Jump to content

Help needed with php code asap please


Banno

Recommended Posts

im trying to get this request form to send the info from the form to my email address but i cant the code from the send php file is here:

 

the email address in the <?php

$to = "plasterservices@hotmail.co.uk"; is mine

 

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"

"http://www.w3.org/TR/html4/loose.dtd">

<html lang="en">

<head>

<meta http-equiv="Pragma" content="no-cache">

<meta http-equiv="Revisit-After" content="5 Days">

<meta http-equiv="content-type" content="text/html; charset=utf-8">

<title>Thank you for contacting us</title>

</head>

<body bgcolor="#FFFFFF" text="#000000" link="#0000FF" alink="#0000FF" vlink="#0000FF">

<h1>Thank you for contacting us</h1>

 

<!-- your html -->

 

<?php

$to = "plasterservices@hotmail.co.uk";

$name = $_POST['name'];

$email = $_POST['email'];

$subject = $_POST['subject'];

$msg = $_POST['msg'];

$d = date('l dS \of F Y h:i:s A');

$sub = "form to mail";

$headers = "From: $name <$email>\n";

$headers .= "Content-Type: text/plain; charset=iso-8859-1\n";

$mes = "Subject: ".$subject."\n";

$mes .= "Message: ".$msg."\n";

$mes .= "Name: ".$name."\n";

$mes .= 'Email: '.$email."\n";

$mes .= 'Date & Time: '.$d;

 

if (empty($name) || empty($email) || empty($subject) || empty($msg))

{

echo " <h3>Sorry all fields are required.</h3>";

}

elseif(!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {

print " <h3>Sorry the email address you entered looks like it's invalid.</h3>";

}

else

{

mail($to, $sub, $mes, $headers);

print " <h3><center>Thank you ".$name." for contacting us.<br>We will get back to you as soon as posiable</center></h3>";

}

?>

 

<!-- your html -->

 

</body>

</html>

Link to comment
Share on other sites

well, there's no form in it for a start... :) replace <!-- your html --> with a form containing name, email, subject and message. Something like:

 

<form method="post">
Name: <input type="text" name="name" />
Email: <input type="text" name="email" />
... etc
</form>

 

also, its got a huge xss hole.

 

Thank you ".$name." for contacting us.

 

should be:

 

Thank you ".htmlentities($name)." for contacting us.

 

in order to clean up anything that anyone may put in $name.

Link to comment
Share on other sites

Your regex looks wrong to me.

 

1) It doesn't allow an apostraphe or other sybolic characters which are allowed before the @

2) I don't understand why you have separated the username into this regex:-

[_a-z0-9-]+(\.[_a-z0-9-]+)*

 

I think the regex was probably written for matching a certain subset of email addresses, and is not meant as a general email address regex.

 

Although I admit, finding a does all email validation regex is one of those debates that could just go on and on.

Link to comment
Share on other sites

hi not sure what you guys were on about with the code as im not much into wed design but it all seems to be working correctly now so i assume there to be no problem so if it hasn't sorted it im sure you will be able to help as and when

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.