PHP mail() issue?

Question

I have an issue that no one has yet to resolve.

On my website, during registration config, a verification code is sent via mail to the user's email address.

Everything besides the mail() function is working properly.

Here is my entire PHP registration code:

$code = md5(uniqid($safe_email,true));  
   $email = $_POST['email'];
      $he_email = htmlentities($email);
         $safe_email = mysql_real_escape_string($he_email);

if(isset($r_submit))
{
   //SQL
$email_query = "SELECT email FROM users WHERE email = '$safe_email'";
$email_queried = mysql_query($email_query);
$email_count = mysql_num_rows($email_queried);

    //VALIDATION
    $errors = array();
    if( empty($safe_fname) || empty($safe_lname) || empty($safe_email) || empty($safe_email_again) || empty($safe_password) )
    { $errors = '<p>One or more fields left empty'; }

    elseif( strlen($safe_password) < 6){ $errors = '<p>Password must be atleast 6 charcters long.</p>'; }

    elseif ( !preg_match('/@/',$safe_email) || !preg_match('/@/',$safe_email_again) ) {$errors = '<p>Invalid E-mail</p>';}


    elseif($safe_email != $safe_email_again){ $errors = '<p>E-mails do not match.</p>'; } 

    elseif($email_count != 0){ $errors = '<p>E-mail already in use.</p>'; }






        //Inserting new data in database


        else{ $sql1 = "INSERT INTO users (fname, lname, full_name, veri_id, email, password ) 
        VALUES ('$safe_fname','$safe_lname','$full_name', '$code', '$safe_email', '$hash_password')";
        $sql2 = mysql_query($sql1);

            //The mail function that isn't working
            $msg = "Verify Link => http://www.nljobmarket.com/verify.php?code=$code";
            mail($safe_email,'Welcome',$msg);   

                header('Location: ../just_registered.php');
                }
}

As you can see, appropriate parameters are being passed through the mail() function, but the e-mail is not being sent (I have tried with 3 different e-mail accounts)

I have also contacted my web hosting to ensure it wasn't an issue on their end.

My question is: Why isn't the e-mail containing the verification code being received by the user?

NOTE:: The database queries just before the mail() function are working fine.

EDIT: Headers make no difference lol.....

you miss a lot of informations to send an email. you need to set up all the headers for that email properly or it will never be delivered. Also you need to connect to an SMTP with the proper authentication to try to send the email if the provider's box hasn't set up one for you (but I guess that without any authentication they will never allows you to send an email). See [php.net](http://php.net/manual/en/function.mail.php) for some examples — Lelio Faieta, Aug 22 '15 at 13:30
I recommend using a PHP mailing library such as PHPMailer ( https://github.com/PHPMailer/PHPMailer ). Sending an email correctly through `mail()` only is difficult and it gets harder when you try to use SMTP authentication etc. — Imashcha, Aug 22 '15 at 13:31
Since this is a [repost](http://stackoverflow.com/questions/32155379/mail-function-is-not-working-properly-php), what have you debugged afterwards? (The code is largely irrelevant. It's plainly the MTA configuration. You're not entitled to a custom list of try this / try that comments. That's what the [reference checklist](http://stackoverflow.com/questions/24644436/php-mail-form-doesnt-complete-sending-e-mail) is for.) — mario, Aug 22 '15 at 13:31
To everyone who is saying headers are necessary: I have been using the function without headers for while now, the email is sent from my address on the hosting cloud... So "From: example@hotmail.com" is not necessary. Only recently has this not been working.... — Robert Tossly, Aug 22 '15 at 14:58

Xorifelse · Answer 1 · 2015-08-22T15:13:00.330

1

First of all, everything except mail is currently working but your code will fail once your web host updates to PHP 7. mysql_anyfunction() is a depreciated method of connecting to the database and their functions will be removed in the upcomming release. Instead use mysqli or the preferred method PDO because your "$safe_email" is not really that safe.

Then there is your email validator, you should use:

  echo filter_var($address, FILTER_VALIDATE_EMAIL) ? 'valid' : 'invalid';

to check if the users email address is has a correct format.

Then there is your mail function, which is missing headers.

$to      = 'nobody@example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster@example.com' . "\r\n" .
    'Reply-To: webmaster@example.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();

if(mail($to, $subject, $message, $headers)){
  // all data is valid and email should be send.
} else {
  // invalid data, somewhere.. email is not being send.
}

If you dont send the headers with the mail function, it could just be picked up as spam.

You could also use PHPMailer or my preffered one SwiftMailer.

edited Aug 22 '15 at 15:13

answered Aug 22 '15 at 13:40

Xorifelse

7,878
1
27
38

Have tried with headers and nothing changes in terms of result. – Robert Tossly Aug 22 '15 at 14:16
Also, please tell me how `$safe_email` is not safe.... – Robert Tossly Aug 22 '15 at 14:25
As far as I know, mysql_real_escape_string is not sufficient in every situation and can thus be bypassed. Also, check the boolean returned by the mail() function. It does not return if the mail is send or not, but rather if its data is correct and ready to be send. So if its false, something is wrong. Ill adjust the example code for it. – Xorifelse Aug 22 '15 at 15:03
Awesome I will do this now. – Robert Tossly Aug 22 '15 at 15:11
It does not return False... – Robert Tossly Aug 22 '15 at 15:16
"Returns TRUE if the mail was successfully accepted for delivery, FALSE otherwise. It is important to note that just because the mail was accepted for delivery, it does NOT mean the mail will actually reach the intended destination." From php Manual... In this case return value is not enough... – sinisake Aug 22 '15 at 15:36
Hmmm... However atleast your idea helped narrow down the problem. Now I know correct parameters are being passed through the function – Robert Tossly Aug 22 '15 at 15:37
If it returns true, and no emails are found in the spam folder.. then it could be that the web hoster disabled the ability to send mail or it needs to be activated first. Or, if its on your local host then make sure you've installed and correctly configured the mail server. – Xorifelse Aug 22 '15 at 16:03

score 0 · Answer 2 · answered Aug 22 '15 at 13:39

This is an example of a properly formatted email

$from = "app@mailcomingfrom.com";
$subject = "Password validation";
$messaggio ="Your message";
$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'To: User <user@mailgoingto.com>' . "\r\n";
$headers .= 'From: Your App <app@mailcomingfrom.com>' . "\r\n";


mail("user@mailgoingto.com",$subject,$messaggio,$headers);

This code will work IF the provider has set up an SMTP server AND there is a rule that allows app@mailcomingfrom.com to send mail WITHOUT authentication and this will not be the case of most of shared hosting services. If authentication is to be applied you need to add the relevant authorization lines or to rely on a proper library that is already set up for this like PHPMailer or any other you want to use

I have added headers to the mail function. Still does not work. I guess I'll check out PHPMailer. Odd thing is, I have been using the same code to send e-mails without ANY issue, however up until recently, emails haven't been sending. — Robert Tossly, Aug 22 '15 at 14:55
Probably your host has added authentication to the SMTP server. Do you have access to the log to see what error you get? — Lelio Faieta, Aug 22 '15 at 14:59

PHP mail() issue?

2 Answers2