RE: Having trouble with a form to mail script.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





----------------------------------------
> From: daneane@xxxxxxxxxxxxx
> To: nadsab1@xxxxxxxx
> Subject: Re:  Having trouble with a form to mail script.
> Date: Sat, 21 Mar 2009 09:43:25 -0700
>
>
> On Mar 21, 2009, at 3:47 AM, Linda Stark wrote:
>>>>
>> $email = $_REQUEST['email'] ;
>>
>> $message = $_REQUEST['message'] ;
>>
>> mail( "help@xxxxxxxxxxxx", "Feedback Form Results",
>>
>> $message, "From: $email" );
>>
>> header( "Location: http://www.mydomain.com/thankyou.html";
>> );
>>
>> ?>
>> The email is
>> received, but with a blank return email address and an empty
>> message. None of
>> the comments or form values get through - just a blank email sent to
>> my
>> address. Can anyone point me in the right direction – what am I
>> doing wrong?
>
> The PHP code above is only looking for values named "email" and
> "message". Your new form has values with many more different names.
> So you'll need to update your code in incorporate them. For example,
> one of your new forms values is "emailAddress", so your php code will
> need something like:
>
> $email_address = $REQUEST['emailAddress'];
>
> A second problem is that the code above is only sending back the
> contents of "message". But you will need to send back more. So you
> may want to create a variable called "$contents", which includes all
> the new fields on your longer form. Something like:
>
> $content = "Message: $message
";
> $content .= "Email: $emailAddress"
;
>
> Then update:
>
> mail( "help@xxxxxxxxxxxx", "Feedback Form Results", $message, "From:
> $email" );
>
> with:
>
> mail( "help@xxxxxxxxxxxx", "Feedback Form Results", $content, "From:
> $email" );
>
> But keep in mind, this is a very simple form, and does not account for
> many security measures and corrections. This will only mail you
> whatever the person initially inputs. It does not check for things
> like whether an email address was entered and it is wide open for spam.
>
> If you are doing the form yourself in order to study PHP, you may want
> to do some google searches on creating a secure web form. If you are
> building the form in order to get a quick working form, you may want
> to look into using a pre-made script with more advanced functionality.





Thanks so much for all your helpful advice yesterday and
today,

I read every response and I'm working on the script with
your suggestions.

Actually I bought a couple of php books too.

 

Actually DG, I'm glad you brought up the security issue,
because

yesterday I researched some pre made mail form scripts, I
was wondering

what you guys thought about the PHPMailer-FE from 

http://phpmailer.codeworxtech.com/index.php?pg=phpmailerfe

 

I'm think for now I should use a pre made and secure script
while I learn 

php and then maybe some time in the future I'll write my own
when I feel 

Confident.

 

The site claims it is a secure and regularly updated script,
do you guys agree?

 

Apparently in 2007 there was a security vulnerability in the
script and they went a long time without patching it…

 

Another point - I bought the book – “The Essential Guide to
Dreamweaver CS4 with CSS, Ajax, and PHP” by Powers and in it the author claims
that if you want to accept html mail, 
use this script, but he does not recommend
it because when browsers are configured to not accept html mail there should
also be a text alternative anyway.

 

He goes through a good tutorial on how to create a form mail
script for text only and includes the code snippets and claims it is a secure
script.  

 

What do you think would be better?  Use his code from his book?  Or use PHPMailer-FE?  Or would you recommend a different script
than that that accepts only non html mail?

 

I was also looking at the forms-to-go code generator which
is a drag and drop 
application which you can drop your form into and it creates
your php – does that application write secure code, or am I better off staying
away from it and going with a well written secure script?

 

I don't really care about file and photo uploads right now,
as long as I can get a basic email via the web form that’s all I need for
now...



_________________________________________________________________
Express your personality in color! Preview and select themes for Hotmail®.
http://www.windowslive-hotmail.com/LearnMore/personalize.aspx?ocid=TXT_MSGTX_WL_HM_express_032009#colortheme
-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux