Help with delivered Form text display

PHP
1

This code delivers the emails successfully from the Form, except the sent text displays in the email all bunched together like so:

this is the test message text from formHello name - Thank you…

How can I remedy that? What might be better is if the “this is the test message text from form” could appear somewhere after the “Hello name - Thank you…”

I’ve tried several attempts to change how it displays in the email, but no luck.

<?php
if($_POST){
	$to = 'chris@....com';
	$subject = 'Form';
	$name = $_POST['name'];
	$email = $_POST['email'];
	$message = $_POST['message'];
	$message1 = $_POST['message'];
	$headers = $name;
	$headers = 'from: s....@....com';

	$message .= "Hello ".$_POST['name']." -  Thank you....";
	$message1 .= "---- Name: ".$_POST['name']." ---- Email: ".$_POST['email']." ";

   		mail( $to, $subject, $message1, $headers );
   		mail( $email, $subject, $headers, $message );

		header('Location: https://.....com');
   exit;
}
?>

I look forward to any comments/assistance

2

Hi Chris

If you are inserting any of this code into a DB i would recommend putting some sort of escape string on those values as you will be vulnerable to SQL injections.

To space out the lines use <br> to break to the next line and use x 2 to leave a line between your text.

In terms of layout, i would suggest something like this…

<?php
if($_POST){
 $subject = "Form From ChrisJ";  
 $headers  = 'MIME-Version: 1.0' . "\r\n";   
 $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
 // Additional headers       
 $headers .= 'From: ChrisJ <noreply@example.com>' . "\r\n";           
 $to = $email;
 $body = "
 Hello $name
 <br><br>
 Thank you for submitting the form...
 <br><br>
 We will be in touch in due course.";
 mail($to, $subject, $body, $headers);
 }
?>

Then your email will read:-


From: ChrisJ noreply@example.com
Subject: Form From ChrisJ

Hello Bob

Thank you for submitting the form…

We will be in touch in due course.

Hope this helps Chris.

Let me know if you have any questions.

3

Thanks for your reply and suggestion.

I added in the

		header('Location: https://.....com');
   exit;

to your code and filled in the From Chrisj email, and proceeded with submitting the Form, but the email is not being sent.
isn’t to: $email; supposed to capture the email entered into the Form?

Also, my original code sends the Form “message” to the email entered into the Form, and to $to = ‘chris@…com’;

So, please enlighten me as to what I might be missing, in testing your “something like this”. Thanks

4

Hi Chris,

Try this and let me know :wink:

<?php
// Include config file
require_once "yourconnnectiontodb.php";
 
// Define variables and initialize with empty values
$name = $email = $note = "";
 
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){

	if (isset($_POST['name']))
	{
	$name= mysqli_real_escape_string($con,$_POST['name']);
	}

	if (isset($_POST['email']))
	{
	$email= mysqli_real_escape_string($con,$_POST['email']);
	}


	if (isset($_POST['note']))
	{
	$note= mysqli_real_escape_string($con,$_POST['note']);
	}
    
    $subject = "Form From ChrisJ";  
    $headers  = 'MIME-Version: 1.0' . "\r\n";   
    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
    // Additional headers       
    $headers .= 'From: chrisJ <noreply@example.com>' . "\r\n";
    $headers .= 'Bcc: chrisJ@example.com' . "\\r\
";          
    $to = $email;
    $body = "
    Hello $name
    <br><br>
    Thank you for submitting the form...
    <br><br>
    We will be in touch in due course.
    <br><br>
    Original Message:-
    <br><br>
    $note
    ";
    mail($to, $subject, $body, $headers);

    // Add header redirect in here
    }
?>

You could then add some JS validation for email address etc.

Let me know how you get on.

5

Hi @oli_d111,
The problem with your example is that in a properly coded form, the POST 'd fields will always be isset, so those checks are pointless since it will always run. What you need to do is trim the POST array and then check for empty.

6

Agreed however you could also use “required” attribute within the input which will prevent the form from being submitted until data has been populated in that particular field.

7

Thanks for your messages.
I replaced the file with the code “Try this and let me know”, by first adding in the header redirect, and:

// Include config file
require_once "config.php";

but, I don’t know what to do with:

// Define variables and initialize with empty values
$name = $email = $note = "";

and added in a cc email address,
ran it like that, and it didn’t deliver any emails or redirect.

any additional assistance is welcomed.

8

Well, not necessarily. What if the user enters blank spaces? Remember, “NEVER trust user input”.

Additionally, that also assumes that the POST request will always come from your form. There are many ways to make a POST request. You still need the proper code to handle the actual request, regardless of how/where it was sent from. In the case you want to “force” the use of your form you would then implement CSRF but you would still need to implement the trim/check for empty code. :grinning:

1 Like
9

Show us your current code.

10

Here is the current code:

<?php
// Include config file
require_once "config.php";

// Define variables and initialize with empty values
$name = $email = $note = "";

// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){

	if (isset($_POST['name']))
	{
	$name= mysqli_real_escape_string($con,$_POST['name']);
	}

	if (isset($_POST['email']))
	{
	$email= mysqli_real_escape_string($con,$_POST['email']);
	}


	if (isset($_POST['note']))
	{
	$note= mysqli_real_escape_string($con,$_POST['note']);
	}

    $subject = "Form From ChrisJ";
    $headers  = 'MIME-Version: 1.0' . "\r\n";
    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
    // Additional headers
    $headers .= 'From: chrisJ <noreply@example.com>' . "\r\n";
    $headers .= 'Bcc: chris....@....com' . "\\r\
";
    $to = $email;
    $body = "
    Hello $name
    <br><br>
    Thank you for submitting the form...
    <br><br>
    We will be in touch in due course.
    <br><br>
    Original Message:-
    <br><br>
    $note
    ";
    mail($to, $subject, $body, $headers);


   header('Location: https://.....com');
   exit;


    }
?>

the … is just for example purposes, it has actual info when the code is run

11

Your message field was called $_POST['message'] at the beginning, have you changed the html to use note instead?

That suggests that it isn’t getting into the main if() block at all, since both the mail sending and redirect are in there.

And the “from” address, you change that too of course.

Is your database connection string contained in $con, and do you include your database connection code? As I understand it (I don’t use mysqli, so never quite sure) that you need to have a database connection in your mysqli_real_escape_string() calls.

Have you tried adding echo statements throughout the code, so you can see how far the code is getting, check values are what they should be, and so on?

12

IMHO, when in doubt, read the docs

You see it’s an alias of
https://www.php.net/manual/en/mysqli.real-escape-string.php

hmmm, real vs what exactly? :unicorn: anyway …

… The given string is encoded to an escaped SQL string, taking into account the current character set of the connection. …

so, maybe it has a sane default? - game ender for me -

Executing this function without a valid MySQLi connection passed in will return NULL and emit E_WARNING level errors.

I suppose one could intentionally ignore Warnings and code around the NULLs but that one wouldn’t be me.

13

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.