PHP - Send copy of form input to user

Question

I'm trying to send a copy of a submitted form to the user of the client-side. I tried implementing some code I already found around here but can not get it to work successfully. Would you guys mind taking a look? ...All input appreciated, as always!

 // EDIT THE 2 LINES BELOW AS REQUIRED
 $email_to = "nonedesigns@gmail.com";
 $email_subject = "SuitUP | Support";
 $success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>");

if ($success)
    mail($email_from, $Subject, $Body, "From: <$email_From>");


 // validation expected data exists

 $error_message = "";
 //get fields, and check if they are filled
 $project_name = $_POST['first_name'];
 required_field($project_name,"Project Name");

 $last_name = $_POST['last_name'];
 required_field($last_name,"Last Name");

 $email_from = $_POST['email'];
 required_field($email_from,"Email");

 $contact_reason = $_REQUEST['contact_reason'];

 $other_info = $_POST['other_info'];
 required_field($other_info,"Additional Info"); 

 //phone number manip
 $phone_number_clean = clean_phone_number($phone_number);

 //email manip
 $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';

You assign `$email_to`, but then you send to `$emailTo`. And you're sending to `$email_from` before you assign that variable. — Barmar, Jul 14 '15 at 20:45
Then there's the header injection vulnerability, the regex which is never used and doesn't match many valid emails, the lack of any validation, not to mention the fact that you've made no attempt to diagnose the problem yourself. — symcbean, Jul 14 '15 at 20:53

score 2 · Answer 1 · answered Jul 14 '15 at 20:52

First you need to declare the variables, and then send out the email:

    // validation expected data exists

$error_message = "";
//get fields, and check if they are filled
$project_name = $_POST['first_name'];
required_field($project_name,"Project Name");

$last_name = $_POST['last_name'];
required_field($last_name,"Last Name");

$email_from = $_POST['email'];
required_field($email_from,"Email");

$contact_reason = $_REQUEST['contact_reason'];

$other_info = $_POST['other_info'];
required_field($other_info,"Additional Info"); 

//phone number manip
$phone_number_clean = clean_phone_number($phone_number);

//email manip
$email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';

// EDIT THE 2 LINES BELOW AS REQUIRED
$email_to = "nonedesigns@gmail.com";
$email_subject = "SuitUP | Support";
$success = mail($email_to, $Subject, $Body, "From: <$email_from>");

if ($success)
    mail($email_from, $Subject, $Body, "From: <$email_from>");

Try to be consistent in variable naming conventions (not mixing CamelCase and underscores). That will make it easier for you to stay on top of your code.

Pratyush Pranjal · Answer 2 · 2015-07-14T21:01:42.307

Try to send mail using PHPMailer. Try the below standard php code but first download phpmailer.php and save it.

// include the PHPMailer
 require_once('PHPMailer.php');

$mail             = new PHPMailer(); // defaults to using php "mail()"

$mail->IsSendmail(); // telling the class to use SendMail transport

$body             = "hello";

$mail->AddReplyTo("name@yourdomain.com","First Last");

$mail->SetFrom('name@yourdomain.com', 'First Last');

$mail->AddReplyTo("name@yourdomain.com","First Last");

$address = "name@yourdomain.com";
$mail->AddAddress($address, "John Doe");

$mail->Subject    = "PHPMailer Test Subject via Sendmail, basic";

$mail->AltBody    = "To view the message, please use an HTML compatible         email viewer!"; // optional, comment out and test

$mail->MsgHTML($body);

$mail->IsHTML(true);
if(!$mail->Send()) {
echo "Mailer Error: " . $mail->ErrorInfo;
} else {
echo "Message sent!"; 
}

PHP - Send copy of form input to user

2 Answers2