I created an email script using the mail() function. Thanks to the help of the many talented individuals here I have got it working and secured it.
But when anyone enters a coment such as:
I'm still hungry!
it comes out in the email as:
I\'m still hungry!
How do I make sure it keeps the text format.
Here is my code
Code://Checks single-line inputs: //Returns false if text contains newline characters function has_no_newlines($text) { return preg_match("/(%0A|%0D|\n+|\r+)/i", $text); } //Checks multi-line inputs: //Returns false if text contains newline followed by email-header specific strings function has_no_emailheaders($text) { return preg_match("/(%0A|%0D|\n+|\r+)(content-type:|to:|cc:|bcc:)/i", $text); } // Effectively turns off dangerous register_globals without having to edit php.ini if (ini_get(register_globals)) // If register_globals is enabled { // Unset $_GET keys foreach ($_GET as $get_key => $get_value) { if (ereg('^([a-zA-Z]|_){1}([a-zA-Z0-9]|_)*$', $get_key)) eval("unset(\${$get_key});"); } // Unset $_POST keys foreach ($_POST as $post_key => $post_value) { if (ereg('^([a-zA-Z]|_){1}([a-zA-Z0-9]|_)*$', $post_key)) eval("unset(\${$post_key});"); } // Unset $_REQUEST keys foreach ($_REQUEST as $request_key => $request_value) { if (ereg('^([a-zA-Z]|_){1}([a-zA-Z0-9]|_)*$', $request_key)) eval("unset(\${$request_key});"); } } // All form fields are automatically passed to the PHP script through the variable $_post Introduced in PHP version 4.1.0 // for earlier versions, use the array $HTTP_POST_VARS $name = $_POST['name']; $mail = $_POST['mail']; $telephone = $_POST['telephone']; $city = $_POST['city']; $state = $_POST['state']; $country = $_POST['country']; $comments = $_POST['comments']; $to = "someone@this.com"; $subject = "Technical Support"; $headers = "From: " . $name; $message = "From: " . $name . "\r\n". $mail . "\r\n" . $telephone . "\r\n" . $city . "\r\n" . $state . "\r\n" . $country . "\r\n" . "\r\n" . $comments; // PHP form validation: checks that the Email field contains a valid email address and the Name, Country, and Comments fields aren't empty // preg_match performs a regular expression match. It's a very powerful PHP function to validate form fields and other strings - see PHP manual for details if ($name == "") { echo "<h4>You did not provide your name.</h4>"; echo "<a href='javascript:history.back(1);'>Back</a>"; } elseif (!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/", $mail)) { echo "<h4>Invalid email address</h4>"; echo "<a href='javascript:history.back(1);'>Back</a>"; } elseif ($telephone == "") { echo "<h4>You did not provide a phone number</h4>"; echo "<a href='javascript:history.back(1);'>Back</a>"; } elseif ($country == "") { echo "<h4>It is helpfull for us to know which contry you are in.</h4>"; echo "<a href='javascript:history.back(1);'>Back</a>"; } elseif ($comments == "") { echo "<h4>Please provide a brief descrition about how we can help you.</h4>"; echo "<a href='javascript:history.back(1);'>Back</a>"; } /* else { echo "<h4>true</h4>"; } */ // Sends the mail and outputs the "Thank you" string if the mail is successfully sent or the error string if it fails elseif (mail($to,$subject,$message,$headers)) { echo "<h4>Thank you for your request for technical support information from Sandhill Scientific.<br /> Your message will be answered expeditiously.</h4>"; } else { echo "<h4>We seem to be expiriencing technical dificulties.<br /> Plese feel free to contact us through email at:<br /> technicalsupport@sandhillsci.com<br /> by Fax: 303-470-2975 or by telephone: 303-470-7020<br /> Monday thorught Friday 6am-5pm MST<br /> (available after hours by calling in to the above phone number and following the message.)</h4>"; } // error reporting enabled // error_reporting(E_ALL ^ E_NOTICE); ?>
Bookmarks