Newbie
Hello friends please can any one help me how where mail() validation put in this code for short form.
Code here:-
PHP Code:
Code:<?php
if (isset($_REQUEST['email']))
//if "email" is filled out, send email
{
//send email
$email = $_REQUEST['email'] ;
$subject = $_REQUEST['subject'] ;
$message = $_REQUEST['message'] ;
mail("info@yoursitesite.com", "$subject",
$message, "From: $email" );
echo "Thank you for using our mail form";
}
else
//if "email" is not filled out, display the form
{
echo "<form method='post' action='inquiry.php'>
Email: <input name='email' type='text' /><br />
Subject: <input name='subject' type='text' /><br />
Message:<br />
<textarea name='message' rows='15' cols='40'>
</textarea><br />
<input type='submit' />
</form>";
}
?>
Last edited by Jaan; 03-22-2010 at 04:04 AM. Reason: Please use code tags when you are posting your codes!
Newbie
Hi here is one of my contact from scripts hope it helps if you not using includes files to your html/css files in you will need to replace them with your raw html page code
Code:<?php
session_start();
require('../system/config.php');
$title = 'Contact Me';
// email validation function
function email_valid($email) {
if (eregi("^[a-z0-9._-]+@[a-z0-9._-]+.[a-z]{2,6}$", $email)) {
return TRUE;
} else {
return FALSE;
}
}
if(isset($_POST['send']))
{
$error = '';
$thankyou= '';
$to ='username@domain.com';
$subject ='Contact Me';
$email = $_REQUEST['email'];
$name = $_REQUEST['name'];
$message = $_REQUEST['message'];
$headers ='From;$email';
$sent = ($to. $subject. $name. $message. $headers);
//echo $message; //message box contents
// Validations
if(!email_valid($email)) {
$error = ' That email is invalid';
}
else if($name =='') {
$error = ' Please enter your name';
}
else if($message =='') {
$error = ' Please enter a message';
}
if(empty($error)) {
if($sent) {
$thankyou ='Thank you your message has been sent';
}
else {
$error ='Sorry due to an error your email was not sent';
}
}//error
}//isset
include($path.'./includes/header.php');
$email ='';
$name ='';
$message ='';
?>
<form method="post" action="">
<input type = "hidden" name = "true">
<?php if(!empty($error)) { echo '<p class="error">'.$error.'</p>'; } ?>
<?php if(!empty($thankyou)) { echo '<p class="thankyou">'.$thankyou.'</p>'; } ?>
<p class ="p4">Email: <input type="text" name="email" value="<?php echo htmlentities ($email); ?>"/></p>
<p class ="p4">Name: <input type="text" name="name" value="<?php echo htmlentities ($name); ?>"/></p>
<p class ="p4">Message: </p>
<textarea name="message" rows ="10" cols ="80" value="<?php echo htmlentities ($message); ?>" ></textarea><br />
<input type="submit" name = "send" value="Submit Message"/>
</form>
<?php
include($path.'./includes/footer.php');
?>
Last edited by Jaan; 03-26-2010 at 09:13 AM. Reason: Please use code tags when you are posting your codes!
Newbie
Thanks for Reply
spam sig removed
Programmer
I would recommend you read this, Email Injection | damonkohler, the code above has no email injection prevention. Someone could turn your server into a spambox very easily. Also, from a security standpoint, $_REQUEST should never be used.
"Life would be so much easier if we only had the source code."
Newbie
Thanks for alert meOriginally Posted by SoN9ne
spam sig removed
Oh well, as long as you know what you are doing, there is no problem using $_REQUEST. it's not as you get it to sound, a tremendeous hazard just using it in all cases.
Of course you shall be precautions of using such a combined variable, but it has it's value as well as many other parts of PHP. It's content needs to be treated as insecure, but really, that's how you need to treat $_POST, $_GET and $_COOKIE as usual.
I found a nice text explaining why $_REQUEST has a problem, so read for example Why PHP’s $_REQUEST is dangerous - Devlog and see what the problem really is, and how you can avoid the problem.
__________________________________________
I study Information Systems at Karlstad University when I'm not on CodeCall
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Bookmarks