Jump to content

contact form won't send message if email is slightly odd

worker012

By worker012
in PHP Coding Help

Recommended Posts

worker012 Newbie

worker012

Posted
Posted

I was wondering if anyone can help me. I have an odd problem with my contact form.

 

The form is set up to check for proper email characters like "@" which is not the problem.

 

It works if I type [email protected]/net/biz etc.. but if someone happens to have an uncommon word for an email I get "mail error".

 

For example,

if it's [email protected] it works,

if it's [email protected] there's a "mail error" message.

if it's [email protected] there's a "mail error" message.

also oddly enough, [email protected] works

 

There's nothing I can find in the code that would specify this filter. Here's my code.

 

thanks in advance for any advice.

 

<?php                            

// PHP script by Dave Lauderdale
// Published at: www.digi-dl.com
// ENTER YOUR INFORMATION BELOW


$maxSize="500";                            // Maximum size of the letters message
$subject="visitor comments";               // The subject line of the letters that you receive
$to="[email protected]";                     // The email address you want letters sent to
$HTMLmailFormat="1";                       // Do you want to use HTML mail (1 for yes and 0 for no)
$verify_referrer="1";                      // Do you want to do domain checking (1 for yes and 0 for no)
$domain="http://mydomain.com/";               // Enter your domain here if you want to verify it
$domainAlias="http://mydomain.com/";      // Enter your domains alias here if you want to verify it
$ipLogging="1";                            // Do you want to do IP logging (1 for yes and 0 for no)
$notify="1";                               // Do you want to be notified when an IP is logged  (1 or 0)
$notifyFrom="$from";          // What do you want the notifications 'From' field to say
$notifySubject="Form abuse notification";  // What do you want the notifications 'Subject' line to say



//////////////////////    NO EDITING BEYOND THIS POINT
////////////////////// unless you know what you are doing!


// Below code may or may not be necessary for you
$name = $_POST['name']; $from = $_POST['from']; $message = $_POST['message'];

// Set IP variable based on registar globals status
$register_globals = (bool) ini_get('register_gobals');
if ($register_globals) { $ip=getenv(REMOTE_ADDR); }
else $ip=$_SERVER['REMOTE_ADDR'];

if ($register_globals) { $ref=getenv(HTTP_REFERER); }
else $ref=$_SERVER['HTTP_REFERER'];


// If webmaster wants to do domain checks
if($verify_referrer=="1")
{
        // If the domain referrer DOESN'T match either the set domain or domainAlias variable
   if(!eregi("$domain", $ref) && !eregi("$domainAlias", $ref))
        {
                $error=1;

                // If webmaster wants to log 3rd party domain attempts
                if($ipLogging=="1"){
          $date=date ("l dS of F Y h:i:s A");
         $ipLog="ipLog.htm";
         $fp=fopen("$ipLog", "a+");
         fputs($fp, "<font face=arial size=3>  >>> Logged IP address: $ip - Date: $date<br>");
         fclose($fp);

         $errorMesB="ERROR: Invalid domain.<br><br><b>NOTICE:</b> Your IP has been logged as: $ip."; $error=1;
      }
      else{ $errorMesA="ERROR: Invalid domain."; $error=1; }

                // If webmaster wants to be notified via email of 3rd party domain attempts
      if($notify=="1"){
                $subject=$notifySubject;

                        // If webmaster wants mail sent in HTML format
              if($HTMLmailFormat=="1"){
            $body=" <font face=arial size=3><br>
                    --------<font color=red>WARNING!</font><font face=arial size=3> Form abuse notification ------
                    <br><br><br><font face=arial size=2>A person has attempted to abuse the contact form.
                    <br><font face=arial size=2>Their IP address was logged as: $ip <br></font><br>";
                        }
                        // If no HTML then send as plain text
                        else{
                                 $body=" \n--------WARNING! Form abuse notification ------\n\n\n
                    A person has attempted to abuse the contact form.\n
                    Their IP address was logged as: $ip \n";
                        }
         $from=$notifyFrom;

                        // Set headers based on content type (plain / HTML)
         if($HTMLmailFormat=="1") $headers="Content-Type: text/html; charset=windows-1252 \n";
                        else $headers="Content-Type: text/plain \n";
         $headers.="From: $from \n";
         $headers.="X-mailer: \"contactMe\" published at www.digi-dl.com \n";

                        // Mail notice to webmaster
         mail($to,$subject,$body,$headers);

                        $errorMesC="An email with this information has been sent to the webmaster."; $error=1;
      }
      }
}

// Trim whitespace from user input and replace potentially harmfull charchters
$name=trim($name); $name = preg_replace("/>/","]",$name); $name = preg_replace("/</","[",$name);

// If user enters NO name
if($name==""){ $errorMes1=" "; $error=1; }



// Trim whitespace from user input
$message=trim($message); if($message==""){ $errorMes2=" "; $error=1; }

// Determine the length of the message
//elseif (strlen($message) >= $maxSize) { $errorMes3="";>  "; $error=1; }

// If all is well so far there are no errors
else
   $error=0;

// If there IS data in the email field then check it

if ($from!==""){



        // Check email address for certain charcters

   if (!eregi("^.+@.+\\..+$", $from))

   {

      $errorMes4=" "; $error=1;

   }



        // If email address pass check then trim whitespace

        else

      $from=trim($from);

}

else { $errorMes5="  "; $error=1; }




// If there has been an error then display the error
if ($error=="1"){

   echo ("<title>SendMail Error</title>

        <body style=\"background-color:transparent\"><table><tr><td width=10></td><td><br><br><br>

   <p style=\"font:12px verdana\">SendMail <font color=red> Error</font>

   <br>

   $errorMes1 $errorMes2 $errorMes3 $errorMes4 $errorMes5<br>$errorMesA<br>$errorMesB<br>$errorMesC

   <a href=\"http://mydomain/contact.html\" style=\"color:black\">ERROR: Click here to try again.</a></td></tr></table> </body></html>"); exit(0);

}

// If there has been no error then send mail
else if ($error=="0"){

        // If webmaster wants mail sent in HTML format
        if($HTMLmailFormat=="1") {

      $message = preg_replace("/>/",">",$message); $message = preg_replace("/</","<",$message);



      $body="<font face=arial size=2>$message</font <br><br><br>

                       <font face=\"verdana\" size=2>

                       --------------- SENDER INFORMATION ------------

                         <br>This message was sent to you by $name.<br>

                         $name's email address is: $from<br>

                  $name's phone number is: $phone<br>

                  $name heard about us from: $hear<br>

                         $name's IP address is: $ip </font><br>";

        }
       
        // If webmaster wants mail sent in plain text format
        else{

      $body="$message\n\n\n

                       --------------- SENDER INFORMATION ------------

             \nThis message was sent to you by $name.\n

                         $name's email address is: $from\n

                  $name's phone number is: $phone<br>

                  $name heard about us from: $hear<br>

                  $name's IP address is: $ip \n";

        }

   $from="\"$name\" <$from>";

        // Set headers based on content type (plain / HTML)
        if($HTMLmailFormat=="1") $headers="Content-Type: text/html; charset=windows-1252\n";
        else $headers="Content-Type: text/plain \n";
   $headers.="From: $from \n";
        $headers.="X-mailer: \"contactMe\" published at www.digi-dl.com \n";
      




        // Send mail
   if(!mail($to,$subject,$body,$headers)){
      echo "mail error";
   }
        // display mail sent message
   else {

        echo (" <title>SendMail Notice: mail was successfully sent</title><body style=\"background-color:transparent\"><br><br><br><br>

      <p style=\"font:12px verdana\" align=center>Your mail has been successfully sent...Thank you</p>

      </body></html>"); exit(0);

   }

// exit script
} exit(0);
?>

PHP Monkeh Newbie

PHP Monkeh

Posted
Posted

The script is doing domain check it seems, I'm sure if you weren't bothered about doing that you could change:

 

$verify_referrer="1";

 

to

 

$verify_referrer="0";

 

The script looks like it's checking to see if the referrer is the sender to avoid 3rd party sites using your script to send emails, i think.

worker012 Newbie

worker012

Posted
  • Author
Posted

it's now $verify_referrer="0"; but I'm having the same problem.

 

I've just uploaded the original form (3 file script.. htm, iplog and dataprocess.php)

but I have the same problem...

 

I also just tried this one file script since I'm getting spam now..

http://www.stevedawson.com/article0015.php

That new form is here.

 

and it also gave me the same problem when I try [email protected]  :o

[email protected] works with this new form too.

 

does it have anything to do with my internet host or chmod?

 

thanks for looking into this!!

 

here's the original dataprocess script...

<?php	    							

// PHP script by Dave Lauderdale 
// Published at: www.digi-dl.com
// ENTER YOUR INFORMATION BELOW


$maxSize="500";                            // Maximum size of the letters message
$subject="visitor comments";               // The subject line of the letters that you receive
$to="[email protected]";                     // The email address you want letters sent to
$HTMLmailFormat="1";                       // Do you want to use HTML mail (1 for yes and 0 for no)
$verify_referrer="0";	                   // Do you want to do domain checking (1 for yes and 0 for no)
$domain="http://domain.com";               // Enter your domain here if you want to verify it
$domainAlias="http://www.domain.com";      // Enter your domains alias here if you want to verify it
$ipLogging="0";                            // Do you want to do IP logging (1 for yes and 0 for no)
$notify="0";                               // Do you want to be notified when an IP is logged  (1 or 0)
$notifyFrom="[email protected]";          // What do you want the notifications 'From' field to say
$notifySubject="Form abuse notification";  // What do you want the notifications 'Subject' line to say



//////////////////////    NO EDITING BEYOND THIS POINT
////////////////////// unless you know what you are doing!


// Below code may or may not be necessary for you
$name = $_POST['name']; $from = $_POST['from']; $message = $_POST['message'];

// Set IP variable based on registar globals status
$register_globals = (bool) ini_get('register_gobals');
if ($register_globals) { $ip=getenv(REMOTE_ADDR); } 
else $ip=$_SERVER['REMOTE_ADDR'];

if ($register_globals) { $ref=getenv(HTTP_REFERER); } 
else $ref=$_SERVER['HTTP_REFERER'];


// If webmaster wants to do domain checks
if($verify_referrer=="1")
{
        // If the domain referrer DOESN'T match either the set domain or domainAlias variable
if(!eregi("$domain", $ref) && !eregi("$domainAlias", $ref)) 
        {
                $error=1;

                // If webmaster wants to log 3rd party domain attempts
                if($ipLogging=="1"){ 
	 	$date=date ("l dS of F Y h:i:s A");
		$ipLog="ipLog.htm";
		$fp=fopen("$ipLog", "a+");
		fputs($fp, "<font face=arial size=3>  >>> Logged IP address: $ip - Date: $date<br>");
		fclose($fp);

		$errorMesB="ERROR: Invalid domain.<br><br><b>NOTICE:</b> Your IP has been logged as: $ip."; $error=1;
	}
	else{ $errorMesA="ERROR: Invalid domain."; $error=1; }

                // If webmaster wants to be notified via email of 3rd party domain attempts
	if($notify=="1"){
       			$subject=$notifySubject;

                        // If webmaster wants mail sent in HTML format
        		if($HTMLmailFormat=="1"){
			$body=" <font face=arial size=3><br>
        				--------<font color=red>WARNING!</font><font face=arial size=3> Form abuse notification ------
        				<br><br><br><font face=arial size=2>A person has attempted to abuse the contact form.
        				<br><font face=arial size=2>Their IP address was logged as: $ip <br></font><br>";
                        }
                        // If no HTML then send as plain text
                        else{
                              	$body=" \n--------WARNING! Form abuse notification ------\n\n\n
        				A person has attempted to abuse the contact form.\n
        				Their IP address was logged as: $ip \n";
                        }
		$from=$notifyFrom;

                        // Set headers based on content type (plain / HTML)
		if($HTMLmailFormat=="1") $headers="Content-Type: text/html; charset=windows-1252 \n";
                        else $headers="Content-Type: text/plain \n";
		$headers.="From: $from \n";
		$headers.="X-mailer: \"contactMe\" published at www.digi-dl.com \n";

                        // Mail notice to webmaster
		mail($to,$subject,$body,$headers);

                        $errorMesC="An email with this information has been sent to the webmaster."; $error=1;
	}
   	} 
}

// Trim whitespace from user input and replace potentially harmfull charchters
$name=trim($name); $name = preg_replace("/>/","]",$name); $name = preg_replace("/</","[",$name);

// If user enters NO name
if($name==""){ $errorMes1="ERROR: You didn't write your name. "; $error=1; }

// Trim whitespace from user input 
$message=trim($message); if($message==""){ $errorMes2="ERROR: You didn't write a message. "; $error=1; }

// Determine the length of the message
//elseif (strlen($message) >= $maxSize) { $errorMes3="ERROR: Your message is too long. The maximum characters allowed is $maxSize. "; $error=1; }

// If all is well so far there are no errors
else
$error=0;

// If there IS data in the email field then check it
if ($from!==""){

        // Check email address for certain charcters
if (!eregi("^.+@.+\\..+$", $from)) 
{ 
	$errorMes4="ERROR: Your email address contains errors. "; $error=1; 
}

        // If email address pass check then trim whitespace
        else
	$from=trim($from);
}
else { $errorMes5="ERROR: You need to enter an email address. "; $error=1; }

// If there has been an error then display the error
if ($error=="1"){
echo ("<title>SendMail Error</title>
        <body><br>
<p style=\"font:11pt arial\">SendMail <font color=red> Error</font>
<br><br>The following errors have occured:<br><br>
$errorMes1<br>$errorMes2<br>$errorMes3<br>$errorMes4<br>$errorMes5<br>$errorMesA<br>$errorMesB<br>$errorMesC<br>
<br><a href=\"contactMe.htm\" style=\"color:black\">Click here</a> to try again. </body></html>"); exit(0);
}

// If there has been no error then send mail
else if ($error=="0"){

        // If webmaster wants mail sent in HTML format
        if($HTMLmailFormat=="1") {
	$message = preg_replace("/>/",">",$message); $message = preg_replace("/</","<",$message);

	$body="<font face=arial size=2>$message</font <br><br><br>
                       <font face=\"ms sans serif\" size=2>
                       --------------- SENDER INFORMATION ------------
               	       <br>This message was sent to you by $name.<br>
               	       $name's email address is: $from<br>
               	       $name's IP address is: $ip </font><br>";
        }
       
        // If webmaster wants mail sent in plain text format
        else{
	$body="$message\n\n\n
                       --------------- SENDER INFORMATION ------------
	       \nThis message was sent to you by $name.\n
               	       $name's email address is: $from\n
               	       $name's IP address is: $ip \n";
        }
$from="\"$name\" <$from>";

        // Set headers based on content type (plain / HTML)
        if($HTMLmailFormat=="1") $headers="Content-Type: text/html; charset=windows-1252\n";
        else $headers="Content-Type: text/plain \n";
$headers.="From: $from \n";
        $headers.="X-mailer: \"contactMe\" published at www.digi-dl.com \n";

        // Send mail
if(!mail($to,$subject,$body,$headers)){
	echo "mail error";
}
        // display mail sent message
else {
        echo (" <title>SendMail Notice: mail was successfully sent</title><body><br><br><br><br>
	<p style=\"font:11pt arial\" align=center>Your mail has been successfully sent...<i>Thank you</i></p>
	</body></html>"); exit(0);
}

// exit script
} exit(0);
?>

here's the antispam script from stevedawson

<table width="760" border="0" cellspacing="10" cellpadding="0" align="center">
  <tr>
    <td align="center">

<?php 
if (isset($_POST["op"]) && ($_POST["op"]=="send")) { 

/******** START OF CONFIG SECTION *******/
  $sendto  = "[email protected]";
  $subject = "Visitor Comments";
// Select if you want to check form for standard spam text
  $SpamCheck = "Y"; // Y or N
  $SpamReplaceText = "*content removed*";
// Error message prited if spam form attack found
$SpamErrorMessage = "<p align=\"center\"><font color=\"red\">Malicious code content detected.
</font><br><b>Your IP Number of <b>".getenv("REMOTE_ADDR")."</b> has been logged.</b></p>";
/******** END OF CONFIG SECTION *******/


  $name = $HTTP_POST_VARS['name']; 
  $email = $HTTP_POST_VARS['email']; 
  $message = $HTTP_POST_VARS['message']; 
  $headers = "From: $email\n";
  $headers . "MIME-Version: 1.0\n"
	   . "Content-Transfer-Encoding: 7bit\n"
	   . "Content-type: text/html;  charset = \"iso-8859-1\";\n\n";
if ($SpamCheck == "Y") {		   
// Check for Website URL's in the form input boxes as if we block website URLs from the form,
// then this will stop the spammers wastignt ime sending emails
if (preg_match("/http/i", "$name")) {echo "$SpamErrorMessage"; exit();} 
if (preg_match("/http/i", "$email")) {echo "$SpamErrorMessage"; exit();} 
if (preg_match("/http/i", "$message")) {echo "$SpamErrorMessage"; exit();} 

// Patterm match search to strip out the invalid charcaters, this prevents the mail injection spammer 
  $pattern = '/(;|\||`|>|<|&|^|"|'."\n|\r|'".'|{|}|[|]|\)|\()/i'; // build the pattern match string 
                            
  $name = preg_replace($pattern, "", $name); 
  $email = preg_replace($pattern, "", $email); 
  $message = preg_replace($pattern, "", $message); 

// Check for the injected headers from the spammer attempt 
// This will replace the injection attempt text with the string you have set in the above config section
  $find = array("/bcc\:/i","/Content\-Type\:/i","/cc\:/i","/to\:/i"); 
  $email = preg_replace($find, "$SpamReplaceText", $email); 
  $name = preg_replace($find, "$SpamReplaceText", $name); 
  $message = preg_replace($find, "$SpamReplaceText", $message); 
  
// Check to see if the fields contain any content we want to ban
if(stristr($name, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();} 
if(stristr($message, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();} 

// Do a check on the send email and subject text
if(stristr($sendto, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();} 
if(stristr($subject, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();} 
}
// Build the email body text
  $emailcontent = " 
----------------------------------------------------------------------------- 
   WEBSITE CONTACT ENQUIRY
----------------------------------------------------------------------------- 

Name: $name 
Email: $email 
Message: $message 

_______________________________________ 
End of Email 
"; 
// Check the email address enmtered matches the standard email address format
if (!eregi("^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,6}$", $email)) { 
  echo "<p>It appears you entered an invalid email address</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>"; 
} 

elseif (!trim($name)) { 
  echo "<p>Please go back and enter a Name</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>"; 
} 


elseif (!trim($message)) { 
  echo "<p>Please go back and type a Message</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>"; 
}  

elseif (!trim($email)) { 
  echo "<p>Please go back and enter an Email</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>"; 
} 

// Sends out the email or will output the error message 
elseif (mail($sendto, $subject, $emailcontent, $headers)) { 
  echo "<br><br><p><b>Thank You $name</b></p><p>We will be in touch as soon as possible.</p>"; 

} 
} 
else { 
?> 
<p align="center">Please complete all details of your enquiry<br>and we will get back to you shortly.</p>
<br>
<form method="post"><INPUT NAME="op" TYPE="hidden" VALUE="send"> 
  <table> 
    <tr> 
      <td><p>Name:</p></td> 
      <td> 
        <input name="name" type="text" size="30" maxlength="150"> 
      </td> 
    </tr> 
      <tr> 
      <td><p>E-mail:</p></td> 
      <td> 
        <input name="email" type="text" size="30" maxlength="150"> 
      </td> 
    </tr> 

    <tr> 
      <td valign="top"><p>Message:</p></td> 
      <td><textarea name="message" cols="40" rows="6"></textarea></td> 
    </tr> 
    <tr><td></td> <td><input name="submit" type="submit" value="Send Message"></td></tr> 
  </table> 
</form> 
<?php } ?>

   <p align="center"><font size="-2">Supplied by <a href="http://www.stevedawson.com">SteveDawson.com</a></font></p></td>
  </tr>
</table>

worker012 Newbie

worker012

Posted
  • Author
Posted

I tried it with another host and it works with any email..even [email protected]  :D

I think it has to do with how my folders are within a sitebuilder folder..

 

now to stop the spam..

 

can i just enter this code from stevedawson anywhere in my form script??

 

$SpamErrorMessage = "No Websites URLs permitted";
if (preg_match("/http/i", "$name")) {echo "$SpamErrorMessage"; exit();} 
if (preg_match("/http/i", "$email")) {echo "$SpamErrorMessage"; exit();} 
if (preg_match("/http/i", "$message")) {echo "$SpamErrorMessage"; exit();}

 

Is there a better code out there that I can add to my form that doesn't have captcha or security word??

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.