I'm having some trouble setting up the recaptha with my limited PHP knowledge. I have managed to get it working in essence, but am finding that know my form data is not submitting.
Here is the PHP as it stands:
<?php
$sendToEmail="my#emailaddress.co.uk";
$yourname = $_POST["yourname"];
$timecall = $_POST["timecall"];
$email=$_POST["email"];
$phone=$_POST["phone"];
$message=$_POST["message"];
$content = "Time to Call : " . $timecall . "<br>";
$content .= "Name : " . $yourname . "<br>";
$content .= "Email : " . $email . "<br>";
$content .= "Phone : " . $phone . "<br>";
$content .= "Message : ". $message ."<br>";
$senderEmailId = "Reply-To: $email";
$senderEmailId = "From: $email\r\n";
$senderEmailId .= "Content-type: text/html\r\n";
$subject ="New Enquiry from the website";
if(isset($_POST['ContactButton'])) {
$url = 'https://www.google.com/recaptcha/api/siteverify';
$privatekey = "--private-key--";
$response = file_get_contents($url."?secret=".$privatekey."&response=".$_POST[g-recaptcha-response]."&remoteip=".$_SERVER['REMOTE_ADDR']);
$data = json_decode($response);
if (isset($data->success) AND $data->success==true) {
//// True- what happens when user is verified
header("Location:thankyou.php?CaptchaPass=True");
}else{
header("Location:thankyou.php?CaptchaFail=True");
}
}
?>
Thank you in advance!
PHP 101: array key strings which aren't quoted are treated as undefined constants. You have:
$_POST[g-recaptcha-response]
which is parsed/executed as
$_POST[g minus recaptcha minus response]
$_POST[0 minus 0 minus 0]
$_POST[0]
If you had PHP's debug options enabled (error_reporting, display_errors), you'd have been given warnings about this. These settings should NEVER be off on a debug/devel server in the first place.
Try
$_POST['g-recaptcha-response']
^--------------------^
instead. Note the quotes.
Related
I have a php contact form which has been working reliably for several years up until Jan 2022. It uses a Google reCaptcha. Apparently it fails at the mailcheck part which is near the end and prints out the "MAIL Sending Failed" message
<?php
//dont need these
error_reporting(E_ALL);
ini_set('display_errors', 1);
// check form is submitted
if ( isset($_POST['form_submit']) ) {
// get values
$error = ''; //error variable
$visitor_name = $_POST['name'];
$visitor_email = $_POST['email'];
$visitor_message = $_POST['message'];
$captcha = $_POST['g-recaptcha-response'];
//required values
if ( empty($visitor_name) || empty($visitor_email) ) {
$error = "<h3>Name and Email are required. END.</h3>";
}
//required captcha
if ( empty($captcha) ) {
$error = "<h3>Please check the the captcha form. END.</h3>";
}
// if no errors
if( empty($error) ){
$secretKey = " *** hidden *** ";
$ip = $_SERVER['REMOTE_ADDR'];
// post request to server
$url = 'https://www.google.com/recaptcha/api/siteverify?secret=' .
urlencode($secretKey) . '&response=' . urlencode($captcha);
$response = file_get_contents($url);
$responseKeys = json_decode($response, true);
// should return JSON with success as true
if ($responseKeys["success"]) {
echo '<h3>Captcha Success. Writing Mail...</h3>';
// write mail
$to = " *** my user email ***.com";
$email_subject = "C&H form v2c inquiry";
// To send HTML mail, the Content-type header must be set
// If the From header is not set, then Luxsci servers reject
// $headers = "";
$headers = "From: *** my email ***.com \r\n";
$headers .= "Reply-To: $visitor_email \r\n";
$headers .= "MIME-Version: 1.0 \r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1 \r\n";
$headers .= "X-Mailer: PHP/".phpversion();
$email_body = "message from " . $visitor_name . "<br>" .
"sender's email: " . $visitor_email . "<br>" .
"here is the message: " . $visitor_message;
// compose headers
//Send the mail
$mail_check = mail($to, $email_subject, $email_body, $headers);
if ($mail_check) {
echo "<h5>Mail sending successful. Redirecting... </h5>";
echo '<script> window.location.href = "thank_you_CG.html"; </script>';
} else {
echo "<h5>MAIL sending failed.</h5><br<br>
<h3> This is the failure message it sends out HERE </h3>";
}
} else { // if response not success
echo '<h3>reCaptcha verification failed!</h3>';
echo "Response from reCaptcha: <br>";
print_r($responseKeys);
}
} else { //if errors
echo $error;
exit;
}
}
I can also add the html but there seems to be no problem with that. As mentioned this php form was working fine for years then stopped. I've heard that the Google recaptcha uses a smaller string now?
This question already has answers here:
PHP mail: Multiple recipients?
(5 answers)
Closed 1 year ago.
I need to send my forms to multiple recipients, but I can't figure it out which line I need to edit. Please see below. I appreciate your help.
I already tried adding more values to the emailto, but I can't get it to work.
I need to send my forms to multiple recipients, but I can't figure it out which line I need to edit. Please see below. I appreciate your help.
I already tried adding more values to the emailto, but I can't get it to work.
Hello there,
I need to send my forms to multiple recipients, but I can't figure it out which line I need to edit. Please see below. I appreciate your help.
<?php
// Configure your Subject Prefix and Recipient here
$errors = array(); // array to hold validation errors
$data = array(); // array to pass back data
if($_SERVER['REQUEST_METHOD'] === 'POST') {
$subjectPrefix = $_POST['subject'];
$privacyPolicy = $_POST['privacy-policy'];
$emailTo = stripslashes(trim($_POST['email-to']));
$name = stripslashes(trim($_POST['name']));
$email = stripslashes(trim($_POST['email']));
$phone = stripslashes(trim($_POST['phone']));
$message = stripslashes(trim($_POST['message']));
$spam = $_POST['textfield'];
$confirmMsg = $_POST['confirm'];
$captcha = $_POST['captcha'];
if (empty($name)) {
$errors['name'] = 'Please fill in all required fields.';
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors['email'] = 'Please fill in all required fields.';
}
if (empty($message)) {
$errors['message'] = 'Please fill in all required fields.';
}
if (empty($captcha)) {
$errors['captcha'] = 'TEST CAPTCHA';
}
if (empty($privacyPolicy)) {
$errors['privacy_policy'] = 'Please fill in all required fields.';
}
// if there are any errors in our errors array, return a success boolean or false
if (!empty($errors)) {
$data['success'] = false;
$data['errors'] = $errors;
} else {
$subject = "Message from $subjectPrefix";
$body = '
<strong>Name: </strong>'.$name.'<br />
<strong>Email: </strong>'.$email.'<br />
<strong>Phone: </strong>'.$phone.'<br />
<strong>Message: </strong>'.nl2br($message).'<br />
';
$headers = "MIME-Version: 1.1" . PHP_EOL;
$headers .= "Content-type: text/html; charset=utf-8" . PHP_EOL;
$headers .= "Content-Transfer-Encoding: 8bit" . PHP_EOL;
$headers .= "Date: " . date('r', $_SERVER['REQUEST_TIME']) . PHP_EOL;
$headers .= "Message-ID: <" . $_SERVER['REQUEST_TIME'] . md5($_SERVER['REQUEST_TIME']) . '#' . $_SERVER['SERVER_NAME'] . '>' . PHP_EOL;
$headers .= "From: " . "=?UTF-8?B?".base64_encode($name)."?=" . " <$email> " . PHP_EOL;
$headers .= "Return-Path: $emailTo" . PHP_EOL;
$headers .= "Reply-To: $email" . PHP_EOL;
$headers .= "X-Mailer: PHP/". phpversion() . PHP_EOL;
$headers .= "X-Originating-IP: " . $_SERVER['SERVER_ADDR'] . PHP_EOL;
if (empty($spam)) {
mail($emailTo, "=?utf-8?B?" . base64_encode($subject) . "?=", $body, $headers);
}
$data['success'] = true;
$data['confirmation'] = $confirmMsg;
}
// return all our data to an AJAX call
echo json_encode($data);
}
You can separate receivers by comma like
$to = "somebody#example.com, somebodyelse#example.com";
As indicated in the mail() documentation you can use this:
$emailTo = $mail1 . ', ' . $mail2;
Strange issue - my sendmail.php is working perfectly on desktop and on mobile devices only when requesting desktop websites (in Chrome app), but when using mobile site he does not work at all.
Can someone help me figure this out?
here is the code:
<?php
if(isset($_POST['email'])) {
if (!check_email($_POST['email']))
{
echo 'Please enter a valid email address<br />';
}
else send_email();
}
exit;
function check_email($emailAddress) {
if (filter_var($emailAddress, FILTER_VALIDATE_EMAIL)) {
return TRUE;
} else {
return FALSE;
}
}
function send_email() {
$message = "\nName: " . $_POST['name'] .
"\nEmail: " . $_POST['email'] ;
$message .= "\nMessage: " . $_POST['comment'] .
"\n\nBrowser Info: " . $_SERVER["HTTP_USER_AGENT"] .
"\nIP: " . $_SERVER["REMOTE_ADDR"] .
"\n\nDate: " . date("Y-m-d h:i:s");
$siteEmail = $_POST['receiver'];
$emailTitle = $_POST['subject'];
$thankYouMessage = "Thank you for contacting us, we'll get back to you shortly.";
if(!mail($siteEmail, $emailTitle, $message, 'From: ' . $_POST['name'] . ' <' . $_POST['email'] . '>'))
{
echo 'error';
}
else
{
echo 'success';
}
}
?>
You must make sure the mobile form has these two elements:
It is being submitted using method="POST".
Your email input has the attribute and value name="email".
I demonstrate where these things are set in the following code. This is incomplete, of course, it's just designed to show you where the two required parts must be.
<form ... method="POST">
...
<input type="text" name="email" ... >
...
</form>
I need to mention one more thing ...
That being said, what you're doing here is EXTREMELY INSECURE. You are allowing someone to set an email's from and two address on a web form. A (not so) clever hacker can easily write a script to turn your server into an open relay for spam or other evil activities. At minimum, you should remove $_POST['receiver'] and replace with with a hard-coded email address or at least not something that can be altered by an end-user when they POST to your form.
So I drilled down and found that the mobile form is directing submissions through this PHP file which was 404.
The issue now is, even when this file is avaiable, emails are not sent...
' . "\r\n"; $headers .=
'From: ' . "\r\n"; $headers = 'MIME-Version: 1.0' .
"\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
$message .= "Name: " . $name . ""; $message .= "Subject: "
. $subject . ""; $message .= "Email: " . $email . ""; $message .= "Message: " . $message_text . "";
mail($to, $subject, $message, $headers, "-f noreplay#info.com");
echo 1; }
if(isset($_POST['sendmail']) && $_POST['sendmail'] == 1){
send_mail(); } ?>
The problem I'm having is that I want to pass through data from a number of fields in a form into one email send via PHP, the concerned code is as follows:
$mailcheck = spamcheck($_POST['inputemail']);
if ($mailcheck==FALSE)
{
echo "Invalid input";
}
else
{
// This still needs to be debugged online as soon as possible
$from = $_POST['inputemail'];
$name = $_POST['inputname'];
$phone = $_POST['inputphone'];
$date = $_POST['inputdate'];
$time = $_POST['inputtime'];
$data = $_POST['inputprotection'];
$subject = $_POST['inputdropdown'];
$message = $_POST['inputmessage'];
$message = wordwrap($message, 70);
mail("UP498701#myport.ac.uk",$subject,$message,"From: $from\n" . "Name: $name\n" . "Phone: $phone\n" . "Date: $date\n" . "Time: $time\n" . "Keep Data? $data\n");
echo "Thank you for sending us feedback, you'll be redirected in 5 seconds";
}
}
This is where I'm declaring all the information to be passed as a header for the email. The current PHP passes syntax check as works to the extent that an email is sent containing the $to, $subject, $message all fine, but the $header only passes through the final part (Keep Data? $data\n). When I remove all the other fields and simply keep the $data part, the email stops sending any $header. I also have an issue with the redirect, which has been removed from the below code and will be inserted as soon the current issue is resolved. The current full PHP is:
<html>
<body>
<?php
function spamcheck($field)
{
// Sanitize e-mail address
$field=filter_var($field, FILTER_SANITIZE_EMAIL);
// Validate e-mail address
if(filter_var($field, FILTER_VALIDATE_EMAIL))
{
return TRUE;
}
else
{
return FALSE;
}
}
?>
<?php
if (isset($_POST['inputemail']))
{
$mailcheck = spamcheck($_POST['inputemail']);
if ($mailcheck==FALSE)
{
echo "Invalid input";
}
else
{
// This still needs to be debugged online as soon as possible
$from = $_POST['inputemail'];
$name = $_POST['inputname'];
$phone = $_POST['inputphone'];
$date = $_POST['inputdate'];
$time = $_POST['inputtime'];
$data = $_POST['inputprotection'];
$subject = $_POST['inputdropdown'];
$message = $_POST['inputmessage'];
$message = wordwrap($message, 70);
mail("UP498701#myport.ac.uk",$subject,$message,"From: $from\n" . "Name: $name\n" . "Phone: $phone\n" . "Date: $date\n" . "Time: $time\n" . "Keep Data? $data\n");
echo "Thank you for sending us feedback, you'll be redirected in 5 seconds";
}
}
?>
</body>
and is temporarily hosted at http://luke-hale.com/temp/contact.html. I'm sure this is just a case of being misinformed on my part, but any help would be great, cheers!
EDIT:
okay so that issue is sorted with:
$subject = $_POST['inputdropdown'];
$message = $_POST['inputmessage'] . "\r\n\r\n" . $_POST['inputname'];
$message = wordwrap($message, 70);
$headers = "From: " . $_POST['inputemail'];
mail("UP498701#myport.ac.uk",$subject,$message,$headers);
echo "Thank you for sending us feedback, you'll be redirected in 5 seconds";
Which works though doesn't display the $headers anywhere, but I'm not too fussed about this, the next thing is the redirect, which I would usually run through via:
header("refresh:5;url=http://www.domain.com")
Though this was not working correctly earlier, I will apply an edit when tested for anyones future reference.
EDIT
So the form works but the re-direct does not. The site is still hosted on the same domain, but now the full PHP looks like this:
<html>
<body>
<?php
function spamcheck($field)
{
// Sanitize e-mail address
$field=filter_var($field, FILTER_SANITIZE_EMAIL);
// Validate e-mail address
if(filter_var($field, FILTER_VALIDATE_EMAIL))
{
return TRUE;
}
else
{
return FALSE;
}
}
?>
<?php
if (isset($_POST['inputemail']))
{
$mailcheck = spamcheck($_POST['inputemail']);
if ($mailcheck==FALSE)
{
echo "Invalid input";
}
else
{
$subject = $_POST['inputdropdown'];
$message = "Name: " . $_POST['inputname'] . "\r\n\r\n" . "Email: " . $_POST['inputemail'] . "\r\n\r\n" . "Phone: " . $_POST['inputphone'] . "\r\n\r\n" . "Date: " . $_POST['inputdate'] . "\r\n\r\n" . "Time: " . $_POST['inputtime'] . "\r\n\r\n" . "Retain Data? " . $_POST['inputprotection'] . "\r\n\r\n" . "Message: " . $_POST['inputmessage'];
$message = wordwrap($message, 70);
$headers = "From: " . $_POST['inputemail'];
mail("UP498701#myport.ac.uk",$subject,$message,$headers);
echo "Thank you for sending us feedback, you'll be redirected in 5 seconds";
}
}
header("refresh:5;url=http://www.domain.com")
?>
</body>
The form still sends fine but the return states that the line beginning "header" cannot be passed because the browser data has already been modified. I'm not sure sure what I've done or where so if anyone could lend a hand, that'd be great!
FINAL EDIT
My final, fully working, code:
<?php
function spamcheck($field)
{
$field=filter_var($field, FILTER_SANITIZE_EMAIL);
if(filter_var($field, FILTER_VALIDATE_EMAIL))
{
return TRUE;
}
else
{
return FALSE;
}
}
?>
<?php
ob_start();
if (isset($_REQUEST['inputemail'])&&($_REQUEST['inputname'])&&($_REQUEST['inputmessage']))
{
$mailcheck = spamcheck($_POST['inputemail']);
if ($mailcheck==FALSE)
{
echo "Invalid email, you'll be redirected ";
header("refresh:5;url=http://www.luke-hale.com/");
}
else
{
$subject = $_POST['inputdropdown'];
$message = "Name: " . $_POST['inputname'] . "\r\n\r\n" . "Email: " . $_POST['inputemail'] . "\r\n\r\n" . "Phone: " . $_POST['inputphone'] . "\r\n\r\n" . "Date: " . $_POST['inputdate'] . "\r\n\r\n" . "Time: " . $_POST['inputtime'] . "\r\n\r\n" . "Retain Data? " . $_POST['inputprotection'] . "\r\n\r\n" . "Message: " . $_POST['inputmessage'];
$message = wordwrap($message, 70);
$headers = "From: " . $_POST['inputemail'];
mail("UP498701#myport.ac.uk",$subject,$message,$headers);
echo "Thank you for your messgae, I'll get back to you as soon as possible! You'll be redirected in 5 seconds.";
}
header("refresh:5;url=http://www.luke-hale.com/");
}
else
{
echo "You did not fill all the required fields, please try again.";
header("refresh:5;url=http://www.luke-hale.com/");
}
?>
Try putting your form data into the $message variable, insert \n after each attribute to give a new line. Do not use the header.
Location and Refresh both require an absolute URI
header('Location: http://www.domain.com');
Examples for mail:
https://stackoverflow.com/a/22833890/3489793
https://stackoverflow.com/a/22831825/3489793
mail("Your Email Address Here",$subject,$therest,"subject: $subject\n");
U said this:
"The mail function is also not the issue, and correct syntax is" mail($to,$subject,$message,$headers,$parameters)
Explanation:
your email adress = $to
$subject = $subject
$therest = $message (rename it if you want)
"subject: $subject\n" = the header (change it to $headers if you want that)
Header example (as in the documentation)
$headers = 'From: webmaster#example.com' . "\r\n" .
'Reply-To: webmaster#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
You could echo a Javascript at the bottom of your PHP script which redirects instead, like this:
$url = "url";
$time = 5000 // time in milliseconds
print "<script>window.setTimeout(function(){window.location='".$url."'},".$time.") </script>"
Can anyone please help me with this php code. I am using a php code in my contact us page to send an email to my account. Somehow the code is not working. The basic function of this code is to capture the details inputted by an user and send the details to my email account. But somehow the PHP code is executing and not showing any error but is not sending email to my account. So, anyone please suggest me where i am going wrong... Thanks all...
Here is the PHP code which i am using:
<?php
error_reporting(0);
error_reporting (E_NONE);
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$mob_no = $_POST['mob_no'];
$email = $_POST['email'];
$course = $_POST['course'];
$location = $_POST['location'];
$city = $_POST['city'];
$to = "example#mywebsite.com";
$subject = 'Request Assistance';
$headers = array();
$headers[] = 'MIME-Version: 1.0';
$headers[] = 'Content-type: text/html; charset = iso-8859-1';
$headers[] = 'Content-Transfer-Encoding: 7bit';
$headers[] = 'From: ' . $first_name . " " . $last_name;
$message .= "First Name: " . $first_name . "\n";
$message .= "Last Name: " . $last_name . "\n";
$message .= "Mobile No: " . $mob_no . "\n";
$message .= "E-Mail: " . $email . "\n";
$message .= "Course: " . $course . "\n";
$message .= "Location: " . $location . "\n";
$message .= "City: " . $city . "\n";
?>
<?php
$success = mail($to, $subject, $message, $headers);
if (($_POST['first_name'] == "") || ($_POST['last_name'] == "") || ($_POST['mob_no'] == "") || ($_POST['email'] == "") || ($_POST['course'] == "") || ($_POST['location'] == "") ||($_POST['city'] == "")) {
echo '<h1>Sorry for the inconvenience!</h1>';
echo '<p>We have encountered a problem, Please Note:<br />';
echo 'Make sure you fill in all the details<br />';
echo 'Do not use spaces or special characters, except in E-Mail.<br />';
echo 'Inconvenience is deeply regretted!!!</p>';
}
if ((!ctype_alpha($first_name)) || (!ctype_alpha($last_name)) || (!ctype_digit($mob_no)) || (!ctype_alpha($course)) || (!ctype_alpha($location)) || (!ctype_alpha($city))) {
echo '<h1>Sorry for the inconvenience!</h1>';
echo '<p>We have encountered a problem, Please Note:<br />';
echo 'Make sure you fill in all the details<br />';
echo 'Do not use spaces or special characters, except in E-Mail.<br />';
echo 'Inconvenience is deeply regretted!!!</p>';
}
if ($success) {
echo '<h1>Congratulations!</h1>';
echo '<p>The following message has been sent:<br /><br />';
echo '<b>To:</b> ' . $to . '<br />';
echo '<b>From:</b> ' . $email . '<br />';
echo $message;
}
?>
Your code itself doesn't look wrong to me, see following:
1. Make sure your host enables mail function
2. Using mail may result in the junk folder sometimes as many spam uses this
3. Try using phpmailer, similar to mail but more configurable