I have a friend who built an html website with a php form mailer in some program, not sure which one. The contact form isn't working, no email is received (and no it's not in spam), and after completion it just goes to a blank page with the "send_mail.php" address in the URL field. Any help would be greatly appreciated. In the cPanel editor it says "Syntax error, unexpected T-STRING, expecting ')'" on line 38. I can't see any misplaced or absent brackets or anything, but I'm still a PHP beginner and just playing around at the moment. Any help would be appreciated! The code is:
<?php
/*
This first bit sets the email address that you want the form to be submitted to.
You will need to change this value to a valid email address that you can access.
*/
$webmaster_email = "lourenst@gmail.com";
/*
This bit sets the URLs of the supporting pages.
If you change the names of any of the pages, you will need to change the values here.
*/
$feedback_page = "contact.html";
$error_page = "error_message.html";
$thankyou_page = "thank_you.html";
/*
This next bit loads the form field data into variables.
If you add a form field, you will need to add it here.
*/
$email_address = $_REQUEST['email_address'] ;
$comments = $_REQUEST['comments'] ;
$first_name = $_REQUEST['first_name'] ;
$usrtel = $_REQUEST['usrtel'];
$course_list = $_REQUEST['course_list'];
$company_name = $_REQUEST['company_name'];
$msg =
"First Name: " . $first_name . "\r\n" .
"Company: " . $company_name . "\r\n" .
"Contact Number: " . $usrtel . "\r\n" .
"Email: " . $email_address . "\r\n" .
"Course: " . $course_list . "\r\n" .
"Comments: " . $comments ; "\r\n" .
/*
The following function checks for email injection.
Specifically, it checks for carriage returns - typically used by spammers to inject a CC list.
*/
function isInjected($str) {
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str)) {
return true;
}
else {
return false;
}
}
// If the user tries to access this script directly, redirect them to the feedback form,
if (!isset($_REQUEST['email_address'])) {
header( "Location: $feedback_page" );
}
// If the form fields are empty, redirect to the error page.
elseif (empty($first_name) || empty($email_address)) || empty($usrtel) || empty($course_list)){
header( "Location: $error_page" );
}
/*
If email injection is detected, redirect to the error page.
If you add a form field, you should add it here.
*/
elseif ( isInjected($email_address) || isInjected($first_name) || isInjected($comments) || isInjected($usrtel) || isInjected($course_list)) || isInjected($company_name)) {
header( "Location: $error_page" );
}
// If we passed all previous tests, send the email then redirect to the thank you page.
else {
mail( "$webmaster_email", "Feedback Form Results", $msg );
header( "Location: $thankyou_page" );
}
?>
