I've got a WordPress site with a contact form that works fine on my MAMP environment, but when I publish to my clients WIMP server I get a failure.
I am not at all familiar with WIMP environments- how does one go about checking PHP error logs
Offhand, are there issues with PHP emailing on WIMP that would be causing this?
Code:
<?php
if ($_POST["contact_name"]<>'') {
$ToEmail = 'me#domain.com';
$EmailSubject = 'New contact message';
$mailheader = "From: ".$_POST["contact_email"]."\r\n";
$mailheader .= "Reply-To: ".$_POST["contact_email"]."\r\n";
$mailheader .= "Content-type: text/html; charset=iso-8859-1\r\n";
$MESSAGE_BODY = "<b>Name:</b> ".$_POST["contact_name"]."<br>";
$MESSAGE_BODY .= "<b>Email:</b> ".$_POST["contact_email"]."<br>";
mail($ToEmail, $EmailSubject, $MESSAGE_BODY, $mailheader) or die ("Failure");
?>
<h4>Your message was sent. We will be in touch with you shortly.</h4>
<?php
} else {
<form id="contact-form" name="contact" method="post" action="#">
<label for="contact-name">Name *</label>
<input type="text" id="contact-name" name="contact_name" tabindex="1" class="required"/>
<label for="contact-email">Email</label>
<input type="text" id="contact-email" name="contact_email" tabindex="2" class="email" />
<input type="submit" id="contact-submit" name="contact_submit" value="" tabindex="8" />
</form>
<?php
};
?>
Windows does not have a built in email server like unix type OSs tend to have. You need to configure php.ini to add SMTP server information through which to relay email.
The PHP manual page for the `mail()' function details a number of Windows-specific points. However, the main points which could affect you are in this section: (to quote)
The Windows implementation of mail() differs in many ways from the Unix implementation. First, it doesn't use a local binary for composing messages but only operates on direct sockets which means a MTA is needed listening on a network socket (which can either on the localhost or a remote machine).
Second, the custom headers like From:, Cc:, Bcc: and Date: are not interpreted by the MTA in the first place, but are parsed by PHP.
As such, the to parameter should not be an address in the form of "Something <someone#example.com>". The mail command may not parse this properly while talking with the MTA.
There are a few other things to consider as well; please read the manual page for more.
Hope that helps.
Related
This question already has answers here:
PHP mail function doesn't complete sending of e-mail
(31 answers)
Closed 3 years ago.
I'm fairly new to php and I'm still learning the basics. I created a simple "contact us" form that should send the data to an email address. However, I'm not receiving the email. The "Thank you" message displays correctly, but the email is never sent.
Unfortunately my knowledge in php is slim so I'm having difficulty trouble shooting this one. I did successfully code a simpler form with only one field. That one is sending correctly. Since this form has multiple fields, it seems to be throwing something off.
<?php
if($_POST["submit"]) {
$recipient="myemail#gmail.com";
$subject="Contact Form";
$sender=$_POST["sender"];
$senderEmail=$_POST["senderEmail"];
$message=$_POST["message"];
$mailBody="Name: $sender\nEmail: $senderEmail\n\n$message";
mail($recipient, $subject, $mailBody, "From: $sender <$senderEmail>");
$thankYou="<p>Thank you! Your message has been sent.</p>";}
?>
<?=$thankYou ?>
<form method="post" action="company.php">
<input class="contact" type="text" name="sender"
placeholder="First Name" size="25">
<input class="contact" type="text" name="last"
placeholder="Last Name" size="25">
<input class="contact" type="text" name="title"
placeholder="Title" size="25">
<input class="contact" type="text" name="business"
placeholder="Business" size="25">
<input class="contact" type="email" name="senderEmail"
placeholder="Email" size="25">
<input class="contact" type="text" name="phone"
placeholder="phone" size="25">
<textarea class="contact" name="message"
placeholder="How can we help you?" rows="4" cols="56"></textarea>
<input class="blu-btn" type="submit" name="submit"
value="Send Message">
</form>
It's not throwing any errors, I'm just not receiving the email. I've checked spam, tried a separate email, I'm missing something. Thank you so much for your help!
You should check first if your server is truly sending the mail, changing your code a bit:
if($_POST["submit"])
{
$recipient="myemail#gmail.com";
$subject="Contact Form";
$sender=$_POST["sender"];
$senderEmail=$_POST["senderEmail"];
$message=$_POST["message"];
$mailBody="Name: $sender\nEmail: $senderEmail\n\n$message";
if (mail($recipient, $subject, $mailBody, "From: $sender <$senderEmail>"))
{
echo "<p>Thank you! Your message has been sent.</p>";
}
else
{
print_r(error_get_last()["message"]);
}
}
Take a look into the PHP Documentation for mail() function
Return Values
Returns TRUE if the mail was successfully accepted for
delivery, FALSE otherwise.
It is important to note that just because the mail was accepted for
delivery, it does NOT mean the mail will actually reach the intended
destination.
Probably the server itself isn't properly configured to send email.
Is a shared hosting? Or something like?
Kind regards!
The environment where you run this makes all the difference. Mail may not be configured correctly or, some spam filter blocked it. In this case, nothing in your code can make a difference.
If you have control of the server, and you know how, you could check the mail program. If you are limited to only writing code, you have other options. You can use SMTP and send email through an external service. Then you can use mailtrap.io to capture the outbound email. This is a good way to go for debugging and making sure that your code is right.
You can use SwiftMailer if you want to try an alternative mail client.
I'm trying to send email from my domain. Mail is delivering properly. But it showing some message mentioning that the delivered message is spam. Please help me to overcome that problem. This is the message I got Be careful with this message
This may be a spoofed message. The message claims to have been sent
from your account, but Gmail couldn’t verify the actual source. Avoid
clicking links or replying with sensitive information, unless you are
sure you actually sent this message. (No need to reset your password,
the real sender does not actually have access to your account!)
<?php
if(isset($_POST['submit'])) {
$email_to = "info#maxwell.com";
$email_subject = "Your email subject line";
$name = $_POST['name'];
$message = $_POST['message'];
$email_from = $_POST['mail'];
$email_message = "Form details below.\n\n";
$email_message .= "Name: ".$name."\n";
$email_message .= "Email: ".$email_from."\n";
$email_message .= "message: ".$message."\n";
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
if(mail($email_to, $email_subject, $email_message, $headers)){
?>
<script>
window.location.href="contact.php?success";
</script>
<?php
// print("Thank you for contacting us. We will be in touch with you very soon.");
}
else{
?>
<script>
window.location.href="contact.php?fail";
</script>
<?php
}
// print("fail");
}
?>
<form method="post" >
<div class="form">
<div class="col-md-6 col-sm-12 col-xs-12 form-group">
<input type="text" class="form-control" name="name" placeholder="Your Name">
</div>
<div class="col-md-6 col-sm-12 col-xs-12 form-group">
<input type="email" class="form-control" name="mail" placeholder="E-mail Address">
</div>
<div class="col-xs-12 col-md-12 form-group">
<textarea name="message" placeholder="Message..."></textarea>
<!-- <input type="submit" value="SEND MESSAGE" class="btn-black bounce-top"> -->
</div>
<div class="col-xs-12 col-md-12 form-group">
<input type="submit" class="btn-black bounce-top" name="submit" value="SEND MESSAGE">
</div>
</div>
</form>
In order to avoid such situation. You can follow the following suggestions:
A Simple Implementation Example
<?php
mail("recipient#recipient.com", "Message", "A simple message.", "From: The Sender <sender#sender.com>");
?>
4 Ways To Make Your PHP mail() Emails Less Spammy
Use Headers
The Message Sender Domain and Server Domain Should Match
Be Sure to Properly Use the Content-type Attribute
Verify That Your Server Is Not Blacklisted
Detailed Explanation:
1. Use Headers
<?php
$headers .= "Reply-To: The Sender <sender#sender.com>\r\n";
$headers .= "Return-Path: The Sender <sender#sender.com>\r\n";
$headers .= "From: The Sender <senter#sender.com>\r\n";
?>
Be sure to replace the fourth parameter with the $headers variable as shown below.
<?php
mail("recipient#recipient.com", "Message", "A simple message.", $headers);
?>
2. The Message Sender Domain and Server Domain Should Match
Spammers are notorious for sending emails from one server and trying to make the recipient believe that it came from somewhere else. So if you are sending an email from example#example.com, it is a good idea the the script reside on example.com.
3. Be Sure to Properly Use the Content-type Attribute
The Content-type attribute enables a message sender to say whether or not an email is plain text or html, or whether it has attachments. Obviously, the easiest to use content type is text/plain. You just add your text as shown in the simple example, and you are done. But when you use the other content types, additional pieces might be expected. For example, with the text/html content type, an html body tag is expected. Not having this tag could result in your email being marked as spam.
4. Verify That Your Server Is Not Blacklisted
When a server is blacklisted, it means that that server has identified as one that has been sending a lot of spam. This results in recipient mail servers rejecting or filtering any mail that is received from that server.
So if your mail is not being received it is a good idea to verify that your server has not been blacklisted. This goes for both shared and dedicated servers. In a shared environment, it is common for other users on the server to be sending out spam. And in a dedicated environment, spammers may have found a way to exploit a vulnerability in a server or contact form to send out spam. So it is easy for either type of server to be blacklisted.
If you want a solution sure to not get marked as spam, look into Amazon's SES service. You will likely never exceed free tier pricing, and with a bit of configuration, you'll hit inboxes at much higher rates.
I have a contact form that I wrote in the html document and this then is executed by an external php file. How do I validate it? All tutorials that I've looked at have shown the validation and the html form in the actual php file and so how can my validation be accomplished?
HTML5:
<form id="form-area" action="email-processor.php" method="POST">
<div id="name-area"><p>Name (required)</p><input class="form-input" type="text" name="name"></div>
<div id="email-area"><p>Email (required)</p> <input class="form-input" type="text" name="email"></div>
<div id="phone-area"><p>Telephone</p> <input class="form-input" type="text" name="phone"></div>
<div id="msg-area"><p>Message</p><textarea id="msg-input" name="message" rows="6" cols="25"></textarea><br /></div>
<input id="sendbtn" type="submit" value="Send">
</form>
PHP:
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$formcontent="From: $name \n Phone Number: $phone \n \n Message: \n \n$message";
$recipient = "sampleemail#hotmail.com"
$subject = "Contact Form";
$mailheader = "From: $email \r\n";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
echo "Thank You!";
?>
You need to put required behind the input fields. If you want to make an email required as the standard format xxx#xxx.xxx instead simple text use type="email". For the telephone number you can use type="number" to allow numbers only, otherwise simply use text.
NEW HTML
<form id="form-area" action="email-processor.php" method="POST">
<div id="name-area"><p>Name (required)</p><input type="text" class="form-input" type="text" name="name" required></div>
<div id="email-area"><p>Email (required)</p> <input class="form-input" type="email" name="email" required></div>
<div id="phone-area"><p>Telephone</p> <input class="form-input" type="number" name="phone" required></div>
<div id="msg-area"><p>Message</p><textarea id="msg-input" name="message" rows="6" cols="25" required></textarea><br /></div>
<input id="sendbtn" type="submit" value="Send">
</form>
As has already been pointed out, for client-side validation, you can use the required attribute, which will trigger appearance changes in most web browsers.
However, you MUST do server-side validation as well. Failure to do so will result in vulnerabilities in your application code. For example, your mail() call currently allows unsanitized input for the additional_headers parameter. That means that malicious actors can easily inject whatever headers they want to - e.g. injecting an additional To: or CC: header can turn your server into an open mail relay (i.e. that's bad). Attackers are ALWAYS looking for incorrect usage of the PHP mail() function such as demonstrated by your code.
Because of the poor design of the PHP mail() function, my view is that no one should directly call it. The function is actually much more complicated to use correctly since it is only a basic layer over sendmail and, without significant effort, ignores all sorts of IETF RFCs that govern e-mail. You should use a library such as Ultimate E-mail Toolkit, PHP Mailer, etc. that offer a nicer layer over mail() and/or SMTP to do the actual sending of the e-mail and avoid turning your server into an open relay.
The server is the final authority on what is and is not allowed. For this reason, I use CubicleSoft FlexForms, which aids me in generating HTML forms and processing user input server-side. How you handle things server-side is far more critical than client-side validation, which can and will be ignored by malicious users. You can't control what a client will send and there are plenty of malicious actors out there. So you have to make the unfortunate assumption that all users will attack your software. You should always start with server-side validation and then add client-side validation afterwards.
In addition, your code won't work as you expect. Most mail servers are configured to deny spoofing attempts. You can't assume that you can send e-mail From: someone whose e-mail servers you don't control. The messaging will bounce back and if you send enough spoofed mail messages your server will eventually be added to a global blacklist (via DNSRBL) and denied sending e-mail to anyone else. You can only send "From" an address that you have control over AND have set up things such as a SPF record or DMARC for. Sending e-mail is hard thanks to spammers and the lack of direction by the Internet Engineering Task Force (IETF) to solve the problem.
You can, however, use the Reply-To: header with any sanitized e-mail address that you want to use. Most e-mail clients respect the Reply-To header and will use it instead of the From header when it exists.
I am trying to write a website from scratch and try to add a form.
but if i click on the Submit button (which redirects to the contact.php) it should send a mail without opening any email program, but it wont redirect properly... I googled and didnt find anything...
the code of that form is:
<!--Some code over this code-->
<form action="contact.php" method="post">
<font color="ffffff">
<center>
<div>
<label for="name">Name:</label>
<input type="text" id="name" />
</div>
<div>
<label for="Username">Username(s):</label>
<input type="text" id="name" />
</div>
<div>
<label for="Job">Job:</label>
<select name="Job">
<option value="Artist">Artist</option>
<option value="Musican">Musican</option>
<option value="Props">Props</option>
<option value="Voice">Voice</option>
<option value="Effects">Effects</option>
</select>
</div>
<div>
<div>
<label>THE THING</label><br><br>
<input type="checkbox" name="Program" value="Skype">I have SKYPE<br>
<input type="checkbox" name="Program" value="Steam">I have STEAM <br>
<input type="checkbox" name="Program" value="Origin">I have ORIGIN <br>
<input type="checkbox" name="Program" value="Teamspeak">I have TEAMSPEAK <br>
</div>
</div>
<div>
<label for="Message">Message:</label>
<textarea id="Message"></textarea>
</div>
<br>
<div class="button">
<button type="submit">Send your message</button> <button type="reset">Clear the fields</button>
</div>
</center>
</font>
</form>
<!-- More code from my html -->
but when i now click on that button which should redirect from the index.html to contact.php it just gives an error (I tried Google drive and Github to host and on Dropbox it just wants to download the contact.php...) Gdrive error: 404 Page not found, Github: 405 no permission and like i said, dropbox just wants to download the file...
The code of the PHP:
<?php
$ToEmail = 'mymail#domain.com';
$EmailSubject = 'NEW CONTACT! READ IT STOOPID';
$mailheader = "From: ".$_POST["name"]."\r\n";
$mailheader .= "Reply-To: ".$_POST["name"]."\r\n";
$mailheader .= "Content-type: text/html; charset=iso-8859-1\r\n";
$MESSAGE_BODY = "Name: ".$_POST["name"]."";
$MESSAGE_BODY .= "Username: ".$_POST["Username"]."";
$MESSAGE_BODY .= "Job: ".$_POST["Job"]."";
$MESSAGE_BODY .= "Program".$POST["Program"]."";
$MESSAGE_BODY .= "Message: ".nl2br($_POST["Message"])."";
mail($ToEmail, $EmailSubject, $MESSAGE_BODY, $mailheader) or die ("Failure");
?>
<center><h1>Thank you :D!</h1></center>
Is it because i use such cheap websites to host? I just dont want to spent thousands of bucks into a little site i created for planning, as well as learning HTML...
Welcome to StackOverflow.
Your error message says "gdrive and github cannot find the file". That is because, although they have your file, they are not set up to execute your files as PHP. Your issue here is that you are trying to run a php script in a non-server environment. You can set up a server environment on your own PC using XAMPP or WAMP Server. If you're using a Mac, you can use MAMP (free version or Pro).
Once you have installed the server bundle, you will have the most common Apache/PHP/MySQL setup. You will need to install your code in the X:/xampp/htdocs 1 folder (by default). To run your scripts, open your browser and go to http://localhost.
Also, domain name and hosting can cost as little as £16 per year for a .co.uk domain. .coms cost more. Other Top-Level Domains (TLDs) are available.
'X' is the drive letter for the drive in which you installed XAMPP or similar. For WAMP, use X:/wamp/www.
I think your «websites to host» does not support PHP. You need web server like «apache» for supporting PHP scripts. You can test this by creating a file called 'test.php' (or give it another name, just make sure it has .php as extention) and put in the following code:
<?php phpinfo() ?>
If your host supports PHP, you should get a confirmation while opening test.php with the PHP version they are running. If you do not see this confirmation, your host does not support PHP.
Not sure if anyone else has experienced this but i have a simple form that sends out a email.
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="text" name="phone" id="phone" value="<?php echo $phone; ?>" />
<textarea name="message" rows="20" cols="20" id="message"></textarea>
<input type="submit" name="submit" value="Submit" class="submit-button" />
</form>
When submitted i have the following:
if ($_POST) {
$email_to = "myemail#yahoo.com";
$subject = "Contact Form";
$message = "Phone: {$phone}\r\nMessage: {$msg}";
$headers = "From: sendingemail#yahoo.com" . "\r\n";
mail($email_to,$subject,$message, $headers);
}
When the form is submitted the mail function returns true but no email gets sent however when i change the FROM email to anything else outside of yahoo such as something#gmail.com the email comes through. Anyone know how to solve this issue?
Yahoo marked your mail as spam and is probably just ignoring it.
This is probably true for hotmail as well.
Best thing todo is find yourself a good SMTP mail pluging/module (phpMailer for instance) and use the credentials of a legit mail account. This way you are sending mail trough a dedicated mail server and changes are you won't be marked as spam anymore.
Do notice however than when you sent loads of (simular) mails or your script gets hacked and is used for spamming, changes are that your legit mailserver becomes blacklisted or (if you are lucky) blocks your account as beeing unsafe.