0

I will admit I don't know much about PHP. I found this script to send emails and it works just fine for one of my other pages but now it isn't working and I don't know why. The only thing I changed was that I added the 'if' statements in the middle of the script to handle the emails so the emails were kept private. Anyone have any ideas?

<?php
/*if(!isset($_GET['submit']))
{
    //This page should not be accessed directly. Need to submit the form.
    echo "error; you need to submit the form!";
}*/ //This error seems to just get in the way. I am cutting it out.
$mailTo = $_GET['to'];
$subject = $_GET['subject'];
$name = $_GET['name'];
$visitor_email = $_GET['email'];
$message = $_GET['message'];

//Validate first
if(empty($name)||empty($visitor_email)) 
{
    echo "Name and email are mandatory!";
    exit;
}

if(IsInjected($visitor_email))
{
    echo "Bad email value!";
    exit;
}

//If statements to change value from html to actual email addresses
switch($mailTo) {
    case "ED":      $mailTo = "example@example.com";
                    break;
    case "AS":      $mailTo = "example@example.org";
                    break;
    case "OM":      $mailTo = "example@example.org";
                    break;
    case "VC":      $mailTo = "example@example.org";
                    break;
    case "Pres":    $mailTo = "example@example.com";
                    break;
    case "VP":      $mailTo = "example@example.net";
                    break;
    case "Sec":     $mailTo = "example@example.com";
                    break;
    case "Treas":   $mailTo = "example@example.com";
                    break;
    case "Dir1":    $mailTo = "example@example.com";
                    break;
    case "Dir2":    $mailTo = "example@example.com";
                    break;
    case "Dir3":    $mailTo = "example@example.net";
                    break;
    case "Dir4":    $mailTo = "example@example.com";
                    break;
    case "Dir5":    $mailTo = "example@example.com";
                    break;
    case "Dir6":    $mailTo = "example@example.gov";
                    break;
    case "Dir7":    $mailTo = "example@example.com";
                    break;
    case "Dir8":    $mailTo = "example@example.com";
                    break;
    case "Dir9":    $mailTo = "example@example.com";
                    break;
}

$email_from = $visitor_email;//<== update the email address
$email_subject = $subject;
if($subject==="Please sign me up for the example Newsletter")
{
    $email_body = "$name has requested to be subscribed to the example 
Newsletter\n";
    $email_body .= "$name's email address is $visitor_email\n";
}
else
{
    $email_body = "*** The following message is from the user ***\n";
    $email_body = $message;
}
if($message!=="")
    $email_body .= "They have also added a custom message:\n $message";

$to = $mailTo;//<== update the email address
$headers = "From: $email_from \r\n";
$headers .= "Reply-To: $visitor_email \r\n";
//Send the email!
if(mail($to,$email_subject,$email_body,$headers))
    echo "Mail submitted successfully";
else
    echo "Mail not sent";
//done. redirect to thank-you page.
//header('Location: thank-you.html');


// Function to validate against any email injection attempts
function IsInjected($str)
{
  $injections = array('(\n+)',
              '(\r+)',
              '(\t+)',
              '(%0A+)',
              '(%0D+)',
              '(%08+)',
              '(%09+)'
              );
  $inject = join('|', $injections);
  $inject = "/$inject/i";
  if(preg_match($inject,$str))
    {
    return true;
  }
  else
    {
    return false;
  }
}

?>

In my console, I don't get any errors, I'm using AJAX and I don't get any errors, the return value is always that it was submitted successfully, and the query string that is being submitted is valid. I've narrowed it down to where it has to be something in the PHP that is messing up and making the email invalid.

Here is the JS for the AJAX function. My validation function calls the AJAX which then sends it over to the PHP. All the JS has been debugged and is working.

function ajaxFunction(caller)
{
    'use strict';
    console.log("1. *** BEGINNING AJAX FUNCTION ***");
    var ajaxRequest;

    try{
        // Real browsers
        ajaxRequest = new XMLHttpRequest();
    } catch(e) {
        // IE browsers
        try{
            ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
        } catch(e) {
            try {
                ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
            } catch(e) {
                // Something went wrong
                alert("Your browser broke");
                return false;
            }
        }
    }
    // Function that will recieve data sent from the server
    ajaxRequest.onreadystatechange = function() {
        console.log("2. The current ready state is: " + ajaxRequest.readyState);
        if(ajaxRequest.readyState === 4){
            var errorP = document.getElementById("errorP");
            console.log("Response Text is " + ajaxRequest.responseText);
            errorP.innerHTML = ajaxRequest.responseText;
        }
    }
    // Create the date object and send it to the server
    var to;
    var subject;
    var select = document.getElementById("select");
    var subj = document.getElementById("subject");
    var name = document.getElementById("name");
    var nameVal = name.value;
    var email = document.getElementById("email");
    var emailVal = email.value;
    var message = document.getElementById("message");
    var messageVal = message.value;
    if(caller==="newsletter")
        {
            to = "newsletter@al-van.org";
            subject = "Please sign me up for the Al-Van Newsletter";
        }
    else if(caller==="contact")
        {
            to = select.value;
            subject = subj.value;
        }
    var queryString = "?name=" + nameVal + "&email=" + emailVal + "&message=" + messageVal + "&to=" + to + "&subject=" + subject;
    console.log("6. The query string is: " + queryString);
    ajaxRequest.open("GET", "form-to-email.php" + queryString, true);
    ajaxRequest.send(null);
}
Synchro
  • 35,538
  • 15
  • 81
  • 104
sylphaxiom
  • 121
  • 2
  • 12
  • check tail /var/log/maillog you will see what happen to your sent email – HamzaNig Jun 22 '18 at 16:08
  • Is that a file on the server somewhere? – sylphaxiom Jun 22 '18 at 16:10
  • yeh you can use tail to check their status – HamzaNig Jun 22 '18 at 16:13
  • consider a swich instead of that ton of if to change the address – Lelio Faieta Jun 22 '18 at 16:14
  • I'm building a site for a client and they have me ftp access to their server. I don't know where to find tail on their server. They're using bluehost. – sylphaxiom Jun 22 '18 at 16:19
  • @Lelio that's a good idea. Do you think that would solve my issue though? – sylphaxiom Jun 22 '18 at 16:20
  • it will strongly simplify your code and you will learn something new. It is not related to your issue directly since you have not provided enough info for debugging – Lelio Faieta Jun 22 '18 at 16:21
  • Right on. How much more info do you need? I can post up the JS validation and AJAX function, but I've already debugger those and they work. My original form works as well but not the one on this page. I'll edit and put up the JS anyway. – sylphaxiom Jun 22 '18 at 16:24
  • Did you provide the smtp-configuration in your php.ini [Have a look here for details](https://stackoverflow.com/questions/3525818/smtp-configuration-for-php-mail) – SirPilan Jun 22 '18 at 17:42
  • Yep, you will need an SMTP server to send emails. – Cillian Collins Jun 22 '18 at 17:45
  • you can use your gmail account (for example) aswell [details](https://www.formget.com/send-email-via-gmail-smtp-server-in-php/) – SirPilan Jun 22 '18 at 17:47
  • I looked at their php.ini and to be honest, I'm not sure. SMTP=localhost and smtp-port is 25 but that is all that is listed. It also has a sendmail path listed in the php.ini – sylphaxiom Jun 22 '18 at 17:56
  • [how to do it](https://stackoverflow.com/questions/112190/php-ini-smtp-how-do-you-pass-username-password) – SirPilan Jun 22 '18 at 17:59
  • I believe they are using a Uinux based server and there is an explicit sendmail_path in the php.ini. Would I still need to use the SMTP credentials as being describing here? – sylphaxiom Jun 22 '18 at 18:17
  • You can use your Gmail account, and that would be using the Gmail SMTP server. Either use an internal server or an external server such as Gmail, both will work. – Cillian Collins Jun 22 '18 at 18:46
  • This is going on a remote server that I only have FTP access to. The script was working before I made a couple changes to the script to accommodate the new form. – sylphaxiom Jun 23 '18 at 03:42

1 Answers1

0

After pulling research from many different sources, I seem to have found the issue. It seems that BlueHost uses filters and blocks that prevent people using their servers for spamming or phishing. This means that the $from field in the PHP script must be a valid email on the server in order for it to send. It seems when I was using a different $from field the emails would either take hours to go through, or not go through at all. I did not need to add SMTP credentials or install any other packages to get this done. Thank you for your help folks, many of your suggestions and ideas were instrumental in helping me arrive at my own answer.

sylphaxiom
  • 121
  • 2
  • 12