the mail() function
Moderators: macek, egami, gesf
by pdubsuw » Sun Oct 09, 2011 7:29 am
I was to preface by stating I'm a novice when it comes to php scripting. I put together a mail form for my nephew's landscape business. It was working really well until recently. My email form is not secure and someone is running an injection attack. I've attached my code below. Can someone assist in helping me add validation to this form? I really appreciate the help!
- Code: Select all
<?php
require_once "Mail.php";
// get posted data into local variables
$EmailFrom = Trim(stripslashes($_POST['EmailFrom']));
$EmailTo = "genericemail@blah.com";
$Subject = "Haack Landscape Inquiry";
$Name = Trim(stripslashes($_POST['Name']));
$Phone = Trim(stripslashes($_POST['Phone']));
$LawnCare = Trim(stripslashes($_POST['LawnCare'])) ? 'yes' : 'no';
$Planting = Trim(stripslashes($_POST['Planting'])) ? 'yes' : 'no';
$BedCare = Trim(stripslashes($_POST['BedCare'])) ? 'yes' : 'no';
$Design = Trim(stripslashes($_POST['Design'])) ? 'yes' : 'no';
$Budget = Trim(stripslashes($_POST['Budget']));
$Discover = Trim(stripslashes($_POST['Discover']));
$Comments = Trim(stripslashes($_POST['Comments']));
$Host = "smtp.live.com";
$Username = "test@hotmail.com";
$Password = "password";
// prepare email body text
$Body = "";
$Body .= "Name: ";
$Body .= $Name;
$Body .= "\n";
$Body .= "Phone: ";
$Body .= $Phone;
$Body .= "\n";
$Body .= "Lawn Care & Maintenance: ";
$Body .= $LawnCare;
$Body .= "\n";
$Body .= "Planting & Lawn Installation: ";
$Body .= $Planting;
$Body .= "\n";
$Body .= "Perennial Plants & Bed Care: ";
$Body .= $BedCare;
$Body .= "\n";
$Body .= "Design Services: ";
$Body .= $Design;
$Body .= "\n";
$Body .= "Your Budget: ";
$Body .= $Budget;
$Body .= "\n";
$Body .= "How did you discover Haack Landscape?: ";
$Body .= $Discover;
$Body .= "\n";
$Body .= "Comments: ";
$Body .= $Comments;
$Headers = array ('From' => $EmailFrom,
'To' => $EmailTo,
'Subject' => $Subject);
$smtp = Mail::factory('smtp',
array ('host' => $Host,
'auth' => true,
'username' => $Username,
'password' => $Password));
$mail = $smtp->send($EmailTo, $Headers, $Body);
if (PEAR::isError($mail)) {
echo("<p>" . $mail->getMessage() . "</p>");
} else {
print "<meta http-equiv=\"refresh\" content=\"0;URL=ok.php\">";
}
?>
-
pdubsuw
- New php-forum User
-
- Posts: 1
- Joined: Sun Oct 09, 2011 7:19 am
Return to PHP coding => Mail
Who is online
Users browsing this forum: No registered users and 1 guest
