RE: PHP script for email
01-31-2020, 04:39 AM
(This post was last modified: 01-31-2020, 05:12 AM by Brightfuture_1.)
PHP Code:
<?php
/*
This first bit sets the email address that you want the form to be submitted to.
You will need to change this value to a valid email address that you can access.
*/
$webmaster_email = "name@domain.com";
/*
This bit sets the URLs of the supporting pages.
If you change the names of any of the pages, you will need to change the values here.
*/
$feedback_page = "feedback_form.html";
$error_page = "error_message.html";
$thankyou_page = "thank_you.html";
/*
This next bit loads the form field data into variables.
If you add a form field, you will need to add it here.
*/
$email_address = $_REQUEST['email'] ;
$name = $_REQUEST['name'] ;
$nationality = $_REQUEST['nationality'] ;
$age = $_REQUEST['age'] ;
$city = $_REQUEST['city'] ;
$major = $_REQUEST['major'] ;
$bachelor =$_REQUEST['bachelor'] ;
$master = $_REQUEST['master'] ;
$phd = $_REQUEST['phd'] ;
$diploma = $_REQUEST['diploma'] ;
$chinese = $_REQUEST['chinese'] ;
$other = $_REQUEST['other'] ;
$comments = $_REQUEST['comments'] ;
$msg =
"First Name: " . $name . "\r\n" .
"Email: " . $email_address . "\r\n" .
"Nationality: " .$nationality . "\r\n".
"Age: " . $age . "\r\n".
"Desired City: " . $city . "\r\n".
"Desired Major: " . $major . "\r\n".
"Bachelor: " . (isset($bachelor) ? "Bachelor Yes" : "Bachelor No") . "\r\n" .
"Masters: " . (isset($master) ? "Master Yes" : "Master No") . "\r\n" .
"PhD: " . (isset($phd) ? "PhD Yes" : "PhD No") . "\r\n" .
"Diploma: " . (isset($diploma) ? "Diploma Yes" : "Diploma No") ."\r\n" .
"Chinese: " . (isset($chinese) ? "Chinese Yes" : "Chinese No") . "\r\n" .
"Other: " . (isset($other) ? "Other Yes" : "Other No") . "\r\n" .
"Comments: " . $comments . ;
/*
The following function checks for email injection.
Specifically, it checks for carriage returns - typically used by spammers to inject a CC list.
*/
function isInjected($str) {
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str)) {
return true;
}
else {
return false;
}
}
// If the user tries to access this script directly, redirect them to the feedback form,
if (!isset($_REQUEST['email_address'])) {
header( "Location: $feedback_page" );
}
// If the form fields are empty, redirect to the error page.
elseif (empty($first_name) || empty($email_address)) {
header( "Location: $error_page" );
}
/*
If email injection is detected, redirect to the error page.
If you add a form field, you should add it here.
*/
elseif ( isInjected($email_address) || isInjected($first_name) || isInjected($comments) ) {
header( "Location: $error_page" );
}
// If we passed all previous tests, send the email then redirect to the thank you page.
else {
mail( "$webmaster_email", "Feedback Form Results", $msg );
header( "Location: $thankyou_page" );
}
?>(01-31-2020, 02:07 AM)Ron-e Wrote: without seeing the script it's just a guessing game.
Thanks for directing my attention to the code. I tried a different PHP script, and the email was successful. I appreciate your help
