Jump to content

php coding to send email from html form


taralee

Recommended Posts

I am brand new at php coding so I am struggling to understand why my php code is not working in my website. I would like my html form to send me data to my email. Whatever I try, it just will not work. I have ftp'ed it to my website and I checked with my web host, they do support php. Anyone who can help out a newbie, please?

 

This is my very simple form to capture email addresses of new clients:

 <form action="send_mail.php" method="post"> <input name="Email"

                    placeholder="Enter your email..." required="" type="email">
                  <button class="btn1 btn"><span class="fa fa-paper-plane-o" aria-hidden="true"></span></button>
                </form>

This is the php coding I have placed in a document called send_mail.php:

<?php /*
This first bit sets the email address that you want the form to be submitted to.You will need to change this value to a valid email address that you can access.*/$webmaster_email = "hollandertaralee@gmail.com";/*This bit sets the URLs of the supporting pages.If you change the names of any of the pages, you will need to change the values here.
*/$feedback_page = "feedback_form.html";$error_page = "error_message.html";$thankyou_page = "thank_you.html";/*This next bit loads the form field data into variables.If you add a form field, you will need to add it here.
*/$email_address = $_REQUEST['email_address'] ; "Email: " . $email_address . "\r\n" . ;
/*The following function checks for email injection.Specifically, it checks for carriage returns - typically used by spammers to inject a CC list.*/function isInjected($str) {    $injections = array('(\n+)',    '(\r+)',
    '(\t+)',    '(%0A+)',    '(%0D+)',    '(%08+)',    '(%09+)'    );    $inject = join('|', $injections);    $inject = "/$inject/i";
    if(preg_match($inject,$str)) {        return true;    }    else {        return false;    }}
// If the user tries to access this script directly, redirect them to the feedback form,if (!isset($_REQUEST['email_address'])) {header( "Location: $feedback_page" );}// If the form fields are empty, redirect to the error page.elseif (empty($first_name) || empty($email_address)) {header( "Location: $error_page" );
}/* If email injection is detected, redirect to the error page.If you add a form field, you should add it here.*/elseif ( isInjected($email_address) || isInjected($first_name)  || isInjected($comments) ) {header( "Location: $error_page" );
}// If we passed all previous tests, send the email then redirect to the thank you page.else {    mail( "$webmaster_email", "Feedback Form Results", $msg );    header( "Location: $thankyou_page" );
}?>

Link to comment
Share on other sites

Your code it nearly impossible to read. Please edit it and use the code tag (<>) and choose the proper code type (PHP). The first thing I notice is that you should be using $_POST rather than $_REQUEST. The second thing I see is you are not using PHPMailer with is infinitely easier than 'mail'.

Link to comment
Share on other sites

Thank you for your reply. My apologies for the untidy nature of the code, as I said, I am brand new at php coding and therefore don't really understand the natural flow of the code yet. I will have a look at the suggestions you have made. Thanks again.

Link to comment
Share on other sites

gw1500se means in your original post here, not the code itself. Notice the button that looks like '<>' in the editor toolbar - that formats code. The code you posted isn't readable on this forum so please edit it and use the code format.

Link to comment
Share on other sites

This is the html code:

 <form action="send_mail.php" method="post"> <input name="Email"

                    placeholder="Enter your email..." required="" type="email">
                  <button class="btn1 btn"><span class="fa fa-paper-plane-o" aria-hidden="true"></span></button>
                </form>

This is the php code:

<?php /*
This first bit sets the email address that you want the form to be submitted to.You will need to change this value to a valid email address that you can access.*/$webmaster_email = "hollandertaralee@gmail.com";/*This bit sets the URLs of the supporting pages.If you change the names of any of the pages, you will need to change the values here.
*/$feedback_page = "feedback_form.html";$error_page = "error_message.html";$thankyou_page = "thank_you.html";/*This next bit loads the form field data into variables.If you add a form field, you will need to add it here.
*/$email_address = $_REQUEST['email_address'] ; "Email: " . $email_address . "\r\n" . ;
/*The following function checks for email injection.Specifically, it checks for carriage returns - typically used by spammers to inject a CC list.*/function isInjected($str) {    $injections = array('(\n+)',    '(\r+)',
    '(\t+)',    '(%0A+)',    '(%0D+)',    '(%08+)',    '(%09+)'    );    $inject = join('|', $injections);    $inject = "/$inject/i";
    if(preg_match($inject,$str)) {        return true;    }    else {        return false;    }}
// If the user tries to access this script directly, redirect them to the feedback form,if (!isset($_REQUEST['email_address'])) {header( "Location: $feedback_page" );}// If the form fields are empty, redirect to the error page.elseif (empty($first_name) || empty($email_address)) {header( "Location: $error_page" );
}/* If email injection is detected, redirect to the error page.If you add a form field, you should add it here.*/elseif ( isInjected($email_address) || isInjected($first_name)  || isInjected($comments) ) {header( "Location: $error_page" );
}// If we passed all previous tests, send the email then redirect to the thank you page.else {    mail( "$webmaster_email", "Feedback Form Results", $msg );    header( "Location: $thankyou_page" );
}?>

 

Link to comment
Share on other sites

Thanks, gw1500se, I will try. I think I might just have to go and get myself better equipped in php first. I think I am in way over my head - I have only been coding in html and css up to now. All I wanted to do was to get my form to send me the data from the form to my gmail account. 

Link to comment
Share on other sites

Honestly, just formatting your code properly is going to help. You've got single-line comments that are (right now) commenting out functionality due to everything being on one line. Put the comments on separate lines or remove them entirely. We'll be able to figure out what your script is doing, I promise.

Edited by maxxd
forgot a word.
Link to comment
Share on other sites

for one thing, i don't see a reason to waste variables which simply store redirect page names. You could clean up the code by eliminating these variables. However, you also need to use exit; after each header redirect: header('Location: '); exit;

another thing that i see, why are we not detecting a form $_POST value? and a semicolon is a terminator not a concatenator. Thus, replace your $email_address variable with the following code:

$email = filter_var($_POST['email_address'], FILTER_VALIDATE_EMAIL);
$email_address = 'Email: ' . $email . '\r\n';

I think that you need to include a mail from field but i don't even see you initiating communication with the PHP mailer.

Link to comment
Share on other sites

2 hours ago, jodunno said:

Thus, replace your $email_address variable with the following code:


$email = filter_var($_POST['email_address'], FILTER_VALIDATE_EMAIL);
$email_address = 'Email: ' . $email . '\r\n';

 

 

Note that filter_var() will return false, if the filter fails. For example, the filter will fail if the user forgets to enter the "@" symbol in their address.

So you'll want to make sure $email in the above code isn't false before using the value. If $email is false, I would display an error message about an invalid email. Otherwise, send the email.

Link to comment
Share on other sites

18 minutes ago, cyberRobot said:

 

Note that filter_var() will return false, if the filter fails. For example, the filter will fail if the user forgets to enter the "@" symbol in their address.

So you'll want to make sure $email in the above code isn't false before using the value. If $email is false, I would display an error message about an invalid email. Otherwise, send the email.

I'm not sure why you are addressing me instead of the OP. Am i supposed to be the only member that has to write a book in order to post a tip? i'm not going to be thorough. The point is to validate an email before you do something with it but it's up to the OP to do the research. However, if you want to be technical: you shouldn't allow an email address in the first place. you need two form fields and automatically assign the at sign. I have no problems using regex to verify an id plus a valid domain then concatenate an at sign. I even break up your birthdate into month, day and year form fields.

Link to comment
Share on other sites

9 minutes ago, jodunno said:

I'm not sure why you are addressing me instead of the OP. Am i supposed to be...

@jodunno - My comment wasn't necessarily addressed to you. I just quoted your post so that the OP (or whoever is learning from this thread) knows what code I was referring to.

Edited by cyberRobot
cleaned up quote
Link to comment
Share on other sites

i'm not mad or anything. I hope that you don't think i am being rude. I am very tired today and i am fighting a sinus infection while i am healing from surgery. All is good. I guess that i worried that you think i am stupid or something. sorry if you are offended. I mean no harm. I'm happy to be your friend.

Link to comment
Share on other sites

Regarding the code here - I don't know why you are using the <button> tag in your form but you must have some reason.  While the <input> tag is the much preferred method for submitting a form, you can use <button> but you need to actually specifiy the type='submit' clause in it since different browsers may have a different default when you don't specify what you want.

Why are you using <button> anyway?

PS - input syntax:

<input type='submit' name='btn' value='Submit'>

A simple example that does a submit for you.  You can use any value for it - I just used Submit.

Link to comment
Share on other sites

@jodunno - No problem. Hope you feel better soon.

 

16 hours ago, jodunno said:

However, if you want to be technical: you shouldn't allow an email address in the first place. you need two form fields and automatically assign the at sign. I have no problems using regex to verify an id plus a valid domain then concatenate an at sign.

My preference would be to use a single email address field. The filter_var() function, suggested by jodunno, could then be used to detect problems like a missing "@" symbol or no domain suffix (e.g. ".com"). If the function detects an error (i.e. returns false), ask the user to correct the email address before trying to send the message.

Edited by cyberRobot
Link to comment
Share on other sites

Hello and Thank you for the kind message, cyberRobot. I hope that you are having a pleasant day.

I didn't look at the form before but i see now a button instead of an input and required is assigned an empty value. The form needs to be corrected:

<form method="post" action="send_mail.php">
  <input type="email" name="Email" placeholder="Enter your email..." required />
  <input class="btn1 btn" type="submit" name="submit" value="Send Mail" />
</form>

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.