| SitePoint Sponsor |
|
|
User Tag List
Results 1 to 23 of 23
Thread: Need help please.
-
Jun 4, 2004, 07:03 #1SitePoint Member
- Join Date
- Jun 2004
- Location
- Preston
- Posts
- 12
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Need help please.
Hello, I need help with some PHP for my bands new website I'm creating. I got a free PHP emailer script from an internet source. I have no idea about PHP so I just got it, applied some common sense and got it to work fine.
It's a contact form for our website whereby you enter your name, email, location, a message and select if you want to be added to a mail list or not. You submit it and get a message saying you were succesful, if you miss out any fields which are required (name, email, message) it says so and says which one you haven't filled in. I then get an email like:
"Message"
From, "Name"
Location: "Location"
Mailing List: "Yes" or "No"
It works fine, here is the php (emailform.php) for said contact list:
And here is the html for the form:Code:<html> <head> <title>Burn Machina Online</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link rel="stylesheet" href="bmonline.css"> </head> <body bgcolor="#000000" background="graphics/contentback.jpg"> <center> <table width="89%" border="0"> <tr> <td height="42" colspan="2" class="tiny"> </td> </tr> <tr> <td width="69%" colspan="2" class="standard"> <p align="center">Thanks for your message to <strong>Burn Machina</strong>, if you asked a question or anything, you'll hear from us real soon.</p> </tr> </table> </center> </body> <!-- Powered by: Email Form Version 1.1 (http://www.phpscriptcenter.com/emailform.php) --> <?php /////////////////////////////////////////////// // // // Email Form v 1.1 // // ----------------------------------------- // // by Graeme (webmaster@phpscriptcenter.com) // // http://www.phpscriptcenter.com // // ////////////////////////////// // PHP Script CENTER offers no warranties on this script. // // The owner/licensee of the script is solely responsible for any // // problems caused by installation of the script or use of the script // // // // All copyright notices regarding Email Form, must remain // // intact on the scripts and in the HTML for the scripts. // // // // (c) Copyright 2001 PHP Script CENTER // // // // For more info on Email Form, // // see http://www.phpscriptcenter.com/emailform.php // // // /////////////////////////////////////////////////////////////////////////// // your name $yourname = "Karl Chandler"; // your email $youremail = "kchandler2000@hotmail.com"; // Default Send Page $yourdefaultsend = "http://www.prestone.co.uk/burn/contactsent.html"; //////////////////////////////////////////////////////////////////////////// // DO NOT EDIT BELOW THIS LINE // //////////////////////////////////////////////////////////////////////////// if($submitform) { $dcheck = explode(",",$require); while(list($check) = each($dcheck)) { if(!$$dcheck[$check]) { $error .= "Missing $dcheck[$check]<BR>"; } } if($error) { ?> <P><CENTER><TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0"> <TR> <TD WIDTH="100%"> <TABLE WIDTH="394" BORDER="0" CELLSPACING="1" CELLPADDING="2"> <TR> <TD WIDTH="26%" BGCOLOR="#99CCFF"> <P><B><FONT COLOR="#000000" SIZE="-1" FACE="Arial">Error</FONT></B></TD> </TR> <TR> <TD WIDTH="26%"> <FONT COLOR="#ffffff" SIZE="-1" FACE="Arial"><?php echo $error; ?></FONT></TD> </TR> </TABLE></TD> </TR> </TABLE></CENTER> </BODY></HTML> <?php exit(); } if ($fromname) { $yeshow = "\nFrom, $fromname\n"; } if ($location) { $locshow = "\nLocation: $location\n"; } if ($mailinglist) { $mailshow = "\nMailing List: $mailinglist\n"; } mail($toemail,"$subject"," $message $yeshow $locshow $mailshow ","From: $fromname <$fromemail>") ; exit(); } else { ?> </BODY></HTML> <?php exit(); } ?>
I have also applied the same principles to editing the free code for a new form for a mailing list subscription thing. Whereby you enter your name, email and select from a dropdown list whether you want to "Subscribe" or "Unsubscribe". When submitted you get the same output ("thanks for message" etc or error) and it is supposed to send me an email like:Code:<div style="border:1px solid #999999; width:220px; margin-bottom:15px;background-color:#000000;" align="left"> <P align="center"> <FORM ACTION="emailform.php" METHOD="POST"> <div align="center"> <p><span class="standard"><B><font color="#FFFFFF"> Name :</font></B> </span> <INPUT NAME="fromname" TYPE="text" SIZE="25"> <BR> <span class="standard"><B>Email :</B> </span> <INPUT NAME="fromemail" TYPE="text" SIZE="25"> <BR> <span class="standard"><B>Location :</B></span> <INPUT NAME="location" TYPE="text" SIZE="25"> <BR> <span class="standard"><B><br> Mailing List? :</B></span> <select name="mailinglist" size="1"> <option value="yes" SELECTED>Yes</option> <option value="no">No</option> </select> </p> <p> <INPUT TYPE="hidden" NAME="sendpage" VALUE="http://www.prestone.co.uk/burn/contactsent.html"> <INPUT TYPE="hidden" NAME="subject" VALUE="E-Mail message from Burnmachina.co.uk"> <INPUT TYPE="hidden" NAME="toemail" VALUE="kchandler2000@hotmail.com"> <INPUT TYPE="hidden" NAME="require" VALUE="fromname,fromemail,message"> <span class="standard"><B>Message :</B></span><BR> <textarea name="message" rows="5" cols="22"></textarea> </p> </div> <P align="center"> <INPUT NAME="submitform" TYPE="submit" VALUE="Submit"> </P> </FORM> <div align="center"></div> </div>
Name: "Name"
Email: "email"
Action: "Join" or "Leave"
But it doesn't bloody work! There are no errors, it says it's thankyous and all looks well but I get no email. I can't figure out why, I don't know much about the code that is behind this, I'm just applying the basic common sense and changing the input names, and $tag things, but to no avail.
Here is the mailing list PHP code (maillist.php):
And the Html for the input form:Code:<html> <head> <title>Burn Machina Online</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link rel="stylesheet" href="bmonline.css"> </head> <body bgcolor="#000000" background="graphics/contentback.jpg"> <center> <table width="89%" border="0"> <tr> <td height="42" colspan="2" class="tiny"> </td> </tr> <tr> <td width="69%" colspan="2" class="standard"> <p align="center">Thanks for joining / leave the <strong>Burn Machina</strong> mailing list, the action shall be taken promptly. If you opted out, sorry to see you go, you can rejoin at any time.</p> </tr> </table> </center> </body> <!-- Powered by: Email Form Version 1.1 (http://www.phpscriptcenter.com/emailform.php) --> <?php /////////////////////////////////////////////// // // // Email Form v 1.1 // // ----------------------------------------- // // by Graeme (webmaster@phpscriptcenter.com) // // http://www.phpscriptcenter.com // // ////////////////////////////// // PHP Script CENTER offers no warranties on this script. // // The owner/licensee of the script is solely responsible for any // // problems caused by installation of the script or use of the script // // // // All copyright notices regarding Email Form, must remain // // intact on the scripts and in the HTML for the scripts. // // // // (c) Copyright 2001 PHP Script CENTER // // // // For more info on Email Form, // // see http://www.phpscriptcenter.com/emailform.php // // // /////////////////////////////////////////////////////////////////////////// // your name $yourname = "Karl Chandler"; // your email $youremail = "kchandler2000@hotmail.com"; // Default Send Page $yourdefaultsend = "http://www.prestone.co.uk/burn/mailsent"; //////////////////////////////////////////////////////////////////////////// // DO NOT EDIT BELOW THIS LINE // //////////////////////////////////////////////////////////////////////////// if($submitform) { $dcheck = explode(",",$require); while(list($check) = each($dcheck)) { if(!$$dcheck[$check]) { $error .= "Missing $dcheck[$check]<BR>"; } } if($error) { ?> <P><CENTER><TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0"> <TR> <TD WIDTH="100%" BGCOLOR="#004080"> <TABLE WIDTH="394" BORDER="0" CELLSPACING="1" CELLPADDING="2"> <TR> <TD WIDTH="26%" BGCOLOR="#004080"> <P><B><FONT COLOR="#ffffff" SIZE="-1" FACE="Verdana">Error</FONT></B></TD> </TR> <TR> <TD WIDTH="26%" BGCOLOR="#ffffff"> <FONT COLOR="#000000" SIZE="-1" FACE="Verdana"><?php echo $error; ?></FONT></TD> </TR> </TABLE></TD> </TR> </TABLE></CENTER> <P><CENTER> </CENTER></P> <P><CENTER><FONT SIZE="-2" FACE="Verdana"><B>Powered by: </B> <A HREF="http://www.phpscriptcenter.com/emailform.php">Email Form</A> Version 1.1</FONT></CENTER></P> </BODY></HTML> <?php exit(); } if ($fromname) { $yeshow = "\nFrom: $fromname\n"; } if ($fromemail) { $emailshow = "\nEmail: $fromemail\n"; } if ($maillist) { $mailshow = "\nAction: $maillist\n"; } mail($toemail,"$subject"," $yeshow $emailshow $mailshow ","From: $fromname <$fromemail>"); exit(); } else { ?> </BODY></HTML> <?php exit(); } ?>
If anyone can help me that'd be super excellent greatCode:<div align="center"> <div style="padding:0px; border:1px solid #999999; width:245px; margin: 0px;background-color:#000000;"> <form action="maillistform.php" method="post" style="margin:0px;"> <div style="margin:10px; font: 11px arial; color: white; text-align:right;"> <div style="margin-bottom:5px;"></div> Name: <input type="text" name="fromname" size="25" maxlength="60" /><br> Email: <input type="text" name="fromemail" size="25" maxlength="100" /><br> Mailing List? :</B></span> <select name="maillist" size="1"> <option value="join" SELECTED>Subscribe</option> <option value="leave">Unsubscribe</option> </select> <INPUT TYPE="hidden" NAME="sendpage" VALUE="http://www.prestone.co.uk/burn/mailthanks.html"> <INPUT TYPE="hidden" NAME="subject" VALUE="Mailing List Action for Burnmachina.co.uk"> <INPUT TYPE="hidden" NAME="toemail" VALUE="kchandler2000@hotmail.com"> <INPUT TYPE="hidden" NAME="require" VALUE="fromname,emailaddress,action"> <input type="submit" name="submit" value="GO" /><br> </div> </form> </div></div>
If it's something obvious, please don't pity me, I know no PHP!
Thanks,
Karl.
-
Jun 4, 2004, 07:48 #2does not play well with others
- Join Date
- Jan 2003
- Location
- Munich, Germany
- Posts
- 1,391
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Should'nt your file have an extension, eg mailsent.html ?
Originally Posted by Chanzo
We are the Borg. Resistance is futile. Prepare to be assimilated.
I'm Pentium of Borg.Division is futile.Prepare to be approximated.
-
Jun 4, 2004, 07:55 #3SitePoint Member
- Join Date
- Jun 2004
- Location
- Switzerland
- Posts
- 24
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
somehow it seems like it doesn't matter. all three vars in: Originally Posted by frezno
are not used at all, so far as I see...// your name
$yourname = "Karl Chandler";
// your email
$youremail = "kchandler2000@hotmail.com";
// Default Send Page
$yourdefaultsend = "http://www.prestone.co.uk/burn/contactsent.html";
Also, it can't be that, since that's the part that actually works
@Chanzo:
It's probably not the problem, but I would exchange $toemail with $youremail here:
and deleteCode:mail($toemail,"$subject"," $yeshow $emailshow $mailshow ","From: $fromname <$fromemail>");
from your HTML, as leaving it will make your E-Mail adress available to Spambots.Code:<INPUT TYPE="hidden" NAME="toemail" VALUE="kchandler2000@hotmail.com">
Best Regards
Colin Frei
-
Jun 4, 2004, 08:37 #4SitePoint Evangelist
- Join Date
- Feb 2003
- Location
- Somewhere in, MD
- Posts
- 400
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
does the toemail autofill the "TO" field in an email message? I don't think that is the problem, in fact i think it might cause more problems if you take it out.
I might be wrong, so his suggestion is a worth a try.
-
Jun 5, 2004, 09:53 #5SitePoint Member
- Join Date
- Jun 2004
- Location
- Preston
- Posts
- 12
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hey guys, thatnks for the quick reply but I tried all the suggestions in here and they didn't work!
Any more ideas?
-
Jun 5, 2004, 11:30 #6SitePoint Addict
- Join Date
- Mar 2002
- Location
- Miami, Florida - Caracas, Venezuela
- Posts
- 379
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Chanzo, how are you?
I went over the script you have there but don't have time to look for the problem.
What I can do is give you this little script that allows you to submit any form to it so that it is sent to a certain email.
Explanation:PHP Code:<?php
$to_email=$HTTP_POST_VARS['to_email'];
$subject=$HTTP_POST_VARS['subject'];
$from_name=$HTTP_POST_VARS['Name'];
$from_email=$HTTP_POST_VARS['Email'];
$error_page=$HTTP_POST_VARS['error_page'];
$thank_you_page=$HTTP_POST_VARS['thank_you_page'];
/*----------*/
$m='';
foreach($HTTP_POST_VARS as $a=>$b){$m.=$a.": ".$b."\n";}
(mail($to_email,$subject,$m,"From: ".$from_name."<".$from_email.">\r\n"))?header("Location: ".$thank_you_page):header("Location: ".$error_page);
?>
The first six lines are where I catch the "internal" variables sent by the form. Internal meaning that the script uses all the time (the minimum required).
You can edit these to prevent others from using your script for they sites by "hard coding" the $to_email variable. Actually you could also hard code the $subject, $from_name, $error_page and $thank_you_page but then the script would not be as flexible. Hard coding these variables would look like this:PHP Code:$to_email=$HTTP_POST_VARS['to_email'];
$subject=$HTTP_POST_VARS['subject'];
$from_name=$HTTP_POST_VARS['Name'];
$from_email=$HTTP_POST_VARS['Email'];
$error_page=$HTTP_POST_VARS['error_page'];
$thank_you_page=$HTTP_POST_VARS['thank_you_page'];
The rest is where the magic happens and I grab everything the script sends and send it to an email. Note: it doesn't make much sense to hard code the persons email so I don't here:PHP Code:$to_email='you@example.com';
$subject='your subject';
$from_name='from person';
$from_email=$HTTP_POST_VARS['Email'];
$error_page='http://www.yahoo.com';
$thank_you_page='http://www.google.com';
You don't need to worry about that part.PHP Code:/*----------*/
$m='';
foreach($HTTP_POST_VARS as $a=>$b){$m.=$a.": ".$b."\n";}
(mail($to_email,$subject,$m,"From: ".$from_name."<".$from_email.">\r\n"))?header("Location: ".$thank_you_page):header("Location: ".$error_page);
I use this script for my own stuff but I have it filter out some of the stuff that I get on the emails. I could send you that copy if you want but I am giving you this one for simplicity.
The Form:
You don't have to use this one but I include it here for illustration purposes.HTML Code:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Form to be emailed</title> <style> from{position:relative;} form div{text-align:right;clear:both;width:300px;} form div label{float:left;} form div input,form div textarea{width:150px;float:right;} </style> </head> <body> <form method="post" action="emailer.php"> <div class="form_row"><label>Sender's name</label><input type="text" name="Name" /></div> <div class="form_row"><label>Sender's e-mail</label><input type="text" name="Email" /></div> <div class="form_row"> <label>Subcribe me</label> <select name="subcribe"> <option value="Yes">Yes</option> <option value="No">No</option> </select> </div> <div class="form_row"><label>Message</label><textarea name="Message"></textarea></div> <div class="form_row"><label>Some other stuff</label><textarea name="some other stuff"></textarea></div> <div class="form_row"> <input type="submit" name="Submit" value="Submit" style="width:auto;"/> <input type="hidden" name="to_name" value="test recipient"/> <input type="hidden" name="to_email" value="you@example.com"/> <input type="hidden" name="subject" value="tester subject"/> <input type="hidden" name="error_page" value="http://www.yahoo.com/"/> <input type="hidden" name="thank_you_page" value="http://www.google.com/"/> </div> </form> </body> </html>
Explanation:
Most of it you don't absolutely need but I put it for formating purposess.
What you need to be concerned with is having this (minimum requirements):If you where to hard code the variables like we did above the you would only need this:HTML Code:<form method="post" action="emailer.php"> <input type="text" name="Name" /> <input type="text" name="Email" /> <select name="subcribe"> <option value="Yes">Yes</option> <option value="No">No</option> </select> <input type="submit" name="Submit" value="Submit" style="width:auto;"/> <input type="hidden" name="to_name" value="test recipient"/> <input type="hidden" name="to_email" value="you@example.com"/> <input type="hidden" name="subject" value="tester subject"/> <input type="hidden" name="error_page" value="http://www.yahoo.com/"/> <input type="hidden" name="thank_you_page" value="http://www.google.com/"/> </form>
Did I loose you? I got lost myself... believe me its simpler I just got carried away trying to help you understand how it works... :SHTML Code:<form method="post" action="emailer.php"> <input type="text" name="Email" /> <select name="subcribe"> <option value="Yes">Yes</option> <option value="No">No</option> </select> <input type="submit" name="Submit" value="Submit" style="width:auto;"/> </form>
If you want, you can just download a copy of both files (attached to this post).
Feel free to ask me if you need help...!!Luis
-
Jun 5, 2004, 11:41 #7SitePoint Addict
- Join Date
- Mar 2002
- Location
- Miami, Florida - Caracas, Venezuela
- Posts
- 379
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I can't see the attachment!!!
Is it supposed to take longer to appear?Luis
-
Jun 5, 2004, 11:43 #8SitePoint Addict
- Join Date
- Mar 2002
- Location
- Miami, Florida - Caracas, Venezuela
- Posts
- 379
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Note that what I don't do in mine is check for required fields.
Luis
-
Jun 5, 2004, 13:03 #9SitePoint Member
- Join Date
- Jun 2004
- Location
- Preston
- Posts
- 12
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hey man, that looks sweet! I'll giev it a shot tomorrow morning when I am less drunk
I'll let you know how I get on
-
Jun 5, 2004, 13:58 #10SitePoint Member
- Join Date
- Jun 2004
- Location
- Preston
- Posts
- 12
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
In fact, scratch that, I did it just now and it works absolutley spot on! Thank you very kindly Lgomez.
Is there a way in the mailling list one I'm doing to send user to two different pages for the two different values for "Mailling list" i.e subscription, unsubscription. I.e. if they subscribe send to a page saying "thanks blah blah" and if the unsubscribe to send to a page saying "sorry to see you go blah blah"?
Thanks a bunch man, 'preciate it!
-
Jun 5, 2004, 16:36 #11SitePoint Addict
- Join Date
- Mar 2002
- Location
- Miami, Florida - Caracas, Venezuela
- Posts
- 379
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Here's mine adapted to do that. I also added a feature that allows you to decide exactly what's included in the email.
emailer.phpemailer_form.phpPHP Code:<?php
$to_email=$HTTP_POST_VARS['to_email'];//Where data is being sent to.
$subject=$HTTP_POST_VARS['subject'];//Email's subject.
$from_name=$HTTP_POST_VARS['Name'];//Sender's name.
$from_email=$HTTP_POST_VARS['Email'];//Sender's email.
$subcribe=$HTTP_POST_VARS['subcribe'];//Subcription request (yes or no).
$error_page=$HTTP_POST_VARS['error_page'];//Error page.
$welcome_page=$HTTP_POST_VARS['welcome_page'];//Welcome page.
$bye_page=$HTTP_POST_VARS['bye_page'];//Farewell page if they unsubscribe.
$exclusions=array('to_email','subject','error_page','welcome_page','bye_page','Submit');// Add variables to this list to exclude them from apearing in the email.
/*----------*/
$m='';
foreach($HTTP_POST_VARS as $a=>$b){(!in_array($a,$exclusions))?$m.=$a.": ".$b."\n":false;}
($subcribe=='yes')?$redirect_to=$welcome_page:$redirect_to=$bye_page;
(mail($to_email,$subject,$m,"From: ".$from_name."<".$from_email.">\r\n"))?header("Location: ".$redirect_to):header("Location: ".$error_page);
?>Enjoy!HTML Code:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Form to be emailed</title> <style> from{position:relative;} form div{text-align:right;clear:both;width:300px;} form div label{float:left;} form div input,form div textarea{width:150px;float:right;} </style> </head> <body> <form method="post" action="emailer.php"> <div class="form_row"><label>Sender's name</label><input type="text" name="Name" /></div> <div class="form_row"><label>Sender's e-mail</label><input type="text" name="Email" /></div> <div class="form_row"> <label>Subcribe me</label> <select name="subcribe"> <option value="yes">Yes</option> <option value="no">No</option> </select> </div> <div class="form_row"><label>Message</label><textarea name="Message"></textarea></div> <div class="form_row"><label>Some other stuff</label><textarea name="some other stuff"></textarea></div> <div class="form_row"> <input type="submit" name="Submit" value="Submit" style="width:auto;"/> <input type="hidden" name="to_email" value="you@example.com"/> <input type="hidden" name="subject" value="tester subject"/> <input type="hidden" name="error_page" value="http://www.yahoo.com/"/> <input type="hidden" name="welcome_page" value="http://www.google.com/"/> <input type="hidden" name="bye_page" value="http://www.example.com/"/> </div> </form> </body> </html>
Luis
-
Jun 5, 2004, 17:40 #12SitePoint Wizard
- Join Date
- May 2003
- Location
- Berlin, Germany
- Posts
- 1,829
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
You should get a decent php emailer class instead for this problem. get used to not re-inventing wheels. Look out for code that was written already.
Here is one you could use:
license: GPLPHP Code:<?php
/* A really good mail class -- written by Jesse Lang <jesselang.com>
* Features:
* Fully MIME-compliant (I hope!)
* Multiple message formats
* Multiple attachments
* all the bells and whistles you want! (I hope!)
* SMTP socket or local sendmail transport (maybe someday)
*
* If you make modifications that may be useful to others, please send
* them to <j |at| jgdataworks.com>. I am especially looking for changes
* that fix any possible compatability problems with MTAs or MUAs, and any
* other features or options that are considered part of the e-mail standards.
*
* The (open source) community needs your help. 'Tis more blessed to give than
* to receive! Get involved! Go to [url]http://www.sf.net/projects/twobit/[/url] or
* [url]http://sf.net[/url] to find projects that you can help with. We all can benefit.
*/
/* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
define('DEBUG', FALSE);
define('MM_VERSION', '0.2');
define('MM_FILE', 1);
define('MM_STREAM', 2);
/******************************************************************************
* Compatibility Code
******************************************************************************
*/
if (!function_exists ("mime_content_type")) {
function mime_content_type ($file) {
return exec ("file -bi " . escapeshellcmd($file));
}
}
if(!function_exists("stripos")) {
function stripos($haystack, $needle, $offset=0) {
return strpos(strtoupper($haystack), strtoupper($needle), $offset);
}
}
if (!function_exists('file_get_contents')) {
function file_get_contents($filename, $use_include_path = 0) {
$file = @fopen($filename, 'rb', $use_include_path);
if ($file) {
if ($fsize = @filesize($filename)) {
$data = fread($file, $fsize);
} else {
while (!feof($file)) {
$data .= fread($file, 1024);
}
}
fclose($file);
return $data;
} else {
return FALSE;
}
}
}
/******************************************************************************
* End - Compatibility Code
******************************************************************************
*/
class MIMEMail extends MIMEMailCommon {
/* define unique parts of mail */
var $Messages;
var $Attachments;
function MIMEMail($to = FALSE, $from = FALSE, $subject = FALSE, $message = FALSE, $attachments = FALSE) {
$this->setHeader('X-Mailer', 'PHP/MIMEMail '.MIMEMAIL_VERSION);
$this->Priority('Normal');
//if($to) { $this->To(
return $this;
}
function From($email, $name = FALSE) {
$from = new MIMEMailAddress($email,$name);
/* set the 'Reply-To' header by default */
return $this->setHeader('From', $from) && $this->setHeader('X-Sender', $from) && $this->setHeader('Reply-To', $from);
}
function ReplyTo($email, $name = FALSE) {
$replyto = new MIMEMailAddress($email,$name);
return $this->setHeader('Reply-To', $replyto) && $this->setHeader('Return-Path', $replyto);
}
function To($email, $name = FALSE) {
if(is_array($email)) {
$addresses = $this->parseEmailAddresses($email);
foreach($addresses as $e => $n) {
$rv &= $this->To($e, $n);
}
return $rv;
} else {
return $this->appendHeader('To', new MIMEMailAddress($email,$name));
}
}
function Cc($email, $name = FALSE) {
if(is_array($email)) {
$addresses = $this->parseEmailAddresses($email);
foreach($addresses as $e => $n) {
$rv &= $this->Cc($e, $n);
}
return $rv;
} else {
return $this->appendHeader('Cc', new MIMEMailAddress($email,$name));
}
}
function Bcc($email, $name = FALSE) {
if(is_array($email)) {
$addresses = $this->parseEmailAddresses($email);
foreach($addresses as $e => $n) {
$rv &= $this->Bcc($e, $n);
}
return $rv;
} else {
return $this->appendHeader('Bcc', new MIMEMailAddress($email,$name));
}
}
function Subject($str) {
return $this->setHeader('Subject', $str);
}
function Organization($str) {
return $this->setHeader('Organization', $str);
}
function Priority($priority) {
if(is_numeric($priority)) {
switch($priority) {
case 1:
case 2:
$MSPriority = 'High';
break;
case 3:
$MSPriority = 'Normal';
break;
case 4:
case 5:
$MSPriority = 'Low';
break;
}
} else {
$MSPriority = $priority;
switch($MSPriority) {
case 'High':
$priority = 1;
break;
case 'Normal':
$priority = 3;
break;
case 'Low':
$priority = 5;
break;
}
}
return $this->setHeader('X-Priority', $priority) && $this->setHeader('X-MSMail-Priority', $MSPriority);
}
function Message($fnameordata, $mode) { /* MM_FILE */
$message = new MIMEMailMessage($fnameordata, $mode);
if(!empty($message->data)) {
$this->Messages[] = $message;
return TRUE;
} else {
return FALSE;
}
}
function MessageFile($filename) {
return $this->Message($filename, MM_FILE);
}
function MessageStream($stream) {
return $this->Message($stream, MM_STREAM);
}
function Attach($fnameordata, $mode, $filename = FALSE, $inline = FALSE) { /* MM_FILE */
$attachment = new MIMEMailAttachment($fnameordata, $mode, $filename, $inline);
if(!empty($attachment->data)) {
$this->Attachments[] = $attachment;
return TRUE;
} else {
return FALSE;
}
}
function AttachFile($file, $filename = FALSE, $inline = FALSE) {
return $this->Attach($file, MM_FILE, $filename, $inline);
}
function AttachStream($stream, $filename, $inline = FALSE) {
return $this->Attach($stream, MM_STREAM, $filename, $inline);
}
function parseEmailAddresses($data) {
if(is_array($data)) {
foreach($data as $d) {
$addys[] = $this->parseEmailAddresses($d);
}
foreach($addys as $addy) {
$addresses = array_merge($addresses, $addy);
}
return $addresses;
} else {
if($addys = preg_match_all("/(\"(.*?)\"\s+)?<?([\w\._-]+\@([\w_-]+\.)+[\w_-]+)>?/", $data, $matches)) {
for($i=0;$i<$addys;$i++) {
$addresses[$matches[3][$i]] = (!empty($matches[2][$i])?$matches[2][$i]:FALSE);
}
return $addresses;
} else {
return FALSE;
}
}
}
function Send($SMTP = FALSE) {
$isMime = sizeof($this->Messages) > 1 || sizeof($this->Attachments);
$multiMessage = sizeof($this->Messages) > 1;
if($isMime) {
$Mail['Headers'] .= "MIME-Version: 1.0".$this->LB;
}
$Mail['Headers'] .= $this->printHeader('From');
for($i=0;$i<sizeof($this->Headers['To']);$i++) {
$Mail['To'][] = $this->getHeader('To',$i);
}
$Mail['To'] = implode(',',$Mail['To']);
$Mail['Headers'] .= $this->printHeader('Cc');
$Mail['Headers'] .= $this->printHeader('Bcc');
$Mail['Headers'] .= $this->printHeader('Reply-To');
$Mail['Headers'] .= $this->printHeader('Return-Path');
$Mail['Subject'] .= $this->getHeader('Subject');
foreach($this->Headers as $name => $value) {
if(is_scalar($value) && substr($name,0,2) == 'X-') {
$Mail['Headers'] .= $this->printHeader($name);
}
}
if($isMime) {
$MailBoundary = "<<<:" . md5(uniqid(mt_rand(), 1));
$Mail['Headers'] .= "Content-Type: multipart/mixed;".$this->LB."\tboundary=\"".$MailBoundary."\"".$this->LB;
$Mail['Body'] .= 'This is a multi-part message in MIME format.'.$this->LB;
$Mail['Body'] .= $this->LB.'--'.$MailBoundary.$this->LB;
if($multiMessage) {
$MessageBoundary = "<<<:" . md5(uniqid(mt_rand(), 1));
$Mail['Body'] .= "Content-Type: multipart/alternative;".$this->LB."\tboundary=\"".$MessageBoundary."\"".$this->LB;
}
}
if(sizeof($this->Messages)) {
foreach($this->Messages as $message) {
if($multiMessage) { $Mail['Body'] .= $this->LB.'--'.$MessageBoundary.$this->LB; }
/* content type, encoding */
$Mail[($isMime?'Body':'Headers')] .= $message->printHeader('Content-Type',';','charset="'.$message->getCharset().'"').
$message->printHeader('Content-Transfer-Encoding');
if($isMime) { $Mail['Body'] .= $this->LB; }
/* content */
$Mail['Body'] .= $message->getData().$this->LB;
}
if($multiMessage) {
$Mail['Body'] .= $this->LB.'--'.$MessageBoundary.'--'.$this->LB;
}
}
if($isMime) {
if(sizeof($this->Attachments)) {
foreach($this->Attachments as $attachment) {
$Mail['Body'] .= $this->LB.'--'.$MailBoundary.$this->LB;
$Mail['Body'] .= $attachment->printHeader('Content-Type',';','name="'.$attachment->getFilename().'"').
$attachment->printHeader('Content-Transfer-Encoding').
$attachment->printHeader('Content-Disposition',';','filename="'.$attachment->getFilename().'"').$this->LB;
$Mail['Body'] .= $attachment->getData().$this->LB;
}
}
$Mail['Body'] .= $this->LB.'--'.$MailBoundary.'--'.$this->LB;
}
if(DEBUG) {
print $Mail['Headers'].$Mail['Subject'].$Mail['Body'];
return TRUE;
// } else if($SMTP) {
// return $this->SMTP($Mail['To'], $Mail['Subject'], $Mail['Body'], trim($Mail['Headers']));
} else {
return mail($Mail['To'], $Mail['Subject'], $Mail['Body'], trim($Mail['Headers']));
}
}
/* function SMTP($to, $subject, $body, $headers = '') {
if(preg_match("/^From:\s+(.*?)$this->LB/m", $headers, $matches)) {
$from = $matches[1];
}
//ini_set(sendmail_from, $from);
$socket = fsockopen (ini_get("SMTP"), ini_get("smtp_port"), $errno, $errstr, 30) or die("Could not talk to the sendmail server!");
$rcv = fgets($socket, 1024);
print $rcv;
fclose($socket);
//ini_restore(sendmail_from);
return TRUE;
}
*/
}
class MIMEMailContent extends MIMEMailCommon
{
var $data;
var $charset;
var $filename;
/* encodings: 7bit, quoted-printable, base64 (for html) */
function MIMEMailContent($fnameordata, $mode) {
if($mode == MM_FILE) {
if($data = file_get_contents($fnameordata)) {
$this->setFilename(basename($fnameordata));
$fnameordata = $data;
unset($data);
} else {
return FALSE;
}
}
/* we should have data by now */
$this->setContentType($this->getContentType($fnameordata));
$this->data = $fnameordata;
$this->setCharsetFromContentType();
switch($this->getHeader('Content-Type')) {
case 'text/plain':
$encoding = '7bit';
break;
case 'text/html':
default:
$encoding = 'base64';
break;
}
$this->setContentTransferEncoding($encoding);
return $this;
}
function setContentType($type) {
return $this->setHeader('Content-Type',$type);
}
function setContentTransferEncoding($encoding) {
return $this->setHeader('Content-Transfer-Encoding', $encoding);
}
function getContentType($content = FALSE) {
$tmpfile = $this->toTempfile($content);
if(file_exists($tmpfile)) {
$ct = mime_content_type($tmpfile);
unlink($tmpfile);
return $ct;
} else {
return FALSE;
}
}
function getData() {
switch($this->getHeader('Content-Transfer-Encoding')) {
case '7bit':
case 'quoted-printable':
return $this->data;
break;
case 'base64':
return chunk_split(base64_encode($this->data));
case FALSE:
return $this->data;
break;
default:
return $this->data;
break;
};
}
function toTempfile($content = FALSE) {
$filename = tempnam(getenv('TEMP'), 'MMTMP');
$fp = fopen($filename, 'wb');
if($content !== FALSE) {
fwrite($fp, $content);
} else {
fwrite($fp, $this->data);
}
fclose($fp);
return $filename;
}
function setCharset($charset) {
$this->charset = $charset;
return TRUE;
}
function getCharset() {
return $this->charset;
}
function setCharsetFromContentType() {
$ct = $this->getHeader('Content-Type');
if(($csI = stripos($ct, 'charset=')) === FALSE) {
return FALSE;
}
$cs = substr($ct, $csI);
$ct = substr($ct, 0, $csI);
$ct = str_replace(';','',$ct);
$this->setContentType(trim($ct));
$cs = explode('=', str_replace('"','',$cs));
return $this->setCharset($cs[1]);
}
function setFilename($fname) {
$this->filename = $fname;
return TRUE;
}
function getFilename() {
return $this->filename;
}
}
class MIMEMailMessage extends MIMEMailContent
{
function MIMEMailMessage($fnameordata, $mode) {
$this->charset = 'iso-8859-1';
if($this->MIMEMailContent($fnameordata, $mode) === FALSE) { return FALSE; }
return $this;
}
}
class MIMEMailAttachment extends MIMEMailContent
{
function MIMEMailAttachment($fnameordata, $mode, $filename = FALSE, $inline = FALSE) {
if($this->MIMEMailContent($fnameordata, $mode) === FALSE) { return FALSE; }
if($filename !== FALSE) { $this->setFilename($filename); }
$this->setContentDisposition($inline);
return $this;
}
function setContentDisposition($inline) {
return $this->setHeader('Content-Disposition',($inline?'inline':'attachment'));
}
}
class MIMEMailCommon
{
/* define common members and functions */
var $Headers;
var $LB = "\n";
function MIMEMailCommonObject() {
return $this;
}
function printHeader($name, $delim = ',', $params = FALSE) {
if(!isset($this->Headers[$name])) {
return '';
}
$str = '';
if(is_array($this->Headers[$name])) {
foreach($this->Headers[$name] as $element) {
$str .= $delim;
if(is_object($element)) {
$str .= $element->toString();
} else if(is_scalar($element)) {
$str .= $element;
}
}
$str = substr($str,1); // to remove extra delimiter
} else if(is_object($this->Headers[$name])) {
$str .= $this->Headers[$name]->toString();
} else if(is_scalar($this->Headers[$name])) {
$str .= $this->Headers[$name];
}
$str = $name.': '.$str;
if($params !== FALSE) {
$str .= $delim.' '.$params;
}
$str .= $this->LB;
return $str;
}
function getHeader($name, $index = 0) {
if(isset($this->Headers[$name])) {
if(is_array($this->Headers[$name])) {
if(is_object($this->Headers[$name][$index])) {
return $this->Headers[$name][$index]->toString();
} else {
return $this->Headers[$name][$index];
}
} else if(is_object($this->Headers[$name])) {
return $this->Headers[$name]->toString();
} else {
return $this->Headers[$name];
}
} else {
return FALSE;
}
}
function setHeader($name, $value) {
$this->Headers[$name] = $value;
return TRUE;
}
function appendHeader($name, $value) {
if(isset($this->Headers[$name])) {
if(is_array($this->Headers[$name])) {
$this->Headers[$name][] = $value;
} else {
$this->Headers[$name] = array($this->Headers[$name], $value);
}
return TRUE;
} else {
return $this->setHeader($name, $value);
}
}
function removeHeader($name) {
unset($this->Headers[$name]);
}
}
class MIMEMailAddress
{
var $email;
var $name = FALSE;
function MIMEMailAddress($email, $name = FALSE) {
// should do proper regex checks on email
$this->email = $email;
if($name !== FALSE) { $this->name = $name; }
return $this;
}
function toString($useName = TRUE) {
$str = '';
if($useName && $this->name !== FALSE) { $str .= '"'.$this->name.'" <'; }
$str .= $this->email;
if($useName && $this->name !== FALSE) { $str .= '>'; }
return $str;
}
}
/* Usage example:
$mailobj = new MIMEMail();
$mailobj->From('sentfrom@myhost.com', 'I am the sender');
$mailobj->To('receive@yourhost.com');
$mailobj->ReplyTo('replyto@myhost.com');
$mailobj->Subject('This is a neat PHP mail class!');
$mailobj->setHeader('X-Mailer', 'PHP/MIMEMail');
$mailobj->MessageStream('<html><head><title>title</title></head><body>This is an html page.</body></html>');
$mailobj->MessageFile('test.txt');
$mailobj->AttachFile('test.txt');
$mailobj->AttachFile('../imgs/img.jpg');
$mailobj->Send();
*/
?>
-
Jun 5, 2004, 17:42 #13SitePoint Addict
- Join Date
- Mar 2002
- Location
- Miami, Florida - Caracas, Venezuela
- Posts
- 379
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
...or you could try that... jejeje!
Luis
-
Jun 5, 2004, 17:46 #14SitePoint Wizard
- Join Date
- May 2003
- Location
- Berlin, Germany
- Posts
- 1,829
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
In fact it is a very good one with one of the best designs you could have for this problem/task.
-
Jun 5, 2004, 18:00 #15SitePoint Addict
- Join Date
- Mar 2002
- Location
- Miami, Florida - Caracas, Venezuela
- Posts
- 379
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
It looks very complete. I'll try it some time soon.
Thanks,Luis
-
Jun 6, 2004, 14:41 #16SitePoint Member
- Join Date
- May 2004
- Location
- Denmark
- Posts
- 6
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I like the idea with the mailer class. I just have a security question...
how do you prevent a spammer from exploiting the mailer scripts?
-
Jun 6, 2004, 21:38 #17SitePoint Wizard
- Join Date
- May 2003
- Location
- Berlin, Germany
- Posts
- 1,829
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Well how could one exploit the mailer scripts?
-
Jun 7, 2004, 07:51 #18SitePoint Member
- Join Date
- May 2004
- Location
- Denmark
- Posts
- 6
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I know it might sound a bit far fetched.
If you create a script setting the correct variables and submit them with post to the mailer script.
If the to: email address is one of the variables supplied by the input form you may send email to anyone.
I have seen attempts to exploit the old formmail.pl script this way on the webservers I administrate.
-
Jun 7, 2004, 08:01 #19SitePoint Addict
- Join Date
- Mar 2002
- Location
- Miami, Florida - Caracas, Venezuela
- Posts
- 379
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
It is up to you to make sure you secure your scripts.You can edit these to prevent others from using your script for they sites
The emailer class provided above by DarkAngelBGE is clearly much better than my option but it's also a lot more advanced and probably hard to understand for a less experienced user (ie. Chanzo).
Both scripts could be exploited if no attention is given to preventing it.Luis
-
Jun 7, 2004, 08:11 #20SitePoint Member
- Join Date
- May 2004
- Location
- Denmark
- Posts
- 6
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Do you have some recommendations on how to secure the scripts?
I'm trying to secure my scripts and the best solution I can come up with is to examine the $_SERVER['http_referer']. But this is not waterprof. Not all browsers sends this variable.
Should I start a new thread on the subject, or do you have any ideas you wan't to share here?
-
Jun 7, 2004, 09:02 #21SitePoint Addict
- Join Date
- Mar 2002
- Location
- Miami, Florida - Caracas, Venezuela
- Posts
- 379
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I'm sure there are many ways of doing that but off the top of my head I can sugest
- Checking that no more that x number of submitions are sent from the same referer in a specified period of time.
- Use sessions to identify users and prevent exploits.
- Don't allow more than x submitions per x ammount of time (regardless of refferer).
Luis
-
Jun 7, 2004, 09:05 #22SitePoint Addict
- Join Date
- Mar 2002
- Location
- Miami, Florida - Caracas, Venezuela
- Posts
- 379
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
By the way, I don't think many people will find it useful or entertaining to exploit a script that sends emails only to you (I hope).
You shouldn't leave the recipient's address open to submitions.Luis
-
Jun 7, 2004, 10:25 #23SitePoint Member
- Join Date
- May 2004
- Location
- Denmark
- Posts
- 6
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I think I'll try a combination of sessions, referer and making sure that it isn't possible to specify a to email address when it isn't wanted.
I'll try to describe the challenge I face. I'm the admin of a system with 50-100 websites. They need a script equivalent to formmail.pl. Since most of the webdesigners have no knowledge of PHP i need a script that handles mailing of input from forms in a simple way. It would be nice to find a safe way to include the to address in the form. I think two conditions must be met to allow this:
1. The refering website must be on my server
2. the address should be presented in a manner that doesn't make it exploitable to spammers (eg. address_at_hostname_com).
If all the webdesigners knew PHP i would make an include file that starts a session telling the mailer script that the referer is valid. Since many of the designers use frontpage or dreamweaver this is not always possible. Because of that I'll use 1 or 2 steps in 'authenticating' refering webpages: Check if a valid session exists if that isn't the case the $_SESSION['http_referer'] must be a page from the same host. If none of these requirements are met the script won't send anything.
I'm considering a third method, placing a textfile on the server with the e-mail address but it seems to me that this aproach is just as complicated as including a PHP file.
Thankyou for your help so far
Bookmarks