cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

Problem with PHP email script

jopasnyt
Explorer ,
Nov 21, 2009 Nov 21, 2009

Thank you very much for your advice. I noticed that you are dealing with PHP as well. Can you find something wrong with this at a quick glance?

<?php

$name = $HTTP_POST_VARS['Name'];
$email = $HTTP_POST_VARS['Email'];
$message = $HTTP_POST_VARS['Message'];

$message = stripslashes($message);

$sendTo = "email address to be filled";
$subject = "Message from Contact Form";

$msg_body = "Name:  $name\n";
$msg_body .= "E-Mail:  $email\n";
$msg_body .= "Phone:  $phone\n";
$msg_body .= "Street:  $street\n";
$msg_body .= "City:  $city\n";
$msg_body .= "Country:  $country\n";
$msg_body .= "Company:  $company\n";
$msg_body .= "Business:  $business\n";
$msg_body .= "Position:  $position\n";
$msg_body .= "Project:  $project\n";
$msg_body .= "Houses:  $houses\n";
$msg_body .= "Land:  $land\n";
$msg_body .= "Port:  $port\n";
$msg_body .= "Message.textArea:  $message.textarea\n";

$header_info = "From: ".$name." <".$email.">";

mail($sendTo, $subject, $msg_body, $header_info);

?>

And the "Submit" button script is:

on (release){
  Name = userName.text;
  Email = userEmail.text;
  Phone = userPhone.text;
  Street = userStreet.text;
  City = userCity.text;
  Country = userCountry.text;
  Company = userCompany.text;
  Business = userBusiness.text;
  Position = userPosition.text;
  Project = userProject.text;
  Houses = userHouses.text;
  Land = userLand.text;
  Port = userPort.text;
  Message = userMessage.textArea.text;
  loadVariables("contact.php",'POST');
}

All the fields are set as target in the actual form page and the names are userXxxxx.

Anyhow this combination does not work and I wonder if it will send any info that the message has been received.

Thanks

TOPICS
Server side applications
329
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 1 Reply 1
latest latest Jump to latest reply
David_Powers
LEGEND ,
Nov 21, 2009 Nov 21, 2009
LATEST

jopasnyt wrote:

Thank you very much for your advice. I noticed that you are dealing with PHP as well. Can you find something wrong with this at a quick glance?

Please do not switch topics in the same thread. I have branched the thread, and moved this post to the Dreamweaver Application Development forum. However, on examining your code, I see it's actually related to Flash, because you're using ActionScript 1.0 in the form. I know enough about ActionScript to understand the problem, but any future questions related to working with Flash forms should be posted in the Flash or ActionScript forum.

Can I see anything wrong with your script? Yes, I can see a lot wrong with it, I'm afraid.

First of all,  $HTTP_POST_VARS is deprecated, and won't work on many modern servers. You should use $_POST instead.

Secondly, you use stripslashes() only with one field. If magic_quotes are enabled on your server, all fields should have the slashes stripped out. To get rid of the slashes from the entire $_POST array, you can use this:

// Put this at the start of the PHP script

function stripslashes_deep($value)
{
    $value = is_array($value) ?
                array_map('stripslashes_deep', $value) :
                stripslashes($value);

    return $value;
}
$_POST = stripslashes_deep($_POST);

The next problem is that you are assuming that the PHP script automatically knows the variables submitted from your form. This used to be the case in the days when register_globals was on by default in PHP. However, register_globals has been off by default since 2002. Even if register_globals were on, you have a problem with case sensitivity. As far as PHP is concerned, $phone is different from $Phone.

Long story short: instead of using $phone, etc for your form variables, you need to use $_POST['Phone'], and so on.

You have the following line:

$msg_body .= "Message.textArea:  $message.textarea\n";

You're mixing up your PHP with ActionScript syntax. PHP doesn't use dot notation to access objects and properties. Because it's in double quotes, this would simply add .textarea to the end of the value of $message (which you have already created at the top of the script).

Finally, you're inserting an unvalidated email address into your mail headers. This is extremely insecure, and is likely to turn your form into a spam relay. Unless you can filter the email address to make sure it doesn't contain illegal characters, get rid of the $header_info from your script.

Yes, there are quite a few problems there. It looks to me as though you're relying either on a very old book or have stumbled across a very old PHP tutorial on the web. Apart from the case sensitivity issue, what you have would have worked about seven years ago. It's time to find more up to date and reliable resources.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices