How can I send a email in php from a html form

Question

Here is the PHP and HTML code that is causing the problem; when I press the submit <input>, the email is not sent:

<head>
<title>`Fraud Detector`</title>
<link rel="stylesheet" type="text/css" href="CSS.css"/>
<LINK REL="SHORTCUT ICON" HREF="favicon.ico">
<body>

<form method="post" name="form1" action="submit.php">
Name: 
<br/><input type="text" name="name" /><br/>
Email:
<br/><input type="text" name="email"/><br/><br/>
<input type="submit" value="Continue"/>
</form>
<?php
$email = $_POST["email"];
$subject = "Your Account May Have Been Hacked!";
$body = "Your account may have been hacked! 
            Please click the following link to fix the problem: 
            http://testsites.webatu.com/process.php";
$from = "fraud_dept@security_inc.com";
mail($email, $subject, $body, $from);
?>
</body>
</head>

Can anyone tell me why the email is not send and what I'm doing wrong?

Because of the missing `From:` and missing `\r\n` etc - [`Read the manual`](http://php.net/mail) — Funk Forty Niner, Feb 20 '14 at 01:01
Put `error_reporting(-1);` at the top of your script and fix the notices and any other errors you may get. — Sverri M. Olsen, Feb 20 '14 at 01:05
@Fred-ii- slightly off-topic but I was told that Postfix (if that's what's being used to send the mail) deals with the line terminators itself and actually expects the EOL relevant to the OS it's running on so you should really provide `PHP_EOL` as the line terminator rather than `\r\n` - despite the fact that your headers should always be terminated with `\r\n` anyway ... is that right do you know? — CD001, Feb 20 '14 at 01:19
I always refer to the manual when it comes to questions like these. I can base myself on what PHP.net then add the goodies in after. `PHP_EOL` works, as quoted from one of the entries (-1 I don't know why) *"Since lines in $additional_headers must be separated by \n on Unix and \r\n on Windows, it might be useful to use the PHP_EOL constant which contains the correct value on either platform."* at http://php.net/mail @CD001 - and some do abuse headers, many a time. — Funk Forty Niner, Feb 20 '14 at 01:23
@Fred-ii- lush, cheers :) I was just on the Postfix website and couldn't see it for the life of me (should have checked php.net) ... but then it's 1:25 AM here and I should really be asleep! — CD001, Feb 20 '14 at 01:25

LeigerGaming · Answer 1 · 2014-02-20T03:02:30.540

1

Make sure that script is named "submit.php" and is located within the root of your web directory.

Also, I'd add a few checks to make sure the POST request actually exists, before trying to access it:

<?php
  if ($_POST && isset($_POST['name']) && isset($_POST['email']))
  {
    $name = $_POST['name'];
    $email = $_POST["email"];
    $subject = "Your Account May Have Been Hacked!";
    $body = "Hello {$name}: Your account may have been hacked! Please click the following 
      link to fix the problem: http://testsites.webatu.com/process.php";

    $headers = "To: {$name} <{$email}>\r\n";
    $headers .= "From: Fraud Dept <fraud_dept@security_inc.com>\r\n";

    mail($email, $subject, $body, $headers);
  }
?>

(I've also added in $name, as you seem to be ignoring that field in your existing code.)

edited Feb 20 '14 at 03:02

answered Feb 20 '14 at 01:13

LeigerGaming

504
1
4
17

3

Is it just me, or does anyone else find it ironic that OP is sending out an email about being hacked and his script is wide open? – Ohgodwhy Feb 20 '14 at 01:14
Hm, that did cross my mind. Seems a bit dodgy. – LeigerGaming Feb 20 '14 at 01:16
Maybe it's a cry for attention. @Ohgodwhy – Funk Forty Niner Feb 20 '14 at 01:27
-1. Despite the extra checks, the rest of the code is still the same and will not work for the same reason. – Ja͢ck Feb 20 '14 at 01:50
@Jack The code sample I provided was part of my suggestion to check that the POST request exists. Actual answer to the question was above: _Make sure that script is named "submit.php" and is located within the root of your web directory._ – LeigerGaming Feb 20 '14 at 02:37
Though that may play a role here, the `mail()` function is still used wrongly. – Ja͢ck Feb 20 '14 at 02:42

TURTLE · Answer 2 · 2014-02-20T02:54:32.573

0

Maybe you could try the following, when sending a email you need two email addresses the receiver and from.

<?php
if ( isset($_POST['submit']) && isset($_POST['email']) ) {
   /* To email */
   $to = $_POST["email"];

   /* Sender email*/
   $from = 'myemail@live.com';

   /* Subject */
   $subject = "Your Account May Have Been Hacked!";

   /* Body*/
   $message = "Your account may have been hacked! Please click the following link to fix the problem: http://testsites.webatu.com/process.php";

   /* Send the email */
   mail($to, $subject, $message, "From: {$from}");
}
?>

<form method="post">
<input type="text" name="email" placeholder="your email address" />
<input type="submit" name="submit" value="submit" />
</form>

I also noticed the link in the emails body is hosted on a free host, just make sure you don't spam many emails at the same time. Some free hosts could ban you for sending multiple emails within a short time.

edited Feb 20 '14 at 02:54

answered Feb 20 '14 at 01:19

TURTLE

3,728
4
49
50

`$from = $_POST["email"];` - He wants to send the email to this address, not from it. – LeigerGaming Feb 20 '14 at 02:39
@Shane Smith edited :) – TURTLE Feb 20 '14 at 02:54
By the way, If you want to see the site, its http://testsites.webatu.com... although you could probably figure that out by looking at the code but whatever... :) – theolaa Feb 21 '14 at 02:18

How can I send a email in php from a html form

2 Answers2