cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
0
Upvote

Help with php file?

NewbieNZ
New Here ,
Mar 06, 2010 Mar 06, 2010

Copy link to clipboard

Copied

Hi there, I'm having some real trouble making this php file work. I'm very new to website design and would very much appreciate a helping hand.

Please see the attached php coding below.

<?php

/* Email Variables */

$emailSubject = 'contactformprocess!';
$webMaster = [email address removed by moderator];


/* Data Variables */

$email = $_POST['email'];
$name = $_POST['name'];
$comments = $_POST['comments'];

$body = <<<EOD
<br><hr><br>
Name: $name <br>
Email: " . $email . "<br>

Comments: " . $comments . "<br>
EOD;
$headers = "From: " . $email . "\r\n"; $headers .= "Content-type: text/html\r\n";
$success = mail($webMaster, $emailSubject, $body, $headers);


/* Results rendered as HTML */

$theResults = <<<EOD
<html>
<head>
<title>sent message</title>
<meta http-equiv="refresh" content="3;URL=http://www.dryiceproductions.com/contact.html">
<style type="text/css">
<!--
body {
background-color: #444;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 20px;
font-style: normal;
line-height: normal;
font-weight: normal;
color: ##90C1E5;
text-decoration: none;
padding-top: 200px;
margin-left: 150px;
width: 800px;
}

-->
</style>
</head>
</body>
</html>

$theResults = "" . "" . "". "" . "" . "" . "
Your email has been sent!
" . "You will return to Dry Ice Productions Ltd in a few seconds!
" . "" . "" . "" . echo "$theResults";
?>

Open to any ideas you may have,

Many thanks.

TOPICS
Server side applications

Views

496
Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 3 Replies 3
latest latest Jump to latest reply
David_Powers
LEGEND ,
Mar 06, 2010 Mar 06, 2010

Copy link to clipboard

Copied

NewbieNZ wrote:

Hi there, I'm having some real trouble making this php file work.

This thread has been moved to the correct forum (Dreamweaver Application Development).

What do you mean by "real trouble"? Explain the problem rather than expecting other people to trawl through your code to spot potential mistakes. Take a few moments to read How to get help quickly.

I have had a quick look at your code. There are two glaringly obvious problems:

  • You're inserting the user's email in the headers without filtering it. This lays you open to email injection, a serious security risk.
  • The value assigned to $theResults is causing multiple syntax errors.

To deal with the email injection problem, you should filter the email like this (requires PHP 5.2 or above):

$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);

This assigns the email address to $email only if it validates. Otherwise, it returns FALSE. If it returns FALSE, you should not send the email, because someone is trying to hack you.

$theResults section should look like this:

$theResults = <<<EOD
<html>
<head>
<title>sent  message</title>
<meta http-equiv="refresh"  content="3;URL=http://www.dryiceproductions.com/contact.html">
<style  type="text/css">
<!--
body {
background-color: #444;
font-family:  Verdana, Arial, Helvetica, sans-serif;
font-size: 20px;
font-style:  normal;
line-height: normal;
font-weight: normal;
color:  #90C1E5;
text-decoration: none;
padding-top: 200px;
margin-left:  150px;
width: 800px;
}
-->
</style>
</head>
<body>
<p>Your email has been sent!</p>
<p>You will return to Dry Ice Productions Ltd in a few seconds!</p>
</body>
</html>
EOD;
echo $theResults;

[Edited final line of code]

Votes

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
NewbieNZ
New Here ,
Mar 06, 2010 Mar 06, 2010

Copy link to clipboard

Copied

In Response To David_Powers

Thanks David, I'm having real trouble because website development is very new to me and might as well be in an alien language.

I really appreciate your help by looking through the code. "Your message has been sent" now shows up in on my contact page which is fantastic!

The problem I'm having now is that the details that you fill out on the contact form eg Name, Email & Message are not being forwarded to my email address.

The email message I recieve shows only this...

Name: 
Email: " .  . "
Comments: " .  . "

Have I forgotten some code?

Also regarding the email injection code - another great tip! Should I place the code below under email variables or data variables?

$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);

Thank you very much for your patience:)

Votes

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
David_Powers
LEGEND ,
Mar 07, 2010 Mar 07, 2010

Copy link to clipboard

Copied

LATEST
In Response To NewbieNZ

If you're getting no data, it probably means there's a mistake in your form. When using $_POST, you need to set the form's method to POST. Also, the names of the input fields on the form must match the $_POST variables, which are case-sensitive.

Checking the email address should be the first thing you do. If the address fails the validation test, don't go any further.

$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
if ($email) {
  // process the email
} else {
  echo 'Sorry, there was a problem with your message.';
}

Votes

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices