On Fri, March 16, 2007 1:05 pm, Bruce Gilbert wrote: > I have a form on my website, that used to work, but I just realized > that now it doesn't. You don't get any errors, but I am not receiving > an email with the information after the submittal. > > The form is located at http://www.inspired-evolution.com/Contact.php > > and the PHP is: > > [php] > <?php > include("emailval.php"); > $site_name = "Inspired-Evolution.com"; > $site_owner_email = "webguync@xxxxxxxxx"; > $your_domain = "www.inspired-evolution.com"; > $current_url = $_SERVER['REQUEST_URI']; > > $submit = $_REQUEST['submit']; > > if(isset($submit)){ > > $name = $_REQUEST['name']; > $flizzum_flazzum = $_REQUEST['flizzum_flazzum']; > $subject = $_REQUEST['subject']; > $msg = $_REQUEST['msg']; > > if(strlen($name) < 2){ > $name_warn = "true"; > } > if (MailVal($flizzum_flazzum, 2)){ > $email_warn = "true"; > } > if(strlen($msg) < 2){ > $msg_warn = "true"; > } > > if (preg_match("/$your_domain/i", "$flizzum_flazzum")) { > $bogus_warn = "true"; > } > > if((!isset($name_warn))&& > (!isset($email_warn))&& > (!isset($bogus_warn))&& > (!isset($msg_warn))){ > > // headers for the email listed below > $headers .= "From: $name <$flizzum_flazzum>\n"; // your email client > will show the person's email address like normal > $headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; // sets > the mime type > $recipient = "webguync@xxxxxxxxx"; > > $subject = "Contact From $site_name - $subject"; // this is the > subject of the email > > $msg = wordwrap( $msg, 1024 ); Word-wrap for email at 1024 columns? Ugh. > mail($recipient, $subject, stripslashes($msg), $headers); // the > mail() function sends the message to you First off, mail() returns a value true/false to indicate whether its attempt to inject the email into the sending queue succeeded. It does NOT tell you if the email actually went out, but it at least tells you if it has any chance at all of going out "soon". Check the return value, and if it's FALSE, don't lie to the user and say that the email was sent, when you know from the get-go that it wasn't :-) Also, you REALLY are wide open to spammer email header injection attack here... If I POST data where $_POST['name'] consists of the data between the ASCII lines: ----------------------------------------------------- "PHP Spammer" <spam@xxxxxxxxxxx> Cc: victim1@xxxxxxxxxxx, victim2@xxxxxxxxxxx, victim3@xxxxxxxxxxx ----------------------------------------------------- Then I have just used YOUR form mail to send out my spam to you, and 3 victimes. Multiply that Cc: line by, oh, 1000 Cc: lines, and you see a problem, eh? A quick simple check that nobody's name, email, or subject has a newline in it will foil this. Do it. After that, there are several things that could go wrong. To diagnose them, try some or all of the following: 1. send email from the command line, and see if that works. 2. su to the User PHP runs as (User in httpd.conf for PHP Apache Module) and repeat test 1 3. Check if sendmail is even running and/or processing the mail queues. 3a. ps auxwwww | grep sendmail 3b. ls /var/spool/ Then ls /var/spool/XXX where XXX looks like any of: mail, sendmail, mqueue, clientmqueue, etc If you find a big honking list of all the email that never went out, then you probably don't have sendmail running. WARNING: A quick way at that point to bring your server to its knees is to fire up sendmail... It will then attempt to process all that backlog of email. If you just don't care about the old emails, blow them away before firing up sendmail. If you NEED those emails to go out, no matter how late, then consider figuring out how to throttle sendmail before you fire it up. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
