What's wrong with my mailer.php?

Messiah Khan

Messiah Khan

Messiah Khan

Soldato
Joined
1 Sep 2005
Posts
10,001
Location
Scottish Highlands
Apparently the mailer.php on my website isn't working. Any ideas why?

Mailer.php;
PHP: 
<?php 
if(isset($_POST['submit'])) { 
$to = "[email protected]"; 
$subject = "Website Contact"; 
$name_field = $_POST['name']; 
$email_field = $_POST['email']; 
$message = $_POST['message']; 
  
$body = "From: $name_field\n E-Mail: $email_field\n Message:\n $message"; 
  
echo "Message has been submitted to $to!"; 
mail($to, $subject, $body);
} else { 
echo "error: no data sent!";
} 
?>

Contact.html;
Code: 
<p>
If you have any questions regarding my images, purchasing images, my site, or simply wish to send me a message, then please send me an email via the form below.
</p>
		
<br />
		
<div class="contact">		
<form method="post" action="mailer.php" />
Name: <input id="name" type="text" class="inputbox" />
E-mail:<input id="email" type="text"  class="inputbox" />
<br />

Message<br />
<textarea class="textarea" id="message" cols="1" rows="1"></textarea>
<br />
</div>

<div style="text-align: right;">
Enter the code shown in the image:<br />
<input  class="inputboxsmall" type="text" 	name="protectwebformcode" value="" /><img src="http://protectwebform.com/image/22356/" alt="protectwebform" width="35px" height="20px" />
<input class="select" type="submit" value="Add" />
</div>

Page in question is;
http://www.afowler.co.uk/contact.php

Im sure it used to work :/
 
try it with this at the top of your script, should provide more info

PHP: 
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);
 
Does your add button have an ID of submit. How will POST pick it up anyway, its not even getting past the isset if statement when I went onto the site.
 
You could try adapting this to fit your form, it's the basic template I use to send my messages on:
PHP: 
<?PHP
$to = "[email protected]"; 
$subject = "Contact from Website";
$name = $_REQUEST['name'] ;
$email = $_REQUEST['email'] ; 
$message = $_REQUEST['message']; 
$headers = "From: $name <$email>"; 
$sent = mail($to, $subject, $message, $headers) ; 
if($sent) 
{print "
  <h2>Thank you $name</h2>
  <p>Your mail was sent successfully. You will be shortly redirected back.</p>
"; }
else 
{print "
  <h2>Oops, there has been an error</h2>
  <p>There was a problem sending your message, please try again.</p>
"; }
?>

...and the basic form template:
Code: 
<form id="contactform" method="post" action="send.php">
  <div>Name:</div> 
  <div><input name="name" type="text" id="name" /></div> 
  <div>Email:</div> 
  <div><input name="email" type="text" id="email" /></div> 
  <div>Message:</div> 
  <div><textarea name="message" id="message"></textarea></div> 
  <div><input type="submit" name="send" id="send" value="Send" /></div> 
</form>
 
Last edited:
could it be that the input button needed the _x and _y appending to the end of the name

ie $_POST['submit'] should be
$_POST['submit_x'] || $_POST['submit_y']

to avoid this I usually have a hidden input with value true in the form, then do

if($_POST['hiddeninput']) {
 
Thanks for the uggestions guys, but I have just stolen Jonny's script now. Im sure it used to work though, so no idea why it stopped. I must have deleted some code by accident. Right, now how do I get the mailer script to redirect to the contact page once its finished?
 
Messiah Khan said:
Thanks for the uggestions guys, but I have just stolen Jonny's script now. Im sure it used to work though, so no idea why it stopped. I must have deleted some code by accident. Right, now how do I get the mailer script to redirect to the contact page once its finished?
Click to expand...

PHP: 
<?PHP
$to = "[email protected]"; 
$subject = "Contact from Website";
$name = $_REQUEST['name'] ;
$email = $_REQUEST['email'] ; 
$message = $_REQUEST['message']; 
$headers = "From: $name <$email>"; 
$sent = mail($to, $subject, $message, $headers) ; 
if($sent) 
{
  header("Location:page.htm");
}
else 
{
  print "<h2>Oops, there has been an error</h2>
  <p>There was a problem sending your message, please try again.</p>"; 
}
?>
 
or if you want the sucess message to show then put the following in your mailer.php (somewhere at the bottom will be fine), change URL HERE to your page's address and 5000 = 5 seconds, adjust as required.

Code: 
<script type="text/javascript">
  t=setTimeout('redirect()',5000)
  function redirect()
  {window.location = "URL HERE"}
</script>
 
Watch out for header injection guys, and at least validate that input has been sent at all if you're not going to validate it for well-formedness.

Edit: oh, and you need a time limit as well or else your inbox is liable to being flooded by hundreds of thousands of emails and your hosting shut down for sending suspicious amounts of mail
 
Last edited:
Here's one that redirects, validates input, prevents header injection, and has a time limit (defaults to one email every 3 minutes). Just change the 3 values at the top and you should be good to go.

PHP: 
<?php

// CONFIG

// the address mail will be sent to:
$mail_to = '[email protected]';

// the url you want to redirect to
$redirect_to = 'http://foo.com/bar.php';

// time before the user can send another mail, in seconds
$time_limit = 180;

// END CONFIG

session_start();

function strip_mail_headers_single( $string ) {
    return preg_replace('/(%0A|%0D|\n+|\r+)/i', '', $string);
}

function strip_mail_headers_multi( $string ) {
    return preg_replace('/(%0A|%0D|\n+|\r+)(content-type:|to:|cc:|bcc:)/i', '', $string);
}

function is_valid_email( $string ) {
    return preg_match('^[\_]*([a-z0-9]+(\.|\_*)?)+@([a-z][a-z0-9\-]+(\.|\-*\.))+[a-z]{2,6}$', $string);
}

function send_mail($to, $from, $from_mail, $subject, $message) {
    if ( empty($from) || empty($from_mail) || empty($subject) || empty($message) ) {
        return -1;
    }

    if ( $_SESSION['last_mailed'] + $time_limit > time() )
        return -2;

    if ( !is_valid_email($from_mail) )
        return -3;

    $from = strip_mail_headers_single($from);
    $from_mail = strip_mail_headers_single($from_mail);
    $subject = strip_mail_headers_single($subject);
    $message = strip_mail_headers_multi($message);

    $_SESSION['last_mailed'] = time();

    return mail($to, $subject, $message, "From: $from <$from_mail>\r\n");
}

if ( !empty($_POST) ) {
    $result = send_mail($mail_to, $_POST['from'], $_POST['from_mail'], $_POST['subject'], $_POST['message']);

    if ( $result == -1 ) {
        echo "<p>Whoops! You need to complete all the fields.</p>";
    } elseif ( $result == -2 ) {
        echo "<p>Whoah, slow down there cowboy! You can only send one mail every three minutes.</p>";
    } elseif ( $result == -3 ) {
        echo "<p>Please enter a valid email address.</p>";
    } else {
        header('Location: ' . $redirect_to);
    }
}

?>

<form method="post" action="">

    <p><label for="from">Your name:</label></p>
    <p><input type="text" name="from" id="from" /></p>

    <p><label for="from_mail">Your email address:</label></p>
    <p><input type="text" name="from_mail" id="from_mail" /></p>

    <p><label for="subject">Subject:</label></p>
    <p><input type="text" name="subject" id="subject" /></p>

    <p><label for="message">Message:</label></p>
    <p><textarea name="message" id="message"></textarea></p>

    <p><input type="submit" value="Send Message" /></p>

</form>
 
Last edited:
robmiller said:
Here's one that redirects, validates input, prevents header injection, and has a time limit (defaults to one email every 3 minutes). Just change the 3 values at the top and you should be good to go.

<PHP CODE>
Click to expand...

Hi.

I tried this, but no matter what I do it tells me I am being too quick, I'd like to use this but can't get past that! What's happening there?
 
This should be changed.
PHP: 
    if ( $_SESSION['last_mailed'] + 180 < time() )
        return -2;
To this.
PHP: 
    if ( $_SESSION['last_mailed'] + $time_limit < time() )
        return -2;
 
You must log in or register to reply here.
Back
Top Bottom