my php email script doesn't seem to be sending but I can't see why. Also I understand that there are certain security flaws with my script, any advice with that is much appreciated!
thank you
<?php
include('config.php');
$email1 = $_POST['email1'];
$id = $_POST['id'];
$fname = $_POST['fname'];
$firstname = $_POST['firstname'];
$surname = $_POST['surname'];
$to = '$email1';
$from = "$email";
$subject = "SC - You Have a Reply";
$body = "<html>
<body bgcolor=\"#FFFFFF\">
<center>
<b>Dear $firstname</b> <br>
<font color=\"red\">You have a response, regarding your Ad on StudentClutter!</font> <br>
<p> --------------------------------------------------------- </p>
<b> $fname </b>
<p> --------------------------------------------------------- </p>
<p> ".stripslashes($_POST['body'])." </p>
<br>
<br>
<br>
<p> You can reply to them by email: $emailadd </p>
<br>
<br>
<br>
<p>Thank you for using studentclutter.com </p>
<p> -- The Student Clutter Team </p>
</center>
</body>
</html>";
// To send the HTML mail we need to set the Content-type header.
$headers = "MIME-Version: 1.0rn";
$headers .= "Content-type: text/html; charset=iso-8859-1rn";
$headers .= "From: $from\r\n";
// now lets send the email.
mail($to, $subject, $body, $headers);
echo "Message has been sent!";
?>
You are using single quotes around $email1, these are not necessary. Remove the quotes and it should work just fine.
Like this
$to = $email1;
I would advise you to check out the PHPMailer class, this class offers a whole range of features, along with security. It is very easy to use, just read through the documentation.
UPDATE
You have not escaped the return and new line special characters at the end of some of the headers. Change the end of the lines to look like this:
\r\n";
Related
This question already has answers here:
PHP mail function doesn't complete sending of e-mail
(31 answers)
Closed 10 months ago.
Hi guys I run my website and it all work except contact us form.
HTML
<div class="border"></div>
<form class="contact-form" action="mail.php" method="post">
<div class="fisrtthree">
<input type="text" name="fname" class="contact-form-text" placeholder="First name" required>
</div>
<div class="fisrtthree">
<input type="text" name="lname" class="contact-form-text" placeholder="Last name" required>
</div>
<div class="fisrtthree">
<input type="email" name="email" class="contact-form-text" placeholder="Email" required>
</div>
<div>
<textarea class="contact-form-text" name="message" rows="6" maxlength="3000" placeholder="Your message" required></textarea>
</div>
<div>
<button type="submit" id="fcf-button" class="contact-form-btn">Send</button>
<div>
</form>
PHP
<?php
if(isset($_POST['message']) == false) { // If there's no message
echo "Uh oh. Looks like you didn't actually include a message, friend.<br><br>";
die();
}
$destination = "##gmail.com"; // Put your email address here
$subject = "Message from your website!"; // Fill in the subject line you want your messages to have
$fromAddress = "##domain.com"; // Fill in the email address that you want the messages to appear to be from
// Use a real address to reduce the odds of getting spam-filtered.
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$message = str_replace("\n.", "\n..", $_POST['message']); // Prevents a new line starting with a period from being omitted
$message = "First Name: ". $fname ."\n Last Name: ". $lname ."\n Email: ". $email ."\n Message: ".$message."\n";
$headers = array();
$headers[] = "MIME-Version: 1.0";
$headers[] = "Content-type: text/plain; charset=iso-8859-1";
$headers[] = "From: " . $fromAddress;
$headers[] = "Subject: " . $subject;
$headers[] = "X-Mailer: PHP/".phpversion();
mail($destination, $subject, $message, implode("\r\n", $headers));
Thanks for your message:
echo $message; ?>
Go back home
?>
As you see I tried to get message from ##domain.com and received it in mygmail#gmail.com. but it didn't work, I received nothing in my inbox. is there anything to do with my gmail and my hosted email.
Your email is not being sent. You can try to capture the error that happened via php's last error function, after sending the email :
print_r(error_get_last());
Firstly, ensure that your email service provider makes allowance for the use of less secure apps, and make sure you have this feature enabled (Be sure to disable it later). My 'from' email was a Gmail account where non-secure apps can be enabled at this address: https://myaccount.google.com/lesssecureapps?pli=1
Secondly, ensure that your local mail server is correctly set up. If you are using XAMPP follow the directions here: https://www.geeksforgeeks.org/how-to-configure-xampp-to-send-mail-from-localhost-using-php/
Next, name the button on your form in order to detect the form submission, I named the button 'submit'.
Then in mail.php use this code
<?PHP
if(isset($_POST['submit']) && empty($_POST['message'])) {
// If there's no message
echo "Uh oh. Looks like you didn't actually include a
message, friend.<br><br>";
die();
}
$destination = "fihriabdelali#gmail.com";
$subject = "Message from your alfidomain.com!";
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$fromAddress=$email;
$message = str_replace("\n.", "\n..", $_POST['message']);
// Prevents a new line starting with a period from being omitted
$message = "First Name: ". $fname ."\n Last Name: ".$lname ."\n Email: ". $email ."\n Message: ".$message."\n";
$headers = array();
$headers[] = "MIME-Version: 1.0";
$headers[] = "Content-type: text/plain; charset=iso-8859-1";
$headers[] = "From: " . $fromAddress;
$headers[] = "Subject: " . $subject;
$headers[] = "X-Mailer: PHP/".phpversion();
mail($destination, $subject, $message, implode("\r\n",
$headers));
// mail($to,$subject,$msg,$headers);
echo "Email successfully sent.";
?>
If you are not Abdelali make sure you set $destination to "youremail#domain.com"
My hosting provider has contacted me and said one of the sites I have designed is sending spoof emails. Done a little bit of research but I still don't really understand how/what are they are doing to send these spoof emails. However more importantly how should I approach this, would it help if I try and put one of these 'captcha' things in place on the contact form or should I change the code I have on my site. Which is shown below:
<?php
$EmailFrom = Trim(stripslashes($_POST['EmailFrom']));
$EmailTo = "***";
$Subject = "Message to A R C Products";
$Name = Trim(stripslashes($_POST['Name']));
$Address = Trim(stripslashes($_POST['Address']));
$Telephone = Trim(stripslashes($_POST['Telephone']));
$Message = Trim(stripslashes($_POST['Message']));
// prepare email body text
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$Message = "
Name:$Name
Address: $Address
Telephone: $Telephone
$Message";
// send email
$success = mail($EmailTo, $Subject, $Message, $headers);
// redirect to success page
if ($success){
print "<meta http-equiv=\"refresh\" content=\"0;URL=ok.html\">";
}
else{
print "<meta http-equiv=\"refresh\" content=\"0;URL=error.html\">";
}
?>
<h2><strong>Contact Us</strong></h2>
<form method="POST" action="contact.php">
<br/>
<p style="margin-top: 0;">Fields marked (*) are required</p>
<p style="margin-top: 0;">Your Email:* <br/>
<input type="text" name="EmailFrom">
<p style="margin-top: 0;">Name:* <br/>
<input type="text" name="Name">
<p style="margin-top: 0;">Address:<br/>
<input type="text" name="Address">
<p style="margin-top: 0;">Telephone:<br/>
<input type="text" name="Telephone">
<p style="margin-top: 0;">Message:*<br/>
<TEXTAREA NAME="Message" ROWS=6 COLS=40>
</TEXTAREA>
<p style="margin-top: 0;"><input type="submit" name="submit" value="Submit">
</form>
Take a look on filter_input to clean your input data. Also i would not use the email from the form as a from address.
$EmailFrom = filter_input(INPUT_POST,'EmailFrom', FILTER_SANITIZE_EMAIL);
Basically I am trying to re work a plugin so what I need to do is post the form data on the Cart.php form on the same page. Below is the set up I have but the $_POST info is not returning anything when email is sent:
Cart.php
<form id='SimpleEcommCartCartForm' action="" method="post">
<div id="emailForm">
<p>Please fill out the form below and one of our associates will contact you with more information.</p>
<div class="col-xs-4">
Name: <input type="text" name="name" id="name">
</div>
<div class="col-xs-4">
E-mail: <input type="email" name="email" id="email">
</div>
<div class="col-xs-4">
Phone: <input type="tel" name="phone" id="phone">
</div>
</div>
</form>
<?php
//Send the email
$to = "test#gmail.com";
$name = $_POST['name'] ;
$from = $_POST['email'] ;
$phone = $_POST['phone'] ;
$headers = "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
$headers .= "From: $from";
$subject = "Pump Part Inquiry";
$emailBody = "
<html>
<head>
<style>
</style>
</head>
<body>
<h1> Pump Inquiry</h1>
<h3>From:".$name."<h3>
<h3>Phone:".$phone."<h3>
<p>Minetuff Parts".$mine."</p>
<p>Flygt Parts".$flygt."</p>
</body>
</html>";
$send = mail($to, $subject, $emailBody, $headers);
?>
It sends the mail with nothing in it (or missing information) if you load it right away, and it's because of a specific reason.
As it stands, your code will send you an Email as soon as you load the page, so it's best to wrap your (PHP) code inside an isset() to work in conjunction with a (named) submit button, which seems to be missing in your originally posted question/code.
Plus, you have two undefined variables:
$mine and $flygt, so you'll need to define those to fit your needs.
I.e.: if(isset($_POST['submit'])) and <input type="submit" name="submit" value="Send">
Sidenote: It's best to check for empty fields, but that's another topic; see my footnotes.
Tested and working, and receiving all info and I've replaced your present mail function with if(mail($to, $subject, $emailBody, $headers)){...}
<form id='SimpleEcommCartCartForm' action="" method="post">
<div id="emailForm">
<p>Please fill out the form below and one of our associates will contact you with more information.</p>
<div class="col-xs-4">
Name: <input type="text" name="name" id="name">
</div>
<div class="col-xs-4">
E-mail: <input type="email" name="email" id="email">
</div>
<div class="col-xs-4">
Phone: <input type="tel" name="phone" id="phone">
<input type="submit" name="submit" value="Send">
</div>
</div>
</form>
<?php
//Send the email
if(isset($_POST['submit'])){
$to = "test#gmail.com";
$name = $_POST['name'] ;
$from = $_POST['email'] ;
$phone = $_POST['phone'] ;
$headers = "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
$headers .= "From: $from";
$subject = "Pump Part Inquiry";
// $mine = " Mine variable"; // replace this
// $flygt = " Flygt variable"; // replace this
$emailBody = "
<html>
<head>
<style>
</style>
</head>
<body>
<h1> Pump Inquiry</h1>
<h3>From:".$name."<h3>
<h3>Phone:".$phone."<h3>
<p>Minetuff Parts".$mine."</p>
<p>Flygt Parts".$flygt."</p>
</body>
</html>";
// $send = mail($to, $subject, $emailBody, $headers);
if(mail($to, $subject, $emailBody, $headers)){
echo "Mail sent.";
}
else{
echo "Sorry, something went wrong.";
}
} // brace for if(isset($_POST['submit']))
?>
If you're still having problems:
Add error reporting to the top of your file(s) right after your opening <?php tag, which will help during production testing.
error_reporting(E_ALL);
ini_set('display_errors', 1);
Footnotes:
You are open to XSS attacks (Cross-site scripting).
Use the following (PHP) filter function: FILTER_SANITIZE_FULL_SPECIAL_CHARS
$name = filter_var($_POST['name'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
Equivalent to calling htmlspecialchars() with ENT_QUOTES set. Encoding quotes can be disabled by setting.
To check for empty fields, you can add this below if(isset($_POST['submit'])){
if(empty($_POST['name']) || empty($_POST['email']) || empty($_POST['phone'])){
echo "Fill out all the fields";
exit;
}
|| means "OR", which could very well be replaced by OR if you want, however || has precedence over OR.
This is a very basic method; there are other ways of accomplishing this, but you get the gist of it.
The issue here is that the mail is sent before the submit since you didn't test of the existence of $_POST variables, try something like this:
<form id='SimpleEcommCartCartForm' action="" method="post">
<input type="hidden" name="action" value="mailing"/>
<div id="emailForm">
<p>Please fill out the form below and one of our associates will contact you with more information.</p>
<div class="col-xs-4">
Name: <input type="text" name="name" id="name">
</div>
<div class="col-xs-4">
E-mail: <input type="email" name="email" id="email">
</div>
<div class="col-xs-4">
Phone: <input type="tel" name="phone" id="phone">
</div>
<input name="submit" type="submit"/>
</div>
</form>
<?php
if(isset($_POST['mailing'])){
// Send the email
$to = "test#gmail.com";
$name = $_POST['name'] ;
$from = $_POST['email'] ;
$phone = $_POST['phone'] ;
$headers = "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
$headers .= "From: $from";
$subject = "Pump Part Inquiry";
$emailBody = "
<html>
<head>
<style>
</style>
</head>
<body>
<h1> Pump Inquiry</h1>
<h3>From:".$name."<h3>
<h3>Phone:".$phone."<h3>
<p>Minetuff Parts".$mine."</p>
<p>Flygt Parts".$flygt."</p>
</body>
</html>";
$send = mail($to, $subject, $emailBody, $headers);
}
?>
Once the email is sent, you haven't told PHP to output anything to the page.
You could add something like echo 'Mail sent'; to the end of the PHP so if the script is being executed correctly then you'll know about it.
If the problem lies within the email not being sent at all, this may be a problem with your server and you should look for a tutorial on how to set up mail correctly. If you're using shared hosting, there are some companies that do not allow the use of the PHP mail() function so I would check with them first.
Amongst this I would recommend that you use something like PHPMailer, a full email library for PHP. Then you could configure for your emails to be sent from anywhere that supports SMTP (not sure if others are supported but there most likely is). PHPMailer will work with shared hosting.
Updated - Code that you can try
Try this out in replacement of $emailBody:
$emailBody = <<<EOT
<html>
<head>
<style type="text/css">
</style>
</head>
<body>
<h1>Pump Inquiry</h1>
<h3>From: $name<h3>
<h3>Phone: $phone<h3>
<p>Minetuff Parts $mine</p>
<p>Flygt Parts $flygt</p>
</body>
</html>
EOT;
NB: Some email clients only allow the use of inline CSS, so if you did decide to add anything to your <style> tag in the <head>, don't expect it to work very well or at all in some cases.
As someone has mentioned before, you'll also need to protect against cross-site scripting.
i've been trying to fix this one with solutions i've found here and in other foruns but nothing seems to work. I'm really noob with PHP. I don't know if this info is relevant but i'm hosting my project at byethost.com which they say it supports PHP.
I have made a contact form in my HTML contact page, made a PHP file to process the data and send it to my gmail adress. It says message successfully sent, but the data never arrives at my inbox on gmail. I've tried changing the PHP code (with copy paste solutions) in alternative ways but with no luck. I've also tried to sent it to my hotmail account but it doesn't work either. Can anyone help me?
Here is the HTML contact form:
<div id="form_wrap">
<form method="post" action="form_process.php" id="contact_form" class="contact">
<label>
<span>NOME*</span>
<input name="nome" type="text" tabindex="1" required>
</label>
<label>
<span>E-MAIL*</span>
<input name="email" type="email" tabindex="2" required>
</label>
<label>
<span>TELEFONE*</span>
<input name="phone" type="tel" tabindex="3" required>
</label>
<label>
<span>WEBSITE</span>
<input name="website" placeholder="http://" type="url" tabindex="4">
</label>
<label>
<span>MOTIVO DE CONTACTO*</span>
<select class="escolha" name="motivo" size="1" tabindex="5" required>
<option>Contratá-lo</option>
<option>Fazer uma pergunta</option>
<option>Dizer olá ou agradecer</option>
</select>
</label>
<div>
<label>
<span>MENSAGEM*</span>
<textarea name="message" tabindex="6" required></textarea>
</label>
</div>
<div>
<input name="submit" type="submit" value="Enviar" id="submit">
</div>
</form>
<a class="subtop" href="#subtop">– Voltar ao topo</a>
</div>
Here is my form_process.php:
<?php
if(isset($_POST['submit'])) {
$nome = $_POST['nome'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$website = $_POST['website'];
$motivo = $_POST['motivo'];
$message = $_POST['message'];
$to = "mygmailadress#gmail.com";
$subject = "Site contact form";
$header = "From: ".$fromText."\r\n";
$header .= "Cc: ".$ccText."\n";
$header .= "Reply-To : ".$fromText."\r\n";
$header .= "Return-Path : ".$fromText."\r\n";
$header .= "X-Mailer: PHP\r\n";
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-Type: text/plain; charset=iso-8859-1\r\n";
mail($to, $subject, $header, $message, "From: " . $nome);
}
if(#mail($emailRecipient, $subject, $message, $headers))
{
echo "Mail Sent Successfully";
}else{
echo "Mail Not Sent";
}
?>
Why twice mail function?
mail has 4 parameters, you give 5 params (from is a paert of fourth, it should be in $header)
variable $emailRecipient used in your mail function doesn't exists.
in 'from' header should be an e-mail address (and name), not only a non-mail string
There are many possible reasons that the email never arrives.
It could be caught in spam, blocked by your host or your mail function could be incorrectly setup in your php.ini file.
However, from your code it looks like you are using the mail() function incorrectly.
You are trying to send the email twice by calling the function twice. Just call it once like:
if(mail(...)) {
echo 'good times';
} else {
echo 'boo, no email was sent';
}
Secondly you are using the function incorrectly. According to the documentation here the mail function takes five arguments like so:
bool mail ( string $to , string $subject , string $message [, string $additional_headers [, string $additional_parameters ]] )
$additional_headers and $additional_parameters are optional as denoted by the [square brackets]. $to, $subject and $message are required in that order.
Thirdly I heavily suggest NOT using the built in mail() function.
I suggest using SwiftMailer. It's a fully comprehensive PHP library which will look after you.
U are trying to send mail twice you are using wrong variable names.
This code works for me.
<?php
if(isset($_POST['submit'])) {
$nome = $_POST['nome'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$website = $_POST['website'];
$motivo = $_POST['motivo'];
$message = $_POST['message'];
$to = "asdf#gmail.com";
$subject = "Site contact form";
$header = "From: ".$email."\r\n";
$header .= "Cc: ".$email."\n";
$header .= "Reply-To : ".$email."\r\n";
$header .= "Return-Path : ".$email."\r\n";
$header .= "X-Mailer: PHP\r\n";
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-Type: text/plain; charset=iso-8859-1\r\n";
if(mail($to, $subject, $message, $header))
{
echo "Mail Sent Successfully";
}else{
echo "Mail Not Sent";
}
}
?>
If you are usinf free hosting, they probably restrict your ability to send email.
Something like that is happening:
https://www.freehosting.com/client/knowledgebase.php?action=displayarticle&id=25
PHP mailing functionality is limited on free account to prevent abuse. To make it working, your mailing script should be configured to use SMTP server 'cpanel.freehosting.com' and to authenticate against it using credentials of email account set up in cpanel.
Paid accounts are provided with unrestricted access to PHP mailing functionality.
You can find more info on setting up email authentication in PHP scripts at this link:
http://email.about.com/od/emailprogrammingtips/qt/PHP_Email_SMTP_Authentication.htm
Optionally, PHP mail() can be enabled by purchasing corresponding addon HERE.
I would like to be able to send mail from my homepage but it aint working as I want. i get a mail but it doesnt say from home. Just says Unknown. The thing I have this in two diffrent places. The other place I use other textareas and there I get everything in my mail and it works fine but this other place I am trying to work I only want them to add there email and then it should be sent with all info.
My code on my page:
<form id="subscribe" class="clearfix" method="post" action="get_mail.php">
<div class="field alignleft">
<input type="text" value="Enter your email" onclick="if(this.value=='Enter your email')this.value='';" onblur="if(this.value=='')this.value='Enter your email';" />
</div>
<div class="search-btn">
<input type="submit" value="" />
</div>
</form>
Then I have this php script
<?php
//-----------------------------------------------------
//-----------------------------------------------------
$address= "xxxxx.xxxxx#outlook.com";
//-----------------------------------------------------
//-----------------------------------------------------
$name = $_REQUEST["name"];
$email = $_REQUEST["email"];
$website = $_REQUEST["website"];
$subject .= "You have an email from your web site (from $name)! \n\n";
$message_content = strip_tags($_REQUEST["message"]);
$headers = "From: $name <$email>\n";
$headers .= "Reply-To: $subject <$email>\n";
$message = "--$mime_boundary\n\n";
$message .= "You have an email from your web site: \n\n\n";
$message .= "Name: $name \n\n";
$message .= "Email: $email \n\n";
$message .= "Website: $website \n\n";
$message .= "Message: $message_content \n\n";
$message .= "--$mime_boundary--\n\n";
$mail_sent = mail($address, $subject, $message, $headers);
echo $mail_sent ? "Success, mail sent!" : "Mail failed";
?>
Two things:
Try replacing "\n" in $headers with "\r\n".
As far as I know, some hosts (I think GoDaddy or Hostgator do this for example) will override the "from" value in sent emails and change it to the one you have with them. This means that if you don't explicitly have "from#domain.com" in your hosting account you won't be able to send emails from that address and it will be always overridden. You have to contact your host to check this. I suggest also checking the script on another server if possible.
None of your form fields appear to have names - your code here:
$name = $_REQUEST["name"];
$email = $_REQUEST["email"];
$website = $_REQUEST["website"];
requires form fields with the names "name", "email", and "website". For example, your "email" field needs to look like this:
<input type="text" name="email" ... />