"Eric Butera" <eric.but...@gmail.com> wrote in message news:6a8639eb0901261509s1008e1b1j89c2a8f63669e...@mail.gmail.com... > On Mon, Jan 26, 2009 at 4:47 PM, Daniel Brown <danbr...@php.net> wrote: >> On Mon, Jan 26, 2009 at 16:34, Tom <obeli...@comcast.net> wrote: >>> >>> Shawn, >>> So would that look something like this: >>> <? >>> if ($_SERVER['REQUEST_METHOD'] == "POST") { >>> >>> // Just to be safe, I strip out HTML tags >>> $realname = strip_tags($realname); >>> $email = strip_tags($email); >>> $feedback = strip_tags($feedback); >>> >>> // set the variables >>> // replace $...@mysite.com with your email >>> $sendto = "$...@mysite.com"; >>> $subject = "Sending Email Feedback From My Website"; >>> $message = "$realname, $email\n\n$feedback"; >>> >>> // send the email >>> mail($sendto, $subject, $message); >>> >>> } >>> ?> >> >> For processing once it reaches the server, yes - almost exactly. >> A few recommended changes though: >> >> * Change <? to <?php for compatibility across servers with >> different PHP configurations. >> * Change your if() to if($_POST['realname']) >> * DO NOT rely on register_globals - it's insecure and will >> soon be phased-out of PHP. Instead, using your code: >> $realname = strip_tags($_POST['realname']); >> * Use explicit headers with mail(). For example: >> $headers = "From: y...@example.com\r\n"; >> $headers .= "X-Mailer: PHP/".phpversion()."\r\n"; >> mail($sendto,$subject,$message,$headers); >> * Do something (exit, header("Location: otherpage.html") >> redirect, etc.) so that the form doesn't reappear. >> >> Then, either include that code at the top of the file in which >> your HTML resides, or place it in it's own file (for example: >> formproc.php) and change your form tag to: >> <form method="POST" action="formproc.php" name="formName" >> id="formName"> >> >> >> NB: My original responses that this wasn't PHP-related was based >> on your original message, saying that your "submit button" wasn't >> working, and then including HTML and JavaScript code only. It didn't >> appear as though it had anything to do with PHP. Getting a good >> answer is best-achieved by asking a well-formed question. >> >> -- >> </Daniel P. Brown> >> daniel.br...@parasane.net || danbr...@php.net >> http://www.parasane.net/ || http://www.pilotpig.net/ >> Unadvertised dedicated server deals, too low to print - email me to find >> out! >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> > > Also make sure there aren't line returns or any nonsense like that in > the to & subjects. Look up email header injection. Your script might > become quite popular at advertising p3n1s pills otherwise. :)
Thanks I'll check it out. I tried including the above code but I still can't seem to get it to work. Must be missing something. Thanks, T -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
