PHP code not sending through email

Question

I'm working on making an email PHP that sends me an email whenever someone completes my survey. I have all of these variables defined in my code and every single one of them works correctly and shows up in my email except the $phone variable. In that row of my code, I get a blank line. Why would that be?

<?PHP
/* message */
        $name = $_POST['name'];
        $address = $_POST['address'];
        $address2 = $_POST['address2'];
        $fulladdress = $address . ", " . $address2;
        $city = $_POST['city'];
        $state = $_POST['state'];
        $zipcode = $_POST['zipcode'];
        $city_state_zip = $city . ", " . $state . " " . $zipcode;
        $email = $_POST['email'];
        $phone = $_POST['phone'];
        $phone = "(" . substr($phone, 0, 3). ") " . substr($phone, 3, 3) . "-" . substr($phone,6,4);
        $years_experience = $_POST['years_experience'];
        $education_level = $_POST['education_level'];
        $salary = $_POST['salary'];
        $current_employer = $_POST['current_employer'];
        $previous_employer1 = $_POST['previous_employer1'];
        $previous_employer2 = $_POST['previous_employer2'];
        if( empty($previous_employer2) AND empty($previous_employer1) ) {
            $previous_employers = "None";
        }
        elseif(empty($previous_employer2)) {
            $previous_employers = $previous_employer1;
        }
        else{
            $previous_employers = $previous_employer1 . " and " . $previous_employer2;
        }
        $grad_year = $_POST['grad_year'];

        $class_size = $_POST['class_size'];
        $department_feedback = $_POST['department_feedback'];
        $wishes = $_POST['wishes'];
        /* $size = count($useful_classes);
        $classes="";
        foreach ($useful_classes as $key => $value){ 
                        $classes .= $value;
                        if($size > ($key + 1)){
                            $classes .= ", ";
                        }
                    }

        $size2 = count($skills);
        $skillsets="";
        foreach ($skills as $key => $value){ 
                        $skillsets .= $value;
                        if($size2 > ($key + 1)){
                            $skillsets .= ", ";
                        }
                    } */
        $restaurant = $_POST['restaurant'];         
        $hobbies = $_POST['hobbies'];
        $kstate_memory = $_POST['kstate_memory'];

$messageTT ="";
$messageTT .= <<<EOT
<html>
<head>
<title></title>
</head>
<body>
    <table style="border-collapse: collapse">
            <tr>
                <td align="right" style="border: solid 1px black"> <b>Name:</b> </td>
                <td  align="left" style="border: solid 1px black"> $name </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b>Address:</b> </td>
                <td  align="left" style="border: solid 1px black"> $fulladdress </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> </td>
                <td  align="left" style="border: solid 1px black"> $city_state_zip </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b>Email:</b> </td>
                <td  align="left" style="border: solid 1px black"> $email </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b>Phone:</b> </td>
                <td align="left" style="border: solid 1px black" $phone </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b>Years of Professional Experience:</b> </td>
                <td align="left" style="border: solid 1px black"> $years_experience </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b>Education Level:</b> </td>
                <td align="left" style="border: solid 1px black"> $education_level </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b>Salary Ranking:</b> </td>
                <td  align="left" style="border: solid 1px black"> $salary </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b>Current Employer:</b> </td>
                <td  align="left" style="border: solid 1px black"> $current_employer </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b> Past Employer(s): </b></td>
                <td  align="left" style="border: solid 1px black"> $previous_employers </td>
            </tr>
            <tr>
                <td align="right" style="border: solid 1px black"> <b>Graduation Year: </b> </td>
                <td  align="left" style="border: solid 1px black"> $grad_year </td>
            </tr>
            <tr>
                <td align="right" style="border: solid 1px black"> <b>Most Useful Classes:</b> </td>
                <td  align="left" style="border: solid 1px black"> $classes </td>
            </tr>
            <tr>
                <td align="right" style="border: solid 1px black"> <b>Most Useful Skills: </b> </td>
                <td  align="left" style="border: solid 1px black"> $skillsets  </td>
            </tr>
            <tr>
                <td align="right" style="border: solid 1px black"> <b>Class Size: </b> </td>
                <td  align="left" style="border: solid 1px black"> $class_size  </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b> Department Feedback: </b></td>
                <td  align="left" style="border: solid 1px black"> $department_feedback </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b> Wishes for Next Generation: </b></td>
                <td  align="left" style="border: solid 1px black"> $wishes </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b>Favorite Restaurant: </b> </td>
                <td  align="left" style="border: solid 1px black"> $restaurant </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b>What You Do for Fun: </b> </td>
                <td  align="left" style="border: solid 1px black"> $hobbies </td>
            </tr>
            <tr>
                <td  align="right" style="border: solid 1px black"> <b>Favorite K-State Memory: </b> </td>
                <td  align="left" style="border: solid 1px black"> $kstate_memory </td>
            </tr>
        </table>
</body>
</html>
EOT;

/* recipients */
$to  = "anon <anon@anon.edu>";

/* subject */
$subject = " Survey Form Submission -- " . $_POST['name'];;

//$headers = 'From: '.$_POST['email']."\n";
/* To send HTML mail, you can set the Content-type header. */
$headers = "MIME-Version: 1.0\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\n";

/* additional headers */
$headers .= 'From: '.$_POST['name'].' <'.$_POST['email'].">\n";
//Next two lines for cc and bcc....
//$headers .= "Cc: birthdayarchive@example.com\r\n";
//$headers .= "Bcc: birthdaycheck@example.com\r\n";

/* and now mail it */
mail($to, $subject, $messageTT, $headers);
?>

I'm just learning the basics and am not going to actually be sending this out before making it secure. I just am trying to figure out why my $phone variable wouldn't show up in my email but does show up in the webpage. — BrianW, Feb 24 '18 at 17:21
`$phone` seems to be the only variable that you manipulate after retrieving it as a POST variable. Are you sure it's being posted correctly (as basic as it may seem)? — Paulo Hgo, Feb 24 '18 at 17:53
@BrianW Checkout this link for more about what Richard means about "escape your strings". Basically he's saying remove all the string concatenation and keep things nice in double quotes. For example, `$city_state_zip = $city . ", " . $state . " " . $zipcode;` could be re-written as: `$city_state_zip = "${city}, ${state} ${zipcode}";`. This link here has more about it: https://stackoverflow.com/questions/10646142/what-does-it-mean-to-escape-a-string. — twknab, Feb 25 '18 at 01:43
One other thing might be to add some validations to your user input. E.g, what if someone gives you the phone number `(515) 202 - 3111` instead of `5152023111` (with parentheses, spaces and dashes incl'd)? Right now your `$phone` variable is altered, wrapping the number in `(` and `)`'s. Would your formatting be correct if the phone number was not submitted properly? IDK if you have some front-end validation, but something to think about for back-end. Also for ensuring your email's `$phone` value is correct every time! You could create a function that checks for that stuff (algorithm). — twknab, Feb 25 '18 at 01:45
@natureminded right now I'm just trying to get the gyst of front-end logic. I have validation with my number type to make sure they enter in exactly 10 numbers, nothing more and nothing less. I was trying to find a better way to do the phone validation, but it seemed like a tricky solution when I was looking over solutions online. Thanks for the feedback! — BrianW, Feb 25 '18 at 02:24

EagleRainbow · Accepted Answer · 2018-02-25T11:26:08.790

1

In your line <td align="left" style="border: solid 1px black" $phone </td> you are missing an HTML closing tag. It should read <td align="left" style="border: solid 1px black"> $phone </td> instead.

Please also take the other statements concerning security serious. This risk is often underrated.

edited Feb 25 '18 at 11:26

answered Feb 24 '18 at 20:56

EagleRainbow

931
5
22

PHP code not sending through email

1 Answers1