it was working, now it's not

Ask about general coding issues or problems here.

Moderators: macek, egami, gesf

dhouston
New php-forum User
New php-forum User
Posts: 2
Joined: Thu Oct 11, 2012 4:27 pm

it was working, now it's not

Postby dhouston » Thu Oct 11, 2012 4:33 pm

is there a php programmer who's willing to look at my application?

It goes to an email where an autoreply message is generated. However, the email_it_from is not pulling the correct email address. Instead of it pulling the email address of the person sending the application, it's pulling a secure email address through my host which is godaddy.

It was working on October 3, now it's not. My application is located at www.crossroadstravel.org/application/application.php

seandisanti
php-forum Fan User
php-forum Fan User
Posts: 838
Joined: Mon Oct 01, 2012 12:32 pm

Re: it was working, now it's not

Postby seandisanti » Fri Oct 12, 2012 8:33 am

we can't see your php code by going to your site. you have to include it in your post (preferably surrounded by code tags) in order for us to be of any service beyond speculation.

dhouston
New php-forum User
New php-forum User
Posts: 2
Joined: Thu Oct 11, 2012 4:27 pm

Re: it was working, now it's not

Postby dhouston » Fri Oct 12, 2012 8:35 am

<?php
/*
Author
*/


// YOU DO NOT NEED TO CHANGE ANYTHING IN HERE //
include "_validation.php";
$server_validation = true;
include "_configuration.php";
include "_edcrypt.php";

// set-up redirect page
if($send_back_to_form == "yes") {
$redirect_to = $form_page_name."?done=1";
} else {
$redirect_to = $success_page;
}


// make sure we dont have any extra fields
foreach($_POST as $field_name => $field_value) {

if(!in_array($field_name,$fieldlist) && $field_name != "process_f" && $field_name != "answer_p" && $field_name != "enc") {
error_found("unexpected field found: $field_name",$failure_accept_message,$failure_page);
die();
}

}


$out = $reqobj->out();
$val = new validate($out, $_POST);
if($val->error) {
$er = $val->error_string;
error_found($er,$failure_accept_message,$failure_page);
die();
}


if(preg_match("/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i", $email_it_from) && !is_array($email_it_from)) {
$email_it_from= $_POST[$email_it_from];
}

// check for any hacking attempts
class clean {
function comments($message) {
$this->naughty = false;
$this->message = $message;
$bad = array("content-type","bcc:","to:","cc:","href");
$for = array("%0a", "%0d");


// check for HTML/Scripts
$length_was = strlen($this->message);
$this->message = strip_tags($this->message);
if(strlen($this->message) < $length_was) {
$this->naughty = true;
}
}
} // class


// function to handle errors
function error_found($mes,$failure_accept_message,$failure_page) {
if($failure_accept_message == "yes") {
// $qstring = "?prob=".urlencode(base64_encode($mes));
$qstring = "?prob=".urlencode(base64_encode($mes));
} else {
$qstring = "";
}
$error_page_url = $failure_page."".$qstring;
header("Location: $error_page_url");
die();
}










/* validate the encrypted strings */
$dec = false;
$valid = false;

$dec = valEncStr(trim($_POST['enc']), $mkMine);
if($dec == true) {
$valid = true;
} else {
$er = "Field data was incorrect.<br />$dec";
error_found($er,$failure_accept_message,$failure_page);
die();
}


// check the spam question has the correct answer
$ans_one = $_POST['answer_out'];
$fa = new encdec($set_a, $set_b);
$ans_two = $fa->decrypt($_POST['answer_p']);

if($ans_one === $ans_two) {
$valid = true;
} else {
// give a random response
$er = array('Your spam prevention answer was wrong.',
'Your spam prevention answer was not accepted.',
'Sorry but your spam prevention reply was wrong.',
'Your response to spam challenge question was incorrect.');
error_found($er[rand(0,3)],$failure_accept_message,$failure_page);
die();
}



if($valid) {
$email_message = "Please find below a message submitted on ".date("Y-m-d")." at ".date("H:i")."\n\n";

// loop through all form fields submitted
// ignore all fields used for security measures
foreach($_POST as $field_name => $field_value) {
if($field_name == "answer_out" || $field_name == "answer_p" || $field_name == "enc" || $field_name == "process" || $field_name == "process_f") {
// do not email these security details
} else {
// run all submitted content through string checker
// removing any dangerous code
if(is_array($field_value)) {
$this_val = '';
$fvac = count($field_value);
$fvaci=0;
foreach($field_value as $fva) {
$fvaci++;
$this_val .= $fva;
if($fvaci < $fvac) {
$this_val .= ", ";
}
}
} else {
$ms = new clean;
$ms->comments($field_value);
$is_naughty = $ms->naughty;
$this_val = $ms->message;
}
$email_message .= $field_name.": ".$this_val."\n\n";
}
}


$email_message .= "Senders IP Address: ".$_SERVER['REMOTE_ADDR']."\n\n";


if($is_naughty) {
if($accept_suspected_hack == "yes") {
// continue
} else {
// pretend the email was sent
header("Location: $redirect_to");
die();
}
$email_subject = $email_suspected_spam;
}


// create email headers
$headers = 'From: '.$email_it_from."\r\n" .
'Reply-To: '.$email_it_from."\r\n" .
'X-Mailer: PHP/' . phpversion();


if(is_array($email_it_to)) {
foreach($email_it_to as $email_it_to_element) {
@mail($email_it_to_element, $email_subject, $email_message, $headers);
}
} else {
@mail($email_it_to, $email_subject, $email_message, $headers);
}

// redirect
header("Location: $redirect_to");
die("<script>location.replace('$redirect_to')</script>");
}
?>

seandisanti
php-forum Fan User
php-forum Fan User
Posts: 838
Joined: Mon Oct 01, 2012 12:32 pm

Re: it was working, now it's not

Postby seandisanti » Fri Oct 12, 2012 8:53 am

Ok, i looked at the site, and the code provided, and i'm not seeing your issue. you have the sender's email saved in $_POST['email'] by looking at the html on your link. Are you trying to have your script actually send the email AS the person filling out the form? I don't think you can do that...


Return to “PHP coding => General”

Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 2 guests