After sending email to reset password using PHP many info lines appear to user

Question

I am using the code below to send a link to the user email to reset the password, the code works fine and sends the link. The problem is after sending the link the page will show many lines of information and a success message at the end.

What is wrong with the code below to avoid these lines? Here is the code:

<?php
    use PHPMailer\PHPMailer\PHPMailer;
    use PHPMailer\PHPMailer\SMTP;
    use PHPMailer\PHPMailer\Exception;

    require 'PHPMailer/src/Exception.php';
    require 'PHPMailer/src/PHPMailer.php';
    require 'PHPMailer/src/SMTP.php';

    require 'database.php';

    if(isset($_POST["email"])){
        $emailTo = $_POST["email"];

        $code = uniqid(true);
        $sql = "INSERT INTO reset(code, email) VALUES('$code', '$emailTo');";
        $run = mysqli_query($conn, $sql);
        if(!$run){
            exit("Error");
        }

        $mail = new PHPMailer(true);

        try {
            //Server settings
            $mail->isSMTP();
            $mail->SMTPDebug = 2;
            $mail->Host       = 'smtp.gmail.com';
            $mail->SMTPAuth   = true;
            $mail->Username   = 'myEmail.com';
            $mail->Password   = 'xxxxxxxxx';
            $mail->SMTPSecure = 'tls';
            $mail->Port       = 587;

            //Recipients
            $mail->setFrom('myqmial.com', 'Hello');
            $mail->addAddress($emailTo);
            $mail->addReplyTo('no-reply@gmail.com', 'No reply');

            // Content
            $url = "http://" .$_SERVER["HTTP_HOST"] . dirname($_SERVER["PHP_SELF"]) . "/resetPassword.php?code=$code";
            $mail->isHTML(true);
            $mail->Subject = 'Reset Password';
            $mail->Body    = "<h1>You asked to reset your password، </h1>
                                Click <a href='$url'>this link</a> Please click on the link";
            $mail->AltBody = 'This is the body in plain text for non-HTML mail clients';

            $mail->send();
            echo 'The link has been successfully sent to your email';
            
        } 
        catch (Exception $e) {
            echo "Message could not be sent. Mail Error: {$mail->ErrorInfo}";
        }
        exit();
    }
    
?> 
<form method='POST'>
    <input type='text' name='email' placeholder='Email'>
    <input type='submit' name='submit' value='Reset password'>
</form>

I am attaching an image with the results:

I do not know what mistake I am doing, so how can I just show the message (The link has been successfully sent to your email) without all these lines?

_Side note:_ You're wide open to [SQL injection attacks](https://owasp.org/www-community/attacks/SQL_Injection)! Read [how to prevent SQL injection in PHP](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) by using prepared statements with bound parameters instead of injecting variables directly into your queries. It's not just about security. If your data contains, for example, a single quote `'`, your query will break. — M. Eriksson, Oct 30 '22 at 09:49
That's the debug log for PHPMailer. If you turn off debugging, that output will disappear. Either change `$mail->SMTPDebug = 2;` to `$mail->SMTPDebug = 0;`, or simply don't turn it on in the first place (remove that line all together.) — M. Eriksson, Oct 30 '22 at 09:59

score 0 · Accepted Answer · answered Oct 30 '22 at 09:54

0

Because, you have opened debug mode of PHPMailer. You need to disable debug mode like this:

$mail->SMTPDebug=0;

For additionally, you may visit https://mailtrap.io/blog/phpmailer/

answered Oct 30 '22 at 09:54

Tural Rzaxanov

783
1
7
16

After sending email to reset password using PHP many info lines appear to user

1 Answers1