Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End Message variable not making it to email

  • This topic is empty.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #157306
    Ricardo C.
    Participant

    I have a contact form that send the data to my email. The name and email are being sent, but the message variable isn’t. Could some one checkout? It seems to be correct but I might be over looking something. Here is the form code:

    Here is the Form code: <form name="mailform" id="mailform" method="post" enctype="multipart/form-data">
    <input type="text" name="name" id="name" placeholder="Full Name" required class="animated">
    <input type="email" name="email" id="email" placeholder="Email address" required class="animate0">
    <textarea name="message" id="textarea" placeholder="Message" rows="5" required class="animated"></textarea>
    <input id="sendme"type="button" value="SEND" class="submit animate0" onClick="ValiDate()">
    </form>

    Here is the PHP code:
    `
    header(‘Access-Control-Allow-Origin: *’);
    $errors = ”;
    $myemail = ’[email protected]’;

    $name = $_POST[‘name’];
    $email = $_POST[’email’];
    $message = $_POST[‘message’];
    $to = $myemail;

    $email_subject = “Kookie email: $name”;

    $email_body = “You have received a new message. “.

    “Here are the details:\n Name: $name \n “.

    “Email: $email\n Message: \n$message”;

    $headers = “From: $myemail\n”;

    $headers .= “Reply-To: $email”;

    mail($to,$email_subject,$email_body,$headers);

    `

    #157309
    __
    Participant

    Your PHP code didn’t show up. The forums here are not the best place to share bigger chunks of code; I would suggest using pastebin or making a gist on github, and then simply providing a link here.

    -=-=-=-=-= Edit

    There it is.

    Have you tried var_dumping the $message variable to make sure it contains what you expect?

    p.s. Your script is vulnerable to email header injection. You should validate the email address submitted by the user:

    <?php
    $email = filter_var( $_POST['email'],FILTER_VALIDATE_EMAIL );
    

    Otherwise, a malicious user could include a whole list of headers and use your script as a spam server.

Viewing 2 posts - 1 through 2 (of 2 total)
  • The forum ‘Back End’ is closed to new topics and replies.