Skip to main content
M
Muskieman5000
Participant
April 3, 2007
Question

<?PHP Experts Please Take Pity?>

  • April 3, 2007
  • 1 reply
  • 309 views
I've recently, and reluctantly, been positioned to create new forms for my employer's site. Previously, a programmer in the Technology Dept. had coded what seems to be a somewhat all encompassing php form to take the info given in any html form and email it to given recipients. He is no longer with us, and honestly, I don't know php -- I've started to learn a few basic code strings, etc, but everything I read talks about data bases and MySQL. I know nothing of either. All I know is that I do not have to retain any info submitted in the html forms, so I shouldn't need to configure a database/server, right? All I'm wanting is for any John X to be able submit information, and have that mailed out in a uniform email, while telling the user that their submission has gone through. Would someone please advise me as to whether or not the below code (from Programmer) will do this job by itself, or explain what role this file has in the overall sceme of submission–email process?

<?
$MailToAddress = "mdvisions2002@yahoo.com";
$MailSubject = "Email Test";
if (!$MailFromAddress) {
$MailFromAddress = "SENDERS@ADDRESS.GOES.HERE";
}
$Header = "";
$Footer = "";
?>
<html>
<body bgcolor="#FFFFFF">
<font face="Arial"><center>
<font size="1" face="Verdana, Arial, Helvetica, sans-serif">The following information
has been delivered: </font>
</center>
<font size="1" face="Verdana, Arial, Helvetica, sans-serif">
<?
if (!is_array($HTTP_POST_VARS))
return;
reset($HTTP_POST_VARS);
while(list($key, $val) = each($HTTP_POST_VARS)) {
$GLOBALS[$key] = $val;
$val=stripslashes($val);
echo "<b>$key</b> = $val<br>";
$Message .= "$key = $val\n";
}

if ($Header) {
$Message = $Header."\n\n".$Message;
}

if ($Footer) {
$Message .= "\n\n".$Footer;
}

mail( "$MailToAddress", "$MailSubject", "$Message", "From: $MailFromAddress");
?>
</font>
<p><br>
<br>
<font size="1" face="Verdana, Arial, Helvetica, sans-serif"><b>Thank You!</b></font>
</p>
<p><font size="1" face="Verdana, Arial, Helvetica, sans-serif">If you would like
a receipt of this form, choose 'File' and 'Print' for a paper copy.<br>
<br>
<a href="<? echo "$HTTP_REFERER"; ?>">Return To The Form</a><br>
<br>
<a href="/">Home Page</a><br>
</font><br>
</p>
</body>
</html>

Thanks a Million!-)
This topic has been closed for replies.

1 reply

N
Newsgroup_User
Inspiring
April 3, 2007
Muskieman5000 wrote:
> Would someone please advise me as to whether or not the below code
> (from Programmer) will do this job by itself, or explain what role this file
> has in the overall sceme of submission?email process?

Yes, it will do it. It will also turn your website into a spam relay.
It's an extremely insecure piece of code, wide open to email header
injection. You're probably in need of a quick solution, so perhaps
others can recommend an off-the-shelf secure script that does the same
thing. I cover the issue of hand-coding a secure mail script in my book
"PHP Solutions", which you may find useful if you want to enhance your
own skills.

--
David Powers, Adobe Community Expert
Author, "Foundation PHP for Dreamweaver 8" (friends of ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/
M
Muskieman5000Author
Participant
April 3, 2007
Thanks David, I really appreciate the look through, and your suggestions. You are also right in that I am in need of a quick fix. While I am trying to get a grasp on all of this, as its been dropped on my lap, I will look into your material for a more solid education.

If anyone is willing to help me appropriately secure it in the meantime, I would also appreciate that advice.

Thanks again to all that are willing to take a look.
Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices