Simple php form help

Roeg1

Roeg1

Roeg1

Associate
Joined
2 Nov 2007
Posts
551
Hi guys, Im trying to make a simple php order form for my site.
I've followed a tutorial I found on google code below. The form is sending but coming to my email box titled ***SPAM*** with a user as <> and no content inside.

Can anyone have a look at my poor attempt at a form and let me no where im going wrong please?

form
Code: 
  <table width="400" border="0" align="center" cellpadding="3" cellspacing="1">
<tr>
<td><strong>Order Form </strong></td>
</tr>
</table>

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<td><form name="form1" method="post" action="send_10things.php">
<table width="400" border="0" cellspacing="1" cellpadding="3">
<tr>
<td width="16%">Name</td>
<td width="2%">:</td>
<td width="82%"><input name="subject" type="text" id="subject" size="47"></td>
</tr>
<tr>
<td>Address</td>
<td>:</td>
<td><textarea name="detail" cols="37" rows="4" id="detail"></textarea></td>
</tr>
<tr>
<td>Email</td>
<td>:</td>
<td><input name="name" type="text" id="name" size="47"></td>
</tr>
<tr>
<td>Tel:</td>
<td>:</td>
<td><input name="customer_mail" type="text" id="customer_mail" size="47"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td align="right"><input type="submit" name="Submit" value="Submit"> <input type="reset" name="Submit2" value="Reset"></td>
</tr>
</table>
</form>

send_10things.php
Code: 
<?php
// Contact subject
$subject ="$subject"; 
// Details
$message="$detail";

// Mail of sender
$mail_from="$customer_mail"; 
// From 
$header="from: $name <$mail_from>";

// Enter your email address
$to ='my email';

$send_contact=mail($to,$subject,$message,$header);

// Check, if message sent to your email 
// display message "We've recived your information"
if($send_contact){
echo "We've recived your contact information";
}
else {
echo "ERROR";
}
?>
 
Try adding $customer_mail = $_GET['customer_mail']; to your send_10things.php and change your form method to get instead of post.

It might work, it might not ;)
 
Cuchulain said:
Try adding $customer_mail = $_GET['customer_mail']; to your send_10things.php and change your form method to get instead of post.

It might work, it might not ;)
Click to expand...

what line do I add it to and what do i replace it with if anything ?:confused:
Sorry never created any real php before
 
Well if that's all of the php from the file then at no point do you actually retrieve the information that you sent to 'send_10things.php' with the post method. That would explain why all your fields are blank and is also likely to be why your spam filter is labelling it. You need to include a line like:

Code: 
$name = isset($_POST['name']) ? trim($_POST['name']) : "";
That will fill $name with the contents of the name field that you sent.
 
Last edited:
Yup that's the problem then. The form html there is sending the information to your php page, but you're not actually retrieving it at the other end.
 
Without checking it (and it's a very quick job, as I'm just going home) ... this should work:

Code: 
<?php
    $subject = isset($_POST['subject']) ? trim($_POST['subject']) : "";
    $detail = isset($_POST['detail']) ? trim($_POST['detail']) : "";
    $name = isset($_POST['name']) ? trim($_POST['name']) : "";
    $customer_mail = isset($_POST['customer_mail']) ? trim($_POST['customer_mail']) : "";
    
    $header = "From: ".$name." <".$customer_mail.">";

    $to = "[email protected]";

    if(mail($to,$subject,$detail,$header)) {
        echo "We've recived your contact information";
    }
    else
    {
        echo "ERROR";
    }
?>
I feel obliged to point out that that code is extremely vulnerable to header injection, and a variety of other things. If you use it 'as is' you'll be plagued by spambots within a matter of hours.
 
Last edited:
@ A.N.Other tried the code you supplied me last night, I'm not sure if you gave me the correct code IF even if I put the code in the right place, any chance if you get time today you'd be kind enough to help me ?

You also mention my code is extremely vulnerable to header injections(not that I'm aware what these are) how would one go about closing that issue ?
 
You must log in or register to reply here.
Back
Top Bottom