Skip navigation
Currently Being Moderated

Emailing for a request form

Jul 6, 2012 11:41 AM

Tags: #php #email #form #headers

I hired someone to create a request form for a company's website. He did that. And then, as of January the company's email service changed their security to stop spammers, spoofers and other malfeasance. And what then happened is that several people stopped getting email requests from the company's website for service, sales or support.

 

The form is here: http://alertscientific.com/contact.php

 

Here is what I have that checks to see if everything is filled out properly (it's a file called function.php and it's called by the main script):

 

<?php

function checkinfo(&$pst)

{

          $states = explode("|","AK|AL|AR|AZ|CA|CO|CT|DC|DE|FL|GA|HI|IA|ID|IL|IN|KS|KY|LA |MA|MD|ME|MI|MN|MO|MS|MT|NC|ND|NE|NH|NJ|NM|NV|NY|OH|OK|OR|PA|RI|SC|SD| TN|TX|UT|VA|VT|WA|WI|WV|WY");

 

 

          $err = "";

          foreach($pst as $key => $val)

          {

                    if(!empty($_POST[$key]))

                    {

                              switch($key)

                              {

                                        case "dob":

                                                  if(!strtotime($_POST[$key]))

                                                  {

                                                            $err .= $pst[$key]." ".$_POST[$key]." is not a valid date.\r<br />";

                                                  }

                                                  break;

                                        case "phone":

                                                  $temp = $_POST[$key];

                                                  if(substr($temp, 3, 1) != "-")

                                                  {

                                                            $temp = substr($temp, 0, 3)."-".substr($temp, 3, strlen($temp)-3);

                                                  }

                                                  if(substr($temp, 7, 1) != "-")

                                                  {

                                                            $temp = substr($temp, 0, 7)."-".substr($temp, 7, strlen($temp)-7);

                                                  }

                                                  if(!preg_match("/^([1]-)?[0-9]{3}-[0-9]{3}-[0-9]{4}$/i", $temp))

                                                  {

                                                            $err .= $pst[$key]." ".$_POST[$key]." is not a valid phone number.\r<br />";

                                                  }

                                                  break;

                                        case "state":

                                                  if(!in_array($_POST[$key], $states))

                                                  {

                                                            $err .= $pst[$key]." ".$_POST[$key]." is not a valid state. Please use your state's two character abreviation.\r<br />";

                                                  }

                                                  break;

                                        case "email":

                                                  if(!filter_var($_POST[$key], FILTER_VALIDATE_EMAIL))

                                                  {

                                                            $err .= $pst[$key]." ".$_POST[$key]." is not a valid email address.\r<br />";

                                                  }

                                                  break;

                                        case "zip":

                                                  $temp = str_replace("-","",$_POST[$key]);

                                                  if(!is_numeric($temp) || (strlen($temp) != 5 && strlen($temp) != 9)) {

                                                            $err .= $key." --- ".$pst[$key]." ".$_POST[$key]." is not a valid zip code.\r<br />";

                                                  }

 

                              }

                    } else {

                              $err .= $pst[$key]." is empty.\r<br />";

                    }

          }

          if($err != "")

          {

                    return "The following errors were found:\r\r<br />".$err;

          } else {

                    return $err;

          }

}

?>

 

That is not the problem.

 

Now, we come to the problem:

 

validate.php does all of the heavy lifting.

 

<?php

require_once("function.php");

$expected = array("name"=>"Name", "need"=>"need", "address1"=> "Address 1", "city"=>"City", "state"=>"State", "zip"=>"Zip", "email"=>"Email", "phone"=>"Phone" );

$options = array("name"=>"Name", "title"=>"Title", "company"=>"Company", "need"=>"need", "address1"=>"Address 1",  "address2"=>"Address 2", "city"=>"City", "state"=>"State", "zip"=>"Zip", "email"=>"Email", "phone"=>"Phone", "httpagent"=>"Browser info: ", "httpref"=>"Referrer", "ip"=>"Ip address");

$needs = array("service"=>" service.", "sales"=>" a salesperson contact you.", "literature"=>" literature be sent to you.");

$wants = array("service"=>" service.", "sales"=>" to be contacted by a salesperson.", "literature"=>" that literature be sent.");

$errors = checkinfo($expected);

 

 

 

$serv_two = "service-request@company.com";

$lit_one = "literature-request@company.com";

$sales_two = "sales-request@company.com";

 

 

if($errors == "") {

          $replace = array("PHPNAME", "PHPNEED", "PHPIPADDRESS");

          $with = array($_POST['name'], $needs[$_POST['need']], $_POST['ip']);

          $output = file_get_contents("sendail.html");

          $output = str_replace($replace,$with, $output);

          $message = $_POST['name']." has requested".$wants[$_POST['need']]."\r";

          foreach($options as $key => $val) {

                    $message .= $val.": ".$_POST[$key]."\r";

          }

    $headers =  'From: donotreply@alertscientific.com' ."\r\n" .'Reply-To: donotreply@alertscientific.com'. "\r\n" .'X-Mailer: PHP/' . phpversion();

 

          switch($_POST['need']) {

                    case "service":

                              $subj = "Service request";

//*

                              mail($serv_one, $subj, $message, $headers);

                              mail($serv_two, $subj, $message, $headers);

//*/

                              break;

 

 

                    case "sales":

                              $subj = "Sales request";

//*

                              mail($sales_one, $subj, $message, $headers);

                              mail($sales_two, $subj, $message, $headers);

//*/

                              break;

                    case "literature":

                              $subj = "Literature request";

//*

                              mail($lit_one, $subj, $message, $headers);

                              mail($lit_two, $subj, $message, $headers);

//*/

                              break;

          }

          echo $output;

} else {

          echo "Errors:<br />".$errors;

          echo "Please click the back button and update your choices.<br />";

}

/*

echo "Validating...";

print_r($_POST);

//*/

?>

 

 

At issue here are the headers (shown in red). The incoming email server is blocking stuff from my website because my website is not the email server. And so no email is received, it is assumed to be spam.

 

How do I tease the actual sender's email out of the array  of stuff and place it into the headers?

 

Thanks!

 
Replies
  • Currently Being Moderated
    Jul 6, 2012 3:48 PM   in reply to mhollis55

    Usually, it's not the From and Reply-to headers that cause emails to be rejected, but the inability of the sending mail transport agent to identify the authenticity of the email origin.

     

    The mail() function accepts a fifth argument as a security measure. It usually takes the format of -f immediately followed by the authorized account's email address.

     

    mail($serv_one, $subj, $message, $headers, '-fauthorized_sender@example.com');
    
     
    |
    Mark as:

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points