Hi Ian,<div><br></div><div>I don't mind writing a little PHP script if it helps - shall I send to your aol account? I'll do this in the next day or so and you can ask any questions that you may have.<br><br><div class="gmail_quote">
On Tue, Oct 13, 2009 at 8:13 PM, David Goodwin <span dir="ltr"><<a href="mailto:david@codepoets.co.uk">david@codepoets.co.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Hi Ian,<br>
<div class="im"><br>
> // get posted data into local variables<br>
</div>> $EmailFrom = "_idvaughan@aol.com_ (mailto:<a href="mailto:idvaughan@aol.com">idvaughan@aol.com</a>) ";<br>
> $EmailTo = "_idvaughan@aol.com_ (mailto:<a href="mailto:idvaughan@aol.com">idvaughan@aol.com</a>) ";<br>
<div class="im">> $Subject = "Enquiry";<br>
> $Name = Trim(stripslashes($_POST['Name']));<br>
> $Tel = Trim(stripslashes($_POST['Tel']));<br>
> $email = Trim(stripslashes($_POST['email']));<br>
> $message = Trim(stripslashes($_POST['message']));<br>
><br>
<br>
</div>The stripslashes and trims are unnecessary. Unless you have<br>
magic_quotes turned on, in which case you might find the generated<br>
email gets filled with \'<br>
<br>
You'd be best off performing some sort of regular expression match -<br>
or using the filter extension ...<br>
<br>
$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);<br>
if(!$email) {<br>
// invalid email address<br>
}<br>
(Requires PHP5, I think my syntax/usage is correct, but I've not<br>
checked it)<br>
<div class="im"><br>
> // validation<br>
> //$validationOK=true;<br>
> //if (Trim($Name)=="") $validationOK=false;<br>
> //if (Trim($email)=="") $validationOK=false;<br>
> //if (Trim($message)=="") $validationOK=false;<br>
> //if (!$validationOK) {<br>
> // print "<meta http-equiv=\"refresh\"<br>
> content=\"0;URL=contactus1.html\">";<br>
> // exit;<br>
> //}<br>
><br>
<br>
</div>I prefer :<br>
<br>
header('Location: ' . $url);<br>
exit(0);<br>
<br>
- instead.<br>
<div class="im"><br>
> // prepare email body text<br>
> $Body = "";<br>
> $Body .= "Name: ";<br>
> $Body .= $Name;<br>
> $Body .= "\n";<br>
> $Body .= "Tel: ";<br>
> $Body .= $Tel;<br>
> $Body .= "\n";<br>
> $Body .= "email: ";<br>
> $Body .= $email;<br>
> $Body .= "\n";<br>
> $Body .= "message: ";<br>
> $Body .= $message;<br>
> $Body .= "\n";<br>
><br>
> // send email<br>
> $success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>");<br>
<br>
<br>
</div>If you're using an 'old' version of php this may be vulnerable to mail<br>
header injection, before 5.2.3 (I think)<br>
As a rule try to avoid calling the mail() function directly and<br>
instead use one of hte many higher level APIs - like for instance<br>
PEAR_Mail, Zend_Mail, SwiftMailer etc etc<br>
<br>
<br>
thanks<br>
David.<br>
<font color="#888888"><br>
--<br>
David Goodwin<br>
<br>
[ david at codepoets dot co dot uk ]<br>
[ <a href="http://www.codepoets.co.uk" target="_blank">http://www.codepoets.co.uk</a> ]<br>
</font><div><div></div><div class="h5"><br>
_______________________________________________<br>
Phpwm mailing list<br>
Website : <a href="http://www.phpwm.org" target="_blank">http://www.phpwm.org</a><br>
Twitter : <a href="http://www.twitter.com/phpwm" target="_blank">http://www.twitter.com/phpwm</a><br>
Facebook: <a href="http://www.facebook.com/group.php?gid=2361609907" target="_blank">http://www.facebook.com/group.php?gid=2361609907</a><br>
<br>
Post to list: <a href="mailto:Phpwm@mailman.lug.org.uk">Phpwm@mailman.lug.org.uk</a><br>
Archive etc : <a href="https://mailman.lug.org.uk/mailman/listinfo/phpwm" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/phpwm</a><br>
</div></div></blockquote></div><br></div>