SitePoint Sponsor

User Tag List

Results 1 to 9 of 9
  1. #1
    SitePoint Member
    Join Date
    Jun 2007
    Posts
    5
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP Form No Longer Working

    I recently changed my domain name with my hosting company only to find out that they have now turned off register_globals for any new domains. So now the form on my contact page no longer works. Well it kind of works. Once the information has been entered into the form and the form submitted, it IS sent through to my email address but comes through empty. I was wondering if some one with PHP knowledge could help with my coding as I'm no good at this. This coding would now have to work in an environment where the register_globals feature is OFF. Thanks if any one can help. Below is a copy of my code I am currently using which does not work any more:

    <?
    $mailto='auto-reply@jadedlusion.com';
    $subject="Wedding Request";
    $thankyou="http://www.jadedlusion.com/Thank_You.htm";
    $body.="Personal Information\n";
    $body.="
    ";
    $body.="Full Name: $Full_Name\n";
    $body.="
    ";
    $body.="Email: $Email_Address\n";
    $body.="
    ";
    $body.="Telephone: $Telephone_Number\n";
    $body.="
    ";
    $body.="Comments: $Comments\n";
    $body.="
    ";
    $body.="----------------------------------------------\n";
    $body.="
    ";
    $body.="Date of Function: $day $month $year\n";
    $body.="
    ";
    $body.="----------------------------------------------\n";
    $body.="
    ";
    $body.="Browser: $HTTP_USER_AGENT\n";
    $body.="From page: $HTTP_HOST\n";
    $body.="IP address: $REMOTE_ADDR\n";
    mail($mailto,$subject,$body,"From: $Email_Address\n");
    Header ("Location: $thankyou");
    ?>

  2. #2
    ✯✯✯ silver trophybronze trophy php_daemon's Avatar
    Join Date
    Mar 2006
    Posts
    5,284
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Code php:
    $body.="Full Name: $_POST[Full_Name]\n";
    and so on...

    Code php:
    $body.="Browser: $_SERVER[HTTP_USER_AGENT]\n";
    and so on...

    But I want to draw your attention to $Email_Address, it goes the the headers and should be validated.
    Saul

  3. #3
    SitePoint Member
    Join Date
    Jun 2007
    Posts
    5
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Still unsure about what to do about the last bit of code.

  4. #4
    ✯✯✯ silver trophybronze trophy php_daemon's Avatar
    Join Date
    Mar 2006
    Posts
    5,284
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Which bit? Change the variables to access them through $_POST and $_SERVER.
    Saul

  5. #5
    SitePoint Member
    Join Date
    Jun 2007
    Posts
    5
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    $body.="From page: $HTTP_HOST\n";
    $body.="IP address: $REMOTE_ADDR\n";

    Do I use $_POST or $_SERVER on all these?

    Also do I change anything on:

    mail($mailto,$subject,$body,"From: $Email_Address\n");
    Header ("Location: $thankyou");

    Thanks for the help. I'm new to PHP so this is like learning a foreign language.

  6. #6
    ✯✯✯ silver trophybronze trophy php_daemon's Avatar
    Join Date
    Mar 2006
    Posts
    5,284
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Hm, I'll go a bit further:

    Code php:
    <?php
    $mailto='auto-reply@jadedlusion.com';
    $subject="Wedding Request";
    $thankyou="http://www.jadedlusion.com/Thank_You.htm";
     
    if(!preg_match('/^([a-zA-Z0-9])+([.a-zA-Z0-9_-])*@([a-zA-Z0-9_-])+(.[a-zA-Z0-9_-]+)+$/',$_POST['Email_Address']){
      echo 'Please enter a valid e-mail address.';
    }else{
      $body.="Personal Information\n";
      $body.="
    ";
      $body.="Full Name: $_POST[Full_Name]\n";
      $body.="
    ";
      $body.="Email: $_POST[Email_Address]\n";
      $body.="
    ";
      $body.="Telephone: $_POST[Telephone_Number]\n";
      $body.="
    ";
      $body.="Comments: $_POST[Comments]\n";
      $body.="
    ";
      $body.="----------------------------------------------\n";
      $body.="
    ";
      $body.="Date of Function: $_POST[day] $_POST[month] $_POST[year]\n";
      $body.="
    ";
      $body.="----------------------------------------------\n";
      $body.="
    ";
      $body.="Browser: $_SERVER[HTTP_USER_AGENT]\n";
      $body.="From page: $_SERVER[HTTP_HOST]\n";
      $body.="IP address: $_SERVER[REMOTE_ADDR]\n";
      mail($mailto,$subject,$body,"From: $_POST[Email_Address]\n");
      Header ("Location: $thankyou");
    }
    ?>
    Saul

  7. #7
    SitePoint Member
    Join Date
    Jun 2007
    Posts
    5
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks a lot! Really appreciate it! If you can, can you explain what all the code is that you have placed on line 6 and what it is for?

  8. #8
    ✯✯✯ silver trophybronze trophy php_daemon's Avatar
    Join Date
    Mar 2006
    Posts
    5,284
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    You use the value of Email_Adress to set the From email in the headers of the message. The users have full control of what they can enter; that can be exploited (see email header injections). To avoid this, we should validate the user input to make sure only valid email gets through. That is exactly why I have added that regular expression for.
    Saul

  9. #9
    SitePoint Member
    Join Date
    Jun 2007
    Posts
    5
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    OK I think I get it. This is basically validating the users input. Thanks a lot. You have helped a great deal.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •