<?PHP Experts Please Take Pity?>

Report · Apr 03, 2007

I've recently, and reluctantly, been positioned to create new forms for my employer's site. Previously, a programmer in the Technology Dept. had coded what seems to be a somewhat all encompassing php form to take the info given in any html form and email it to given recipients. He is no longer with us, and honestly, I don't know php -- I've started to learn a few basic code strings, etc, but everything I read talks about data bases and MySQL. I know nothing of either. All I know is that I do not have to retain any info submitted in the html forms, so I shouldn't need to configure a database/server, right? All I'm wanting is for any John X to be able submit information, and have that mailed out in a uniform email, while telling the user that their submission has gone through. Would someone please advise me as to whether or not the below code (from Programmer) will do this job by itself, or explain what role this file has in the overall sceme of submission–email process?

<?
$MailToAddress = "mdvisions2002@yahoo.com";
$MailSubject = "Email Test";
if (!$MailFromAddress) {
$MailFromAddress = "SENDERS@ADDRESS.GOES.HERE";
}
$Header = "";
$Footer = "";
?>
<html>
<body bgcolor="#FFFFFF">
<center>
The following information
has been delivered: 
</center>

<?
if (!is_array($HTTP_POST_VARS))
return;
reset($HTTP_POST_VARS);
while(list($key, $val) = each($HTTP_POST_VARS)) {
$GLOBALS[$key] = $val;
$val=stripslashes($val);
echo "$key = $val ";
$Message .= "$key = $val\n";
}

if ($Header) {
$Message = $Header."\n\n".$Message;
}

if ($Footer) {
$Message .= "\n\n".$Footer;
}

mail( "$MailToAddress", "$MailSubject", "$Message", "From: $MailFromAddress");
?>

 
 
Thank You!

If you would like
a receipt of this form, choose 'File' and 'Print' for a paper copy. 
 
<a href="<? echo "$HTTP_REFERER"; ?>">Return To The Form</a> 
 
<a href="/">Home Page</a> 
 

</body>
</html>

Thanks a Million!-)

Report · Apr 03, 2007

Muskieman5000 wrote:
> Would someone please advise me as to whether or not the below code
> (from Programmer) will do this job by itself, or explain what role this file
> has in the overall sceme of submission?email process?

Yes, it will do it. It will also turn your website into a spam relay.
It's an extremely insecure piece of code, wide open to email header
injection. You're probably in need of a quick solution, so perhaps
others can recommend an off-the-shelf secure script that does the same
thing. I cover the issue of hand-coding a secure mail script in my book
"PHP Solutions", which you may find useful if you want to enhance your
own skills.

--
David Powers, Adobe Community Expert
Author, "Foundation PHP for Dreamweaver 8" (friends of ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/

Report · Apr 03, 2007

Thanks David, I really appreciate the look through, and your suggestions. You are also right in that I am in need of a quick fix. While I am trying to get a grasp on all of this, as its been dropped on my lap, I will look into your material for a more solid education.

If anyone is willing to help me appropriately secure it in the meantime, I would also appreciate that advice.

Thanks again to all that are willing to take a look.

Report · Apr 03, 2007

On 03 Apr 2007 in macromedia.dreamweaver.appdev, Muskieman5000 wrote:

> Thanks David, I really appreciate the look through, and your
> suggestions. You are also right in that I am in need of a quick fix.
> While I am trying to get a grasp on all of this, as its been dropped
> on my lap, I will look into your material for a more solid
> education.
>
> If anyone is willing to help me appropriately secure it in the
> meantime, I would also appreciate that advice.

If you want a quote for doing it, drop me a message at the address below
with more particulars.

--
Joe Makowiec
http://makowiec.net/
Email: http://makowiec.net/contact.php

Report · Apr 03, 2007

Thanks for the offer, but unfortunately I'm not working with a budget. Its the story of another unhappy man in a job that isn't paying him any more to take on that which he doesn't wish for. I just thought maybe someone else may have been in that same predicament.