You are here: Re: Using SendMail in Forms w/PHP HTML « All PHP « IT news, forums, messages
Re: Using SendMail in Forms w/PHP HTML

Posted by Jerry Stuckle on 04/22/07 02:48

jcage@lycos.com wrote:
> Is there any tutorials online for sending email through forms? I can
> send an email as well as write to my MySQL database from home with the
> following code but not at work. I think there might be something I'm
> missing header-wise that keeps me from making this work on my work
> system. I'm using Apache 1.3, PHP 4.1 (best the IT guys could do
> though I'm using 5.x at home), and MySQL as the database. Thanks VERY
> much for any help or pointers to a good tutorial. I'm trying to
> provide an input form that writes to the database as well as emails
> the recipient letting them know there's been activity. Thanks, John
>
> My form PHP code is as follows:
>
> Input form 1:
> <html>
> <body>
> <form method="post" action="messaging2.php">
> <input type="hidden" name="id" value="NULL">
> <center>
> <table border="8">
> <tr>
> <td>Date:</td>
> <td align="left"><input type="text" name="date" size="14"
> maxlength="16" value="<? print strftime("%m/%d/%Y %H:%M"); ?>"></
> td>
> </tr>
> <tr>
> <td>Your Name:<font color=red>*</font></td><td align="left"><input
> type="text" name="name" size="14" maxlength="20" value=""></td>
> </tr>
> <tr>
> <td>Subject:<font color=red>*</font></td><td align="left"><input
> type="text" name="subject" size="14" maxlength="20" value=""></td>
> </tr>
> <tr>
> <td>Message For:<font color=red>*</font></td>
> <td><select name="to" style='width: 110px;'>
> <option value = ""></option>
> <option value ="joe@lycos.com">Joe</option>
> <option value ="randy@gmail.com">Randy</option>
> </td>
> </tr>
> <tr>
> <td nowrap>
> Message:<font color=red>*</font></div>
> </td>
> <td>
> <textarea type="text" name="text" cols="35" rows="5"></textarea>
> </tr>
> </td>
> <tr>
> <td colspan="2" align="center"><input type="submit" value="Enter"></
> td>
> </tr>
> </table>
> </form>
> </center><p>
> </body>
> </html>
>
> Input form 2:
> <html>
> <font color="#990099" size="+1"><span
> style="font-size:18"><p>
> <TABLE cellSpacing=0 cellPadding=10 width="95%"
> align=center border=8">
> <TBODY><TR><TD vAlign=top align=left><P><FONT
> face=arial color=bright white><b>
> <?php
> require_once('generic_connect.php');
> $DBName = "messages";
> $table = "messages_tbl";
>
> $id = $_POST['id'];
> $date = $_POST['date'];
> $name = $_POST['name'];
> $subject = $_POST['subject'];
> $to = $_POST['to'];
> $text = $_POST['text'];
>
> mysql_connect($DBhost,$DBuser,$DBpass) or die("Unable to connect
> to database"); // make connection to database
> mysql_select_db($DBName) or die("Unable to select database
> $DBName"); // select database
> $sqlquery = "INSERT INTO $table VALUES('$id', '$date', '$name',
> '$subject', '$to', '$text')";
> if ($results = mysql_query($sqlquery)) {
>
> $to = stripslashes($to)."\r\n";
> $subject = stripslashes($subject);
> $text = stripslashes($text);
> mail($to, $subject, $text, "From: admin@work.com");
> }
>
> mysql_close();
> print "<center><table border=\"0\" width=\"500\"><tr><td>";
> print "<p><font face=\"verdana\" size=\"+0\">
> <center>You Just Entered This Information into the
> Database<p><blockquote>";
> print "Date: $date<p>Your Name: $name<p>Message For:$to<p>Subject:
> $subject<p>Message:$text</blockquote></td></tr></table>
> </CENTER>
> </html>";
> ?>
>
> </FONT></CENTER></b>
> </H3></TD></TR></TBODY></TABLE>
> </html><p>
>
> portion of php.ini file that deals with mail configuration:
>
> [mail function]
> ; For Win32 only.
> SMTP = mail.work.com
> smtp_port = 25
>

You mean other than this is a spammer's dream. All I have to do is post
a form to your site with the 'to' field filled in (and others) and I
send email anywhere I want on your nickel.

Among other things - NEVER put the email address in you form - even as a
hidden field.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация