Board index   FAQ   Search  
Register  Login
Board index php forum :: php coding PHP coding => Mail

Adding validation and error checking

the mail() function

Moderators: macek, egami, gesf

Adding validation and error checking

Postby pdubsuw » Sun Oct 09, 2011 7:29 am

I was to preface by stating I'm a novice when it comes to php scripting. I put together a mail form for my nephew's landscape business. It was working really well until recently. My email form is not secure and someone is running an injection attack. I've attached my code below. Can someone assist in helping me add validation to this form? I really appreciate the help!

Code: Select all
<?php

require_once "Mail.php";

// get posted data into local variables
$EmailFrom = Trim(stripslashes($_POST['EmailFrom']));
$EmailTo = "genericemail@blah.com";
$Subject = "Haack Landscape Inquiry";
$Name = Trim(stripslashes($_POST['Name']));
$Phone = Trim(stripslashes($_POST['Phone']));
$LawnCare = Trim(stripslashes($_POST['LawnCare'])) ? 'yes' : 'no';
$Planting = Trim(stripslashes($_POST['Planting'])) ? 'yes' : 'no';
$BedCare = Trim(stripslashes($_POST['BedCare'])) ? 'yes' : 'no';
$Design = Trim(stripslashes($_POST['Design'])) ? 'yes' : 'no';
$Budget = Trim(stripslashes($_POST['Budget']));
$Discover = Trim(stripslashes($_POST['Discover']));
$Comments = Trim(stripslashes($_POST['Comments']));

$Host = "smtp.live.com";
$Username = "test@hotmail.com";
$Password = "password";

// prepare email body text
$Body = "";
$Body .= "Name: ";
$Body .= $Name;
$Body .= "\n";
$Body .= "Phone: ";
$Body .= $Phone;
$Body .= "\n";
$Body .= "Lawn Care & Maintenance: ";
$Body .= $LawnCare;
$Body .= "\n";
$Body .= "Planting & Lawn Installation: ";
$Body .= $Planting;
$Body .= "\n";
$Body .= "Perennial Plants & Bed Care: ";
$Body .= $BedCare;
$Body .= "\n";
$Body .= "Design Services: ";
$Body .= $Design;
$Body .= "\n";
$Body .= "Your Budget: ";
$Body .= $Budget;
$Body .= "\n";
$Body .= "How did you discover Haack Landscape?: ";
$Body .= $Discover;
$Body .= "\n";
$Body .= "Comments: ";
$Body .= $Comments;

$Headers = array ('From' => $EmailFrom,
  'To' => $EmailTo,
  'Subject' => $Subject);

$smtp = Mail::factory('smtp',
  array ('host' => $Host,
    'auth' => true,
    'username' => $Username,
    'password' => $Password));

$mail = $smtp->send($EmailTo, $Headers, $Body);

if (PEAR::isError($mail)) {
  echo("<p>" . $mail->getMessage() . "</p>");
 } else {
  print "<meta http-equiv=\"refresh\" content=\"0;URL=ok.php\">";
 }
?>
pdubsuw
New php-forum User
New php-forum User
 
Posts: 1
Joined: Sun Oct 09, 2011 7:19 am

Return to PHP coding => Mail

Who is online

Users browsing this forum: Bing [Bot] and 1 guest

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.

cron