...

View Full Version : Form mail working / not working



teampandu
09-03-2009, 09:03 AM
Dear all,

Need to re build code suitable for my hosting service provide.

---------------------------------------
My code
---------------------------------------


<?php
session_start();
if( $_SESSION['six_letters_code'] == $_POST['six_letters_code'] && !empty($_SESSION['six_letters_code'] ) ) {
$to = "smothing@nurturepreschool.com";
$bcc="smothing@resourcedesign.co.in";
$email_subject = "Enquiry for Nurture Pre-school and Creche";
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$email_body = '<html>
<head>
<title>Brigade Group</title>
</head>
<style type="text/css">
<!--
.D {
font-size: 12px;
font-family:Arial, Helvetica, sans-serif;
}
-->
</style>
<table width="300" border="0" cellpadding="4" cellspacing="0">
<tr>
<td height="25" colspan="3" align="left" class="D"><strong> C O N T A C T&nbsp; D E T A I L S
</strong></td>
</tr>
<tr>
<td width="83" bgcolor="#DEF8DE"><span class="D">Name</span></td>
<td width="13" bgcolor="#DEF8DE"><span class="D">:</span></td>
<td width="180" bgcolor="#DEF8DE"><strong><span class="D">'.$name.'</span></strong></td>
</tr>
<tr>
<td bgcolor="#C5EAC6"><span class="D">Phone</span></td>
<td bgcolor="#C5EAC6"><span class="D">:</span></td>
<td bgcolor="#C5EAC6"><strong><span class="D">'.$phone.'</span></strong></td>
</tr>
<tr>
<td bgcolor="#DEF8DE"><span class="D">Email ID</span></td>
<td bgcolor="#DEF8DE"><span class="D">:</span></td>
<td bgcolor="#DEF8DE"><strong><span class="D">'.$email.'</span></strong></td>
</tr>
</table>
</body>
</html>';
mail($to, $email_subject, $email_body, "Bcc: $bcc\nFrom: \"$name\" <$email>\nReply-To: \"$name\" <$email>\nX-Mailer: chfeedback.php 2.01\nContent-Type: text/html; charset=iso-8859-1");
echo "<center>Your message is successfully emailed.</center>";
$webDoc = DOMDocument::loadHTMLFile("thankyou.htm");
print $webDoc->saveHTML();
} else {
echo "Sorry, you have provided an invalid security code. Please <a href='#' onClick='history.go(-1);return true;'>CLICK HERE</a> to try again.";
}
?>




---------------------------------

Hosting service provider code:

---------------------------------


<php?
$mailto="info@nurturepreschool.com,test@nurturepreschool.com,mailhostingserver@gmail.com";
$file="thanks.htm";
$pcount=0;
$gcount=0;
$subject = "Test maiL";
$from="donotreply@nurturepreschool.com";
while (list($key,$val)=each($HTTP_POST_VARS))
{
$pstr = $pstr."$key : $val \n ";
++$pcount;
}
while (list($key,$val)=each($HTTP_GET_VARS))
{
$gstr = $gstr."$key : $val \n ";
++$gcount;
}
if ($pcount > $gcount)
{
$message_body=$pstr;
mail($mailto,$subject,$message_body,"From:".$from);
include("$file");
}
else
{
$message_body=$gstr;
mail($mailto,$subject,$message_body,"From:".$from);
include("$file");
}
?>



----------------------------
Simple HTML form
----------------------------

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="174" height="152"><form action="quick_contact_result.php" method="post" name="quickcontact" id="quickcontact" onsubmit="return validateForm(this);">
<table class="quick_contact_bg" width="174" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="169" height="25" align="center" valign="middle" class="quickContactHead">Quick Contact</td>
</tr>
<tr>
<td align="center"><input name="name" type="text" class="formInputText" id="name" value="* *Name" size="25" onfocus="if (this.value == '* *Name') {this.value = ''; }" onblur="if (this.value == '') { this.value = '* *Name'; }" />
<br />
<input name="email" type="text" class="formInputText" id="email" value="* *E-Mail" size="25" onfocus="if (this.value == '* *E-Mail') {this.value = ''; }" onblur="if (this.value == '') { this.value = '* *E-Mail'; }" />
<br />
<input name="phone" type="text" class="formInputText" id="phone" value="* *Phone" size="25" onfocus="if (this.value == '* *Phone') {this.value = ''; }" onblur="if (this.value == '') { this.value = '* *Phone'; }" />
<br />
<span class="smallText">For verification, type the <br />
characters shown below.</span><br />
<table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td align="right" valign="middle"><img src="captcha.php" alt=""/></td>
<td valign="middle"><input name="six_letters_code" type="text" class="formInputText" id="six_letters_code" onfocus="if (this.value == ' Type here') {this.value = ''; }" onblur="if (this.value == '') { this.value = ' Type here'; }" value=" Type here" size="7" />
<input type="hidden" name="from" value="from@nurturepreschool.com" /></td>
</tr>
<tr>
<td height="25" colspan="2" align="center" valign="bottom"><input type="image" class="send_button" id="button" value=" SEND " src="../images/send.gif" alt="Send to Nurture Pre-schools and Crèche" />
</td>
</tr>
</table></td>
</tr>
</table>

</form></td>
</tr>
</table>
</body>
</html>
----------------------------

abduraooft
09-03-2009, 09:06 AM
Please edit your post and add
][/COLOR] tags around your code.

There was another thread with a similar issue at http://www.codingforums.com/showthread.php?t=176066, which might be helpful to you too.

prasanthmj
09-03-2009, 03:30 PM
You can add a 'Reply-To' header with the email from the form submission. example:


$headers="Bcc: $bcc\nFrom: someone@nurturepreschool.com".
"Reply-To: $email\n".
"X-Mailer: chfeedback.php 2.01\n".
"Content-Type: text/html; charset=iso-8859-1"

mail($to, $email_subject, $email_body, $headers);


In your code, you are not 'sanitizing' the values. You need to make sure that the input that go into the header does not contain \r\n.

More info:
Email Form 'HowTo's (http://www.html-form-guide.com/email-form/)

PHP Form to email explained (http://www.html-form-guide.com/email-form/php-form-to-email.html)

teampandu
09-04-2009, 09:22 AM
Dear all,
Below code is working I am getting emails, with HTML code, how to avoid HTML code displaying.


<?php
session_start();
if( $_SESSION['6_letters_code'] == $_POST['6_letters_code'] && !empty($_SESSION['6_letters_code'] ) ) {
$from="donotreply@nurturepreschool.com";
$to = "info@nurturepreschool.com";
$email_subject = "Enquiry for Nurture Pre-school and Creche";
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$email_body = '<html>
<head>
<title>Brigade Group</title>
</head>
<style type="text/css">
<!--
.D {
font-size: 12px;
font-family:Arial, Helvetica, sans-serif;
}
-->
</style>
<table width="300" border="0" cellpadding="4" cellspacing="0">
<tr>
<td height="25" colspan="3" align="left" class="D"><strong> C O N T A C T&nbsp; D E T A I L S
</strong></td>
</tr>
<tr>
<td width="83" bgcolor="#DEF8DE"><span class="D">Name</span></td>
<td width="13" bgcolor="#DEF8DE"><span class="D">:</span></td>
<td width="180" bgcolor="#DEF8DE"><strong><span class="D">'.$name.'</span></strong></td>
</tr>
<tr>
<td bgcolor="#C5EAC6"><span class="D">Phone</span></td>
<td bgcolor="#C5EAC6"><span class="D">:</span></td>
<td bgcolor="#C5EAC6"><strong><span class="D">'.$phone.'</span></strong></td>
</tr>
<tr>
<td bgcolor="#DEF8DE"><span class="D">Email ID</span></td>
<td bgcolor="#DEF8DE"><span class="D">:</span></td>
<td bgcolor="#DEF8DE"><strong><span class="D">'.$email.'</span></strong></td>
</tr>
</table>
</body>
</html>';
mail($to, $email_subject, $email_body, "From:" .$from);
echo "<center>Your message is successfully emailed.</center>";
$webDoc = DOMDocument::loadHTMLFile("thankyou.htm");
print $webDoc->saveHTML();
} else {
echo "Sorry, you have provided an invalid security code. Please <a href='#' onClick='history.go(-1);return true;'>CLICK HERE</a> to try again.";
}
?>

abduraooft
09-04-2009, 09:47 AM
You might need to add the header Content-type: text/html; before sending the mail, see http://php.net/mail

teampandu
09-04-2009, 10:09 AM
Dear abduraooft [Master coder] and prasanthmj, (sorry don't know real name),

As per your guidance inserted headers, it's working fine, a BIG thanks to you.

When recipient receives email, how to make form address is user entered emai lD.



<?php
//ini_set ("SMTP","localhost");
//ini_set ("sendmail_from","donotreply@nurturepreschool.com");
session_start();
if( $_SESSION['6_letters_code'] == $_POST['6_letters_code'] && !empty($_SESSION['6_letters_code'] ) ) {
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: <info@nurturepreschool.com>' . "\r\n";
// $from="donotreply@nurturepreschool.com";
$to = "info@nurturepreschool.com";
$email_subject = "Enquiry for Nurture Pre-school and Creche";
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$email_body = '<html>
<head>
<title>Brigade Group</title>
</head>
<style type="text/css">
<!--
.D {
font-size: 12px;
font-family:Arial, Helvetica, sans-serif;
}
-->
</style>
<table width="300" border="0" cellpadding="4" cellspacing="0">
<tr>
<td height="25" colspan="3" align="left" class="D"><strong> C O N T A C T&nbsp; D E T A I L S
</strong></td>
</tr>
<tr>
<td width="83" bgcolor="#DEF8DE"><span class="D">Name</span></td>
<td width="13" bgcolor="#DEF8DE"><span class="D">:</span></td>
<td width="180" bgcolor="#DEF8DE"><strong><span class="D">'.$name.'</span></strong></td>
</tr>
<tr>
<td bgcolor="#C5EAC6"><span class="D">Phone</span></td>
<td bgcolor="#C5EAC6"><span class="D">:</span></td>
<td bgcolor="#C5EAC6"><strong><span class="D">'.$phone.'</span></strong></td>
</tr>
<tr>
<td bgcolor="#DEF8DE"><span class="D">Email ID</span></td>
<td bgcolor="#DEF8DE"><span class="D">:</span></td>
<td bgcolor="#DEF8DE"><strong><span class="D">'.$email.'</span></strong></td>
</tr>
</table>
</body>
</html>';
mail($to, $email_subject, $email_body, $headers);
echo "<center>Your message is successfully emailed.</center>";
$webDoc = DOMDocument::loadHTMLFile("thankyou.htm");
print $webDoc->saveHTML();
} else {
echo "Sorry, you have provided an invalid security code. Please <a href='#' onClick='history.go(-1);return true;'>CLICK HERE</a> to try again.";
}
?>

teampandu
09-04-2009, 02:46 PM
Dear all,
Thanks for all your support, below is final working code.

thank you
Pandu


<?php
session_start();
if( $_SESSION['6_letters_code'] == $_POST['6_letters_code'] && !empty($_SESSION['6_letters_code'] ) ) {
$to = "info@nurturepreschool.com";
$email_subject = "Your Subject Line";
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$email_body = '<html>
<head>
<title>Your HTML Title</title>
</head>
<style type="text/css">
<!--
.D {
font-size: 12px;
font-family:Arial, Helvetica, sans-serif;
}
-->
</style>
<table width="300" border="0" cellpadding="4" cellspacing="0">
<tr>
<td height="25" colspan="3" align="left" class="D"><strong> C O N T A C T&nbsp; D E T A I L S
</strong></td>
</tr>
<tr>
<td width="83" bgcolor="#DEF8DE"><span class="D">Name</span></td>
<td width="13" bgcolor="#DEF8DE"><span class="D">:</span></td>
<td width="180" bgcolor="#DEF8DE"><strong><span class="D">'.$name.'</span></strong></td>
</tr>
<tr>
<td bgcolor="#C5EAC6"><span class="D">Phone</span></td>
<td bgcolor="#C5EAC6"><span class="D">:</span></td>
<td bgcolor="#C5EAC6"><strong><span class="D">'.$phone.'</span></strong></td>
</tr>
<tr>
<td bgcolor="#DEF8DE"><span class="D">Email ID</span></td>
<td bgcolor="#DEF8DE"><span class="D">:</span></td>
<td bgcolor="#DEF8DE"><strong><span class="D">'.$email.'</span></strong></td>
</tr>
</table>
</body>
</html>';
$headers = "From: <donotreply@yourdomain.com>\r\n";
$headers .= "Reply-To: <$email>\r\n";
$headers .= "Return-Path: <info@yourdomain.com>\r\n";
$headers .= 'MIME-Version: 1.0' . "\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";

mail($to, $email_subject, $email_body, $headers);
echo "<center>Your message is successfully emailed.</center>";
$webDoc = DOMDocument::loadHTMLFile("thankyou.htm");
print $webDoc->saveHTML();
} else {
echo "Sorry, you have provided an invalid security code. Please <a href='#' onClick='history.go(-1);return true;'>CLICK HERE</a> to try again.";
}
?>

abduraooft
09-05-2009, 06:13 AM
Thanks for all your support, below is final working code.
Wait... your form is susceptible to header injection! Read http://www.damonkohler.com/2008/12/email-injection.html

teampandu
10-21-2009, 06:16 PM
Dear abduraooft,
I was not seen your message from long time, I have not understood your last message
---------------------------
Wait... your form is susceptible to header injection! Read http://www.damonkohler.com/2008/12/email-injection.html
---------------------------

If it is important issue, please let me know that how to fix this.

Best regards,
Pandu



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum