' in the editor toolbar - that formats code. The code you posted isn't readable on this forum so please edit it and use the code format. Quote Link to comment Share on other sites More sharing options...
taralee Posted April 8, 2019 Author Share Posted April 8, 2019 Thank you, maxxd! Quote Link to comment Share on other sites More sharing options...
taralee Posted April 8, 2019 Author Share Posted April 8, 2019 This is the html code: <form action="send_mail.php" method="post"> <input name="Email" placeholder="Enter your email..." required="" type="email"> <button class="btn1 btn"><span class="fa fa-paper-plane-o" aria-hidden="true"></span></button> </form> This is the php code: <?php /* This first bit sets the email address that you want the form to be submitted to.You will need to change this value to a valid email address that you can access.*/$webmaster_email = "hollandertaralee@gmail.com";/*This bit sets the URLs of the supporting pages.If you change the names of any of the pages, you will need to change the values here. */$feedback_page = "feedback_form.html";$error_page = "error_message.html";$thankyou_page = "thank_you.html";/*This next bit loads the form field data into variables.If you add a form field, you will need to add it here. */$email_address = $_REQUEST['email_address'] ; "Email: " . $email_address . "\r\n" . ; /*The following function checks for email injection.Specifically, it checks for carriage returns - typically used by spammers to inject a CC list.*/function isInjected($str) { $injections = array('(\n+)', '(\r+)', '(\t+)', '(%0A+)', '(%0D+)', '(%08+)', '(%09+)' ); $inject = join('|', $injections); $inject = "/$inject/i"; if(preg_match($inject,$str)) { return true; } else { return false; }} // If the user tries to access this script directly, redirect them to the feedback form,if (!isset($_REQUEST['email_address'])) {header( "Location: $feedback_page" );}// If the form fields are empty, redirect to the error page.elseif (empty($first_name) || empty($email_address)) {header( "Location: $error_page" ); }/* If email injection is detected, redirect to the error page.If you add a form field, you should add it here.*/elseif ( isInjected($email_address) || isInjected($first_name) || isInjected($comments) ) {header( "Location: $error_page" ); }// If we passed all previous tests, send the email then redirect to the thank you page.else { mail( "$webmaster_email", "Feedback Form Results", $msg ); header( "Location: $thankyou_page" ); }?> Quote Link to comment Share on other sites More sharing options...
maxxd Posted April 8, 2019 Share Posted April 8, 2019 OK. Now we can safely say the issue is not just in what was originally posted. Format the source code, then post it here again please. It's still unreadable. Quote Link to comment Share on other sites More sharing options...
gw1500se Posted April 8, 2019 Share Posted April 8, 2019 Don't embed your comments to us in the code. Put the comments outside the formatter. Quote Link to comment Share on other sites More sharing options...
taralee Posted April 8, 2019 Author Share Posted April 8, 2019 Thanks, gw1500se, I will try. I think I might just have to go and get myself better equipped in php first. I think I am in way over my head - I have only been coding in html and css up to now. All I wanted to do was to get my form to send me the data from the form to my gmail account. Quote Link to comment Share on other sites More sharing options...
maxxd Posted April 8, 2019 Share Posted April 8, 2019 (edited) Honestly, just formatting your code properly is going to help. You've got single-line comments that are (right now) commenting out functionality due to everything being on one line. Put the comments on separate lines or remove them entirely. We'll be able to figure out what your script is doing, I promise. Edited April 8, 2019 by maxxd forgot a word. Quote Link to comment Share on other sites More sharing options...
jodunno Posted April 8, 2019 Share Posted April 8, 2019 for one thing, i don't see a reason to waste variables which simply store redirect page names. You could clean up the code by eliminating these variables. However, you also need to use exit; after each header redirect: header('Location: '); exit; another thing that i see, why are we not detecting a form $_POST value? and a semicolon is a terminator not a concatenator. Thus, replace your $email_address variable with the following code: $email = filter_var($_POST['email_address'], FILTER_VALIDATE_EMAIL); $email_address = 'Email: ' . $email . '\r\n'; I think that you need to include a mail from field but i don't even see you initiating communication with the PHP mailer. Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted April 8, 2019 Share Posted April 8, 2019 2 hours ago, jodunno said: Thus, replace your $email_address variable with the following code: $email = filter_var($_POST['email_address'], FILTER_VALIDATE_EMAIL); $email_address = 'Email: ' . $email . '\r\n'; Note that filter_var() will return false, if the filter fails. For example, the filter will fail if the user forgets to enter the "@" symbol in their address. So you'll want to make sure $email in the above code isn't false before using the value. If $email is false, I would display an error message about an invalid email. Otherwise, send the email. Quote Link to comment Share on other sites More sharing options...
jodunno Posted April 8, 2019 Share Posted April 8, 2019 18 minutes ago, cyberRobot said: Note that filter_var() will return false, if the filter fails. For example, the filter will fail if the user forgets to enter the "@" symbol in their address. So you'll want to make sure $email in the above code isn't false before using the value. If $email is false, I would display an error message about an invalid email. Otherwise, send the email. I'm not sure why you are addressing me instead of the OP. Am i supposed to be the only member that has to write a book in order to post a tip? i'm not going to be thorough. The point is to validate an email before you do something with it but it's up to the OP to do the research. However, if you want to be technical: you shouldn't allow an email address in the first place. you need two form fields and automatically assign the at sign. I have no problems using regex to verify an id plus a valid domain then concatenate an at sign. I even break up your birthdate into month, day and year form fields. Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted April 8, 2019 Share Posted April 8, 2019 (edited) 9 minutes ago, jodunno said: I'm not sure why you are addressing me instead of the OP. Am i supposed to be... @jodunno - My comment wasn't necessarily addressed to you. I just quoted your post so that the OP (or whoever is learning from this thread) knows what code I was referring to. Edited April 8, 2019 by cyberRobot cleaned up quote Quote Link to comment Share on other sites More sharing options...
jodunno Posted April 8, 2019 Share Posted April 8, 2019 i'm not mad or anything. I hope that you don't think i am being rude. I am very tired today and i am fighting a sinus infection while i am healing from surgery. All is good. I guess that i worried that you think i am stupid or something. sorry if you are offended. I mean no harm. I'm happy to be your friend. Quote Link to comment Share on other sites More sharing options...
ginerjm Posted April 9, 2019 Share Posted April 9, 2019 Regarding the code here - I don't know why you are using the <button> tag in your form but you must have some reason. While the <input> tag is the much preferred method for submitting a form, you can use <button> but you need to actually specifiy the type='submit' clause in it since different browsers may have a different default when you don't specify what you want. Why are you using <button> anyway? PS - input syntax: <input type='submit' name='btn' value='Submit'> A simple example that does a submit for you. You can use any value for it - I just used Submit. Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted April 9, 2019 Share Posted April 9, 2019 (edited) @jodunno - No problem. Hope you feel better soon. 16 hours ago, jodunno said: However, if you want to be technical: you shouldn't allow an email address in the first place. you need two form fields and automatically assign the at sign. I have no problems using regex to verify an id plus a valid domain then concatenate an at sign. My preference would be to use a single email address field. The filter_var() function, suggested by jodunno, could then be used to detect problems like a missing "@" symbol or no domain suffix (e.g. ".com"). If the function detects an error (i.e. returns false), ask the user to correct the email address before trying to send the message. Edited April 9, 2019 by cyberRobot Quote Link to comment Share on other sites More sharing options...
jodunno Posted April 9, 2019 Share Posted April 9, 2019 Hello and Thank you for the kind message, cyberRobot. I hope that you are having a pleasant day. I didn't look at the form before but i see now a button instead of an input and required is assigned an empty value. The form needs to be corrected: <form method="post" action="send_mail.php"> <input type="email" name="Email" placeholder="Enter your email..." required /> <input class="btn1 btn" type="submit" name="submit" value="Send Mail" /> </form> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.