Hi, I want to add an email verification to my form. I have added this code to my PHP script, but the script does not fire back a warning telling me that the email address is valid. I also found this script, which is most accurate and most important reliable ?
// include SMTP Email Validation Class
require_once('smtp_validateEmail.class.php');
// the email to validate
$email = 'user@example.com';
// an optional sender
$sender = 'user@mydomain.com';
// instantiate the class
$SMTP_Validator = new SMTP_validateEmail();
// turn on debugging if you want to view the SMTP transaction
$SMTP_Validator->debug = true;
// do the validation
$results = $SMTP_Validator->validate(array($email), $sender);
// view results
echo $email.' is '.($results[$email] ? 'valid' : 'invalid')."\
";
// send email?
if ($results[$email]) {
//mail($email, 'Confirm Email', 'Please reply to this email to confirm', 'From:'.$sender."\\r\
"); // send email
} else {
echo 'The email addresses you entered is not valid';
}
My submit.php form code:
<?php
session_start();
$your_email ='';// <<=== update to your email address
$errors = '';
$name = '';
$visitor_email = '';
$user_message = '';
if(isset($_POST['name']))
{//Never check for submit button - IE has a but and doesn't always send it
$name = $_POST['name'];
$visitor_email = $_POST['email'];
$user_message = $_POST['message'];
///------------Do Validations-------------
if(empty($name)||empty($visitor_email))
{
$errors .= "\
Name and Email are required fields. ";
}
if(IsInjected($visitor_email))
{
$errors .= "\
Bad email value!";
}
if(empty($_SESSION['6_letters_code'] ) ||
strcasecmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0)
{
//Note: the captcha code is compared case insensitively.
//if you want case sensitive match, update the check above to
// strcmp()
$errors .= "\
The captcha code does not match!";
}
if(empty($errors))
{
//send the email
$to = $your_email;
$subject="New form submission";
$from = $your_email;
$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
$body = "A user $name submitted the contact form:\
".
"Name: $name\
".
"Email: $visitor_email \
".
"Message: \
".
"$user_message\
".
"IP: $ip\
";
$headers = "From: $from \\r\
";
$headers .= "Reply-To: $visitor_email \\r\
";
mail($to, $subject, $body,$headers);
}
}
// Function to validate against any email injection attempts
function IsInjected($str)
{
$injections = array('(\
+)',
'(\\r+)',
'(\ +)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str))
{
return true;
}
else
{
return false;
}
//THIS IS THE LOCATION I PLACED THE ABOVE SCRIPT, IF IT'S DEPENDABLE.
}
?>
I’m guessing I may need to add a warning to the form. I have found a few for such a task this one located on this page, interests me and it doesn’t seem hard to add just add a class to the HTML form with a specific word.
Validation = “Is this formatted the way an email address should be”
Exists is something entirely different, and not (to my knowledge) something that can be identified without actually trying to send a mail to that account.
Then what do those scripts do, from my knowledge they validate if the email address is valid, unless upon sending they validate unless they fireback that it wasn’t valid. One of the links I posted in my original message is
‘How to check if an email address exists without sending an email?’
Okay, technically it doesnt send an email; it sends the socket commands for everything up to sending the message (Mail FROM, ADDR). It’s still connecting to the remote host and sending the commands. So no, it doesnt send an email - but it still relies on being able to connect to the recipient’s email server. If fsockopen is allowed on your server, and the receiving server is amenable to socket connections in this format, it -should- work for most domains.
How do I get it to work to see if it works ? I couldn’t decide which script to use what I had posted, unless neither is effective and someone knows of another ?
Well you cant place it where you have labeled it (Anything after the RETURN command will never execute) - Use the inject function first, then do the exists check.
As for which of the two linked scripts - the second one doesn’t actually check the existence of an email address - it just validates that it’s in the correct form.
Well you cant place it where you have labeled it (Anything after the RETURN command will never execute) - Use the inject function first, then do the exists check.
I should place the script before this line;
// Function to validate against any email injection attempts
As for which of the two linked scripts - the second one doesn’t actually check the existence of an email address - it just validates that it’s in the correct form.
Which second one are you referring to the code or the actual link ? Since the code comes after the link in my first message.
I’m not getting an email, or could that be because the email address I entered wasn’t a valid address, let me try on a valid address see how the script preforms and update.
I’m not getting any email, from the form and there should be atleast a warning telling the user that their email address is not valid, as example sexy@bod.com if that address is valid the form would submit, if invalid the user would be informed it’s invalid right on the form.
? I couldn’t decide which script to use what I had posted, unless neither is effective and someone knows of another ?