0

I have my html form sending data through AJAX to PHP. the form data contains a little HTML markup which I want to send to my PHP server.

My Form data is set up like so:

<form id="mail-formData">
    <input type="hidden" name="a" value="send-custom-mail">
    <input type="hidden" name="uid" id="cm-uid">
    <input type="text" class="form-control" id="cm-email2" name="to">
    <input type="text" class="form-control" name="message-subject" required>
    <textarea class="form-control" name="message-body" required></textarea>
    <button type="submit" class="btn btn-lg btn-primary sendMail">SEND MAIL</button>
</form>

NOTE: the content in my message-body contains markups like <b></b> and most especially <div style="">

My AJAX i well set up like so:

$.ajax({
    url: "send-mail.php",
    type: "POST",
    data: $("#mail-formData").serialize(),
    cache: false,
    success:function(response){
        console.log(response);
    }
});

and my send-mail.php is set up like so:

 if (isset($_POST['a'])&&$_POST['a']=='send-custom-mail') {
     die(var_dump($_POST));
 }

NOW,

  1. When I send this request without the html markups in it, it works flawlessly

  2. when I send with html markups like witouth the style="" it works.

BUT

Once I introduce style="color:red" it doesn't work. the form submits quite fine but I'm guessing without the data in serialize();

=========UPDATE========== Here are the screenshots from the response I got.

  1. When sending with markups like etc: enter image description here



  1. When I add markup like : enter image description here



Kindly note that the response below Image 2 is just the content of the page containing the form.

DigitalBraine
  • 111
  • 9
  • @Phil it's a typo while sending the question here... I have it on my main code... I'm updating the question now – DigitalBraine Jul 20 '22 at 03:03
  • Works fine here ~ https://jsfiddle.net/6f7dkyps/. The problem may be in your PHP code. How are you verifying there's a problem at all? – Phil Jul 20 '22 at 03:05
  • When I submit form data containing just text without html markups. the var_dump gives me the data in the form. But when I attempt to send with markup. I don't get any result. I can update my question to show screenhot from the response – DigitalBraine Jul 20 '22 at 03:09
  • Sounds like you're hitting an error on the PHP side. Check your browser dev-tools _Network_ panel to see what the actual response is – Phil Jul 20 '22 at 03:09
  • @Phil I think the error is from the PHP side too. Because the Network panel shows that there was a 200 response from xhr. But I don't know the cause on the server side. because it only happens when the request contains markups. I can the question with my response – DigitalBraine Jul 20 '22 at 03:17
  • Make sure you can see [any and all errors reported by PHP](https://stackoverflow.com/q/845021/283366) – Phil Jul 20 '22 at 03:33
  • Your server-side code appears to be responding with some sort of _"Not Found"_ HTML page. Please [edit] your question to include the relevant PHP code, in particular anything that comes before your `var_dump()` line – Phil Jul 20 '22 at 04:15
  • 1
    Also, ask your server admin if they have any sort of firewall configured, that tries to identify "XSS requests" and blocks them. – CBroe Jul 20 '22 at 07:20

0 Answers0