Jump to content

php mail problem please

lumo

By lumo
in PHP Coding Help

 Share

Recommended Posts

lumo Newbie

lumo

Posted
Posted

Total noobie here. My php mail script almost works (I think).

The remaining 2 problems are even though it validates the email address with preg_match and echos an error, it still sends the mail and it checks for invalid charactors but (you guessed it) it still send the mail.

I know there's simpler scripts but I like the way it shows the errors and confirmation on the same page.

 

I guess its missing a bit of code somewhere so if you can help.....

 

<?
// Attempt to defend against header injections:
$badStrings = array("Content-Type:",
                     "MIME-Version:",
                     "Content-Transfer-Encoding:",
                     "bcc:",
                     "cc:");

// Loop through each POST'ed value and test if it contains
// one of the $badStrings:
foreach($_POST as $k => $v){
   foreach($badStrings as $v2){
       if(strpos($v, $v2) !== false){
           $spamerreur="Invalid charactors in field.<br/>";
       }
   }
}     


if($envoyer==ok)



{


  
if(!empty($content)&&!empty($email)&&!empty($nom)&&!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/", $email))
		{
		$sujet="Message de mon site : message de  ".$nom;

		$body=$content."
		Name : ".$nom."
		Address : ".$rue."
		City : ".$ville."
		Telephone : ".$telephone."
		Reference : ".$menu;
		$to="myaddress@gmail.com";



		$headers = "From: $email";
		mail($to, $sujet, $body, $email, $headers);
		$confirmation="Danke, <br/><br/>Message sent<br/>
						<br/>Message:<br/>
						<br/>Name : ".$nom."
						<br/>Address : ".$rue."
						<br/>City : ".$ville."
						<br />Telephone : ".$telephone."<br/>
						<br/>Message : ".$content."<br/>
						<br/>Reference : ".$menu;""; 
		}
else
	{	

	if(empty($email))
			{
			$mailerreur="fill out email.";
			}
		if(empty($nom))
			{
			$nomerreur="<br/>fill out name.";
			}
		if(empty($content))
			{
			$contenterreur="<br/>fill out message.";
			}
		if (!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/", $email)) 
			{
  				$emailerreur="Invalid email. ";
  				}

	}
}	 
?>

 

<html> ..........

 

 

      <?
if(!empty($confirmation))
{
echo "<div><font color=#FFCC00>".$confirmation;

echo "</font></div>";
}
else
{
?>
    <? echo "<div><font color=#FFCC00 size=2>".$spamerreur.$emailerreur.$mailerreur.$nomerreur.$contenterreur.$messagealanoix."</font></div>"; ?></td>
  </tr>
  <tr>
    <td><form action="contact2.php" method="post">
  

    <input type=hidden name=envoyer value=ok>
    

  <p><strong>Mehr information?  </strong> 
<br/>
    Name:<span class="asterix">*</span> <br />
        <input name="nom" type="text" value="<? echo $nom; ?>" tabindex="1" size="38" />
        <br />
    Adresse:<br />
        <textarea name="rue" value="<? echo $rue; ?>" cols="33" rows="1" tabindex="2"></textarea>
        <br />
    
    Stadt und postleitung:<br />
      <input name="ville" type="text" tabindex="3" value="<? echo $ville; ?>" size="38" />
      <br />
    Telefon :<br />
      <input type="text" name="telephone" value="<? echo $telephone; ?>" tabindex="4" />
      <br />
    Email :<span class="asterix">*</span> <br />
      <input name="email" type="text" tabindex="5" value="<? echo $email; ?>" size="38" />
      <br />
    Message:<span class="asterix">*</span><br />
      <textarea name="content" cols="33" rows="3" tabindex="5"><? echo $content; ?></textarea>
      <br />
    Please let us know how you heard of us:<br />
      <select name="menu" id="menu">
        <option>Word of mouth</option>
        <option>Internet search</option>
        <option>Advertising</option>
        <option>Exhibition</option>
        <? echo $menu; ?>
        </select>
    
      <input class="button" type="submit" value="send" />
      <input type=reset name="reset"/>
    
      <? } ?>
</form>

Link to comment
https://forums.phpfreaks.com/topic/63856-php-mail-problem-please/
Share on other sites
NArc0t1c Member

NArc0t1c

Posted
Posted

Try it with exit;

<?php
if(!empty($confirmation))
{
echo "<div><font color=#FFCC00>".$confirmation;

echo "</font></div>";
}
else
{
?>
    <?php echo "<div><font color=#FFCC00 size=2>".$spamerreur.$emailerreur.$mailerreur.$nomerreur.$contenterreur.$messagealanoix."</font></div>"; exit; ?></td>
  </tr>
  <tr>
    <td><form action="contact2.php" method="post">
  

    <input type=hidden name=envoyer value=ok>
    

  <p><strong>Mehr information?  </strong> 
<br/>
    Name:<span class="asterix">*</span> <br />
        <input name="nom" type="text" value="<?=$nom; ?>" tabindex="1" size="38" />
        <br />
    Adresse:<br />
        <textarea name="rue" value="<? echo $rue; ?>" cols="33" rows="1" tabindex="2"></textarea>
        <br />
    
    Stadt und postleitung:<br />
      <input name="ville" type="text" tabindex="3" value="<?=$ville; ?>" size="38" />
      <br />
    Telefon :<br />
      <input type="text" name="telephone" value="<?=$telephone; ?>" tabindex="4" />
      <br />
    Email :<span class="asterix">*</span> <br />
      <input name="email" type="text" tabindex="5" value="<?=$email; ?>" size="38" />
      <br />
    Message:<span class="asterix">*</span><br />
      <textarea name="content" cols="33" rows="3" tabindex="5"><?=$content; ?></textarea>
      <br />
    Please let us know how you heard of us:<br />
      <select name="menu" id="menu">
        <option>Word of mouth</option>
        <option>Internet search</option>
        <option>Advertising</option>
        <option>Exhibition</option>
        <? echo $menu; ?>
        </select>
    
      <input class="button" type="submit" value="send" />
      <input type=reset name="reset"/>
    
      <?php } ?>
</form>

lumo Newbie

lumo

Posted
  • Author
Posted

Thanks for the reply NArc0t1c..

I see what you mean but the correctly formed exit didn't make any difference..

I should explain myself better as to what is happening.

The script works fine, it checks if email, name and subject are filled out and if not writes an advice on the page here...

<?php
if(!empty($confirmation))
{
echo "<div><font color=#FFCC00>".$confirmation;

echo "</font></div>";
}
else
{
?>
    <?php echo "<div><font color=#FFCC00 size=2>".$spamerreur.$emailerreur.$mailerreur.$nomerreur.$contenterreur.$messagealanoix."</font></div>"; exit; ?>

 

It also checks for illegal charactors and correctly formed email address and writes the error message correctly.

The problem is that it sends the email successfully even if there is illegal charactors and/or malformed email address, in other words it knows about the problems but doesn't prevent the email being sent.

 

Conversely if any of the required fields are not filled out it stops the email being sent and writes the error correctly.

 

This I can prove if e.g. I don't fill out the name field, put an illegal char e.g. cc: in the subject and write rubbish in the email field.

In this case the email is not sent and 3 errors are written

"illegal charactor"

"No name"

"invalid email address"

If I change nothing except fill in the name field the email will then send even with the illegal char and email address so it must be some piece of code missing that stops the mail send process, perhaps the order in which the commands are being processed?

 

screenshot.jpg

 

Any advice appreiciated....

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.