2 Replies Latest reply: Jul 6, 2012 5:57 PM by mhollis55 RSS

    Emailing for a request form

    mhollis55 CommunityMVP

      I hired someone to create a request form for a company's website. He did that. And then, as of January the company's email service changed their security to stop spammers, spoofers and other malfeasance. And what then happened is that several people stopped getting email requests from the company's website for service, sales or support.

       

      The form is here: http://alertscientific.com/contact.php

       

      Here is what I have that checks to see if everything is filled out properly (it's a file called function.php and it's called by the main script):

       

      <?php

      function checkinfo(&$pst)

      {

                $states = explode("|","AK|AL|AR|AZ|CA|CO|CT|DC|DE|FL|GA|HI|IA|ID|IL|IN|KS|KY|LA|MA|MD|ME|MI|MN|MO|M S|MT|NC|ND|NE|NH|NJ|NM|NV|NY|OH|OK|OR|PA|RI|SC|SD|TN|TX|UT|VA|VT|WA|WI|WV|WY");

       

       

                $err = "";

                foreach($pst as $key => $val)

                {

                          if(!empty($_POST[$key]))

                          {

                                    switch($key)

                                    {

                                              case "dob":

                                                        if(!strtotime($_POST[$key]))

                                                        {

                                                                  $err .= $pst[$key]." ".$_POST[$key]." is not a valid date.\r<br />";

                                                        }

                                                        break;

                                              case "phone":

                                                        $temp = $_POST[$key];

                                                        if(substr($temp, 3, 1) != "-")

                                                        {

                                                                  $temp = substr($temp, 0, 3)."-".substr($temp, 3, strlen($temp)-3);

                                                        }

                                                        if(substr($temp, 7, 1) != "-")

                                                        {

                                                                  $temp = substr($temp, 0, 7)."-".substr($temp, 7, strlen($temp)-7);

                                                        }

                                                        if(!preg_match("/^([1]-)?[0-9]{3}-[0-9]{3}-[0-9]{4}$/i", $temp))

                                                        {

                                                                  $err .= $pst[$key]." ".$_POST[$key]." is not a valid phone number.\r<br />";

                                                        }

                                                        break;

                                              case "state":

                                                        if(!in_array($_POST[$key], $states))

                                                        {

                                                                  $err .= $pst[$key]." ".$_POST[$key]." is not a valid state. Please use your state's two character abreviation.\r<br />";

                                                        }

                                                        break;

                                              case "email":

                                                        if(!filter_var($_POST[$key], FILTER_VALIDATE_EMAIL))

                                                        {

                                                                  $err .= $pst[$key]." ".$_POST[$key]." is not a valid email address.\r<br />";

                                                        }

                                                        break;

                                              case "zip":

                                                        $temp = str_replace("-","",$_POST[$key]);

                                                        if(!is_numeric($temp) || (strlen($temp) != 5 && strlen($temp) != 9)) {

                                                                  $err .= $key." --- ".$pst[$key]." ".$_POST[$key]." is not a valid zip code.\r<br />";

                                                        }

       

                                    }

                          } else {

                                    $err .= $pst[$key]." is empty.\r<br />";

                          }

                }

                if($err != "")

                {

                          return "The following errors were found:\r\r<br />".$err;

                } else {

                          return $err;

                }

      }

      ?>

       

      That is not the problem.

       

      Now, we come to the problem:

       

      validate.php does all of the heavy lifting.

       

      <?php

      require_once("function.php");

      $expected = array("name"=>"Name", "need"=>"need", "address1"=> "Address 1", "city"=>"City", "state"=>"State", "zip"=>"Zip", "email"=>"Email", "phone"=>"Phone" );

      $options = array("name"=>"Name", "title"=>"Title", "company"=>"Company", "need"=>"need", "address1"=>"Address 1",  "address2"=>"Address 2", "city"=>"City", "state"=>"State", "zip"=>"Zip", "email"=>"Email", "phone"=>"Phone", "httpagent"=>"Browser info: ", "httpref"=>"Referrer", "ip"=>"Ip address");

      $needs = array("service"=>" service.", "sales"=>" a salesperson contact you.", "literature"=>" literature be sent to you.");

      $wants = array("service"=>" service.", "sales"=>" to be contacted by a salesperson.", "literature"=>" that literature be sent.");

      $errors = checkinfo($expected);

       

       

       

      $serv_two = "service-request@company.com";

      $lit_one = "literature-request@company.com";

      $sales_two = "sales-request@company.com";

       

       

      if($errors == "") {

                $replace = array("PHPNAME", "PHPNEED", "PHPIPADDRESS");

                $with = array($_POST['name'], $needs[$_POST['need']], $_POST['ip']);

                $output = file_get_contents("sendail.html");

                $output = str_replace($replace,$with, $output);

                $message = $_POST['name']." has requested".$wants[$_POST['need']]."\r";

                foreach($options as $key => $val) {

                          $message .= $val.": ".$_POST[$key]."\r";

                }

          $headers =  'From: donotreply@alertscientific.com' ."\r\n" .'Reply-To: donotreply@alertscientific.com'. "\r\n" .'X-Mailer: PHP/' . phpversion();

       

                switch($_POST['need']) {

                          case "service":

                                    $subj = "Service request";

      //*

                                    mail($serv_one, $subj, $message, $headers);

                                    mail($serv_two, $subj, $message, $headers);

      //*/

                                    break;

       

       

                          case "sales":

                                    $subj = "Sales request";

      //*

                                    mail($sales_one, $subj, $message, $headers);

                                    mail($sales_two, $subj, $message, $headers);

      //*/

                                    break;

                          case "literature":

                                    $subj = "Literature request";

      //*

                                    mail($lit_one, $subj, $message, $headers);

                                    mail($lit_two, $subj, $message, $headers);

      //*/

                                    break;

                }

                echo $output;

      } else {

                echo "Errors:<br />".$errors;

                echo "Please click the back button and update your choices.<br />";

      }

      /*

      echo "Validating...";

      print_r($_POST);

      //*/

      ?>

       

       

      At issue here are the headers (shown in red). The incoming email server is blocking stuff from my website because my website is not the email server. And so no email is received, it is assumed to be spam.

       

      How do I tease the actual sender's email out of the array  of stuff and place it into the headers?

       

      Thanks!

        • 1. Re: Emailing for a request form
          David_Powers CommunityMVP

          Usually, it's not the From and Reply-to headers that cause emails to be rejected, but the inability of the sending mail transport agent to identify the authenticity of the email origin.

           

          The mail() function accepts a fifth argument as a security measure. It usually takes the format of -f immediately followed by the authorized account's email address.

           

          mail($serv_one, $subj, $message, $headers, '-fauthorized_sender@example.com');
          
          • 2. Re: Emailing for a request form
            mhollis55 CommunityMVP

            Here's what I was looking for:

             

            $headers =  'From:'.$_POST['email']."\r\n" .'Reply-To: '.$_POST['email']."\r\n" .'X-Mailer: PHP/' . phpversion();

             

            Now, here's the problem...

             

            The folks at the incoming server changed their security protocols in January, resulting in lots of messages not being delivered -- but the company had a second person receiving emails who did recieve them.

             

            So, Some people got the emails, others didn't.

             

            The email hosting people are very nice on the phone, but they blamed my server. Said that I had to change to port 2525. I was set up to port 25 (default for email) and 587. So I did that, as well as changed the code. Now, the email is from the sender with the reply-to from the sender.

             

            But here is going to be the next step: If these people keep blaming "insecurity" at my end, I'll tell the company to switch to my server. Then a company whose name includes "Forest" will lose some easy money for providing email and webmail.

             

            This problem will be solved. I have changed php code and I have altered the port. If their host isn't getting the emails in all in-boxes, we switch on Monday. I don't have time to play games.

             

            -Mark