PHP - Only Allow Email Addresses To Be Submitted
Hi there,
I have a newsletter sign up form which just puts the data (id and email) into a mysql table. To stop people hacking the site, is there a way to make sure the only thing being submitted in the input is an email address? Here's my current form and submit php: Code: [Select] <?php $mailer = $_GET['mailer']; if ($mailer == 'added') { $email=$_POST['email']; if($email == '') { echo '<div class="daily_not_submitted"><span style="padding-right:6px;"><img src="https://store.huhmagazine.co.uk/images/cross.jpg"></span>Please fill in all the fields.</div>'; }else { $sql="INSERT INTO `dailymailer` (`email`) VALUES ('$email');"; $result=mysql_query($sql) or die(mysql_error()); if($result){ echo "<div class='daily_submitted'><span style='padding-right:6px;'><img src='http://www.huhmagazine.co.uk/images/uploaded/checkboxtick.jpg'></span>Thank you.</div>"; } else { echo "Error\n"; } } } ?> <div id="sidebarnewsletter"> <form name="mailinglist" method="post" action="?mailer=added"> <input type="text" name="email" class="sidebarnewsletter" placeholder="Enter Your Email Address" /> <input type="submit" class="sidebarnewsletter_button" value="Sign Up"> </form> <div class="clear"></div> </div> Similar TutorialsHi Everyone! Thanks in advance for taking the time to review my post. I am pretty new to PHP so please excuse my ignorance. I am working a project for myself. I want to be able to send out newsletters to my customers and sponsors. I have written the code and here it is: <?php $subject = $_POST['subject']; $message = $_POST['message']; $email = "bubba@bubba.com"; $headers = "From: $email"; $email_list = file("elist.txt"); $total_emails = count($email_list); for ($counter=0; $counter<$total_emails; $counter++) { $email_list[$counter] = trim($email_list[$counter]); } $to = implode(",",$email_list); if ( mail($to,$subject,$message,$headers) ) { echo "The email has been sent!"; } else { echo "The email has failed!"; } ?> ----------------------------------------------------------------------------- In my elist.txt file - I have two fields. Name and email. Bubba|bubba@bubba.com Oohay|oohay@yahoo.com If i leave the names out of this file, the email script works great! I want to leave the names in there and reference them in my email that I am sending out to be more personal. Can this be done and can you help? Thanks! Mike I want to send confirmation email to 2 different email boxes. this is the code sending to one box: { $this->load->library('email'); //$config['mailtype'] = 'html'; //$this->email->initialize($config); $this->email->from('no-reply@mymail.com 'Site team'); $this->email->to($em); $this->email->subject('Welcome'); $msg = 'You have registered'; $this->email->message($msg); $this->email->send(); } thanks and what should be the code sending same email to one more email box (example: mymail@gmail. com) Im having a little trouble with the script below. I get my three sql values returned fine, without a problem. The problem is that Im not sending any emails with it. Wether this is a problem with my syntax, headers, code ??? i dont know. Please go easy on my scripts, im a learning newbie. <html><body> <?php mysql_connect("***","***","***"); mysql_select_db("***") or die("Unable to select database"); $code = $_GET['postcode']; $message = $_GET['message']; $shortcode = substr($code,0,2); $subject = "subject here"; $result = mysql_query("SELECT email FROM treesurgeons WHERE postcode like '%" . $shortcode . "%' ORDER BY companyName LIMIT 3") or die(mysql_error()); echo "<h2>Business Names:</h2>"; while($row = mysql_fetch_assoc($result)) {$message .= "\r\n". $row['email'] ;} {$value = $row['email'].',';} rtrim($row, ','); $i = 0; {$i++; switch($i) {case 0:$value1 = $row['email']; break; case 1:$value2 =$row['email']; break; case 2:$value3 =$row['email']; break; }} $to = "$value1, $value2, $value3"; echo nl2br ($message); $headers = 'From: me@me.com' . "\r\n" . 'Reply-To: me@me.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail( "$to", "$subject","$message", "$headers"); echo "<br>" . "Thank you for using our mail form."; ?></body></html> Hi Apologies as this may seem like a trival matter, but im new to coding and just need a bit of help.... I have a form which includes a drop down menu of various departments. Depending on which department is chosen, the form is then sent to different people. This is the html code for the drop down: <select name="department" size="1" id="department"> <option value="" selected>Please select</option> <option value="Health & Safety">Health & Safety</option> <option value="Property">Property</option> </select> So for example the first option mails out to mrjones@email.com mrsmith@email.com and the second would go to mrbloggs@emai.com mr@black@email.com and mrwhite@email.com etc... I have a separate php file which gathers the variables so i was thinking an if statement would need to be put into this page? Out of interest i tried something myself and sort of got a result im after: <select name='department' id='department'> <option value='man1@website.com'>Department 1</option> <option value='man2@website.com'>Department 1</option> </select> Then i used $email_to = $_POST['department']; in the php file. But i would like to be able to send to 2 or 3 people so tried: <select name='department' id='department'> <option value='man1@website.com, man2@website.com '>Department 1</option> </select> This didnt work Any help very much appreciated Thanks Jools goodguybadguy.net they can tell when you enter an email address that hasnt been registered yet. how the hell are they doing this? does gmail or yahoo have some sort of database they allow access to for this? Hi Everyone, Very new to PHP and databases, so please go easy on me! I have a series on web pages each containing a link that says 'apply here'. What I am trying to achieve is when any of these links are clicked on the user is taken to a php form page where they are asked for a series of further information such as name, telephone number etc. When they click submit this information then gets sent off to a speciifc email address. My problem is that depending on which page the user has originally come from (the page where they clicked on the apply here link) needs to determine what email address the form information gets sent to. I thought that the best way to achieve this would be to create a database that contains all of the email addresses (as eventually there will be alot of them) and the form page could call in the relevant email somehow... although I am totally confused on how to go about doing this. Any help would be great! Thankyou. I'm trying to make a script that will search the source code of a given url and strip every email address that pops up. I already have a script that will crawl around, jumping from webpage to webpage... i just need to figure out how to strip the contents... any suggestions? Hey guys Whats the best way to take all the email addresses from a MySQL database of contact information and turn it into an array which i can use in the To: Section of sending an email in php? Thanks. Hi, I got this script which I would like to send a message to all email addresses in the database or send to approved members only. Once I got the first part of this script working I can get the rest to work when sending to approved members. Here is the form which passes the message to the script. Code: [Select] <?php include_once("data/server.php"); $all = 'unchecked'; $approved = 'unchecked'; if (isset($_POST['Submit1'])) { $selected_radio = $_POST['Mailto']; if ($selected_radio == 'all') { $all = 'checked'; } else if ($selected_radio == 'approved') { $approved = 'checked'; } } ?> <div id="pageNav"> <div id="sectionLinks"> <a href="admin.php?cmd=database&username=admin">Database</a> <a href="admin.php?cmd=uploads&username=admin">Uploads</a> <a href="admin.php?cmd=editTemplate&username=admin">Templates </a> <a href="admin.php?cmd=email&username=admin">Email</a> <a href="admin.php?cmd=messaging&username=admin">Messaging</a> <a href="admin.php?cmd=protected&username=admin">Protected Directory</a> <a href="admin.php?cmd=filesanddir&username=admin">Files and Directories</a> <a href="admin.php?cmd=usertracking&username=admin">User Tracking</a> <a href="admin.php?cmd=advanced&username=admin">Advanced</a> <a href="admin.php?cmd=uploads&username=admin">Uploads</a> <a href="admin.php?cmd=subscriptions&username=admin">Subscriptions</a> <a href="admin.php?cmd=applications&username=admin">Applications</a> <a href="admin.php?cmd=searchForms&username=admin">Search Form Builder</a> <a href="admin.php?cmd=categories&username=admin">Categories</a> <a href="admin.php?cmd=phpBB&username=admin">phpBB</a> <a href="admin.php?cmd=mySQL&username=admin">MySQL</a></div> </div> <div id="content"> <div class="page"> <form action=templates/admin/msgtest.php method=POST> <table> <tr> <td>Your Message:</td> <tr><td> </td><td> </td></tr> <tr><td><TEXTAREA NAME="message" COLS=40 ROWS=6></TEXTAREA></td></tr> </table> <table> <tr> <td><input type = 'Radio' Name ='Mailto' value= 'yes' <?PHP print $all; ?> </td> <td>Send Message to all members</td> </tr> <tr> <td><input type = 'Radio' Name ='Mailto' value= 'yes' <?PHP print $approved; ?> </td> <td>Send Message to Approved members only</td> </tr> <tr><td colspan=2><input type=submit name=submit value=Submit></td></tr> </table> </form> </table> </div> </div> </div> And here is the code I have got so far but it doesnt work Code: [Select] <?php include_once("../../data/server.php"); include("../../data/mysql.php"); if (isset($_POST['Submit1'])) { $selected_radio = $_POST['Mailto']; if ($selected_radio == 'all') { $mysqlPassword = (base64_decode($mysqlpword)); $con = mysql_connect("$localhost", "$mysqlusername", "$mysqlPassword") or die(mysql_error()); mysql_select_db("$dbname", $con) or die(mysql_error()); $q2 = "select * from games_newsletter "; $result = mysql_query("SELECT email FROM profiles"); while ($email = mysql_fetch_assoc($result)) { $to = $email; $subject = "Test Message"; $body = "This is a test message"; $headers = "From: payments@tropicsbay.co.uk\r\n" . "X-Mailer: php"; if (mail($to, $subject, $body, $headers)) { // Redirect back to manage page header("Location: admin.php?cmd=messaging"); } else { echo "Approval Message Failed"; } } mysql_close($con); } } ?> As always, any help is much appreciated Paul Code: [Select] <?php $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $email = $_POST['email']; $dropdown = $_POST['dropdown']; $formcontent=" From: $firstname \n Surname: $lastname \n Email: $email \n Dropdown: $dropdown"; $recipient = "martin@sittingspiritually.co.uk, siobhan@sittingspiritually.co.uk"; $subject = "Newsletter Sign Up"; $mailheader = "From: $email \r\n"; mail($recipient, $subject, $formcontent, $mailheader) or die("Error!"); if ( mail($recipient, $subject, $formcontent, $mailheader) ){ header('Location: http://www.sittingspiritually.co.uk/thankyou.php'); } else { die ("error"); } ?> I have recently created a small snippet of php code for posting mail and it's sweet apart from 1 thing. I have two email addresses in the recipient section. It only sends to the last name in the list. Is this because i have written recipient? Should it be recipients? I need this mail to be delivered to both of the email addresses. I'm sure it's simple for someone with expert knowledge. Thanks in advance for any help. I have no idea what im doing wrong but this just isnt working, theres no error messages but im not getting any of the emails. Here is all the code that i had anything to do with editing, i have removed any personal info from it. Code: [Select] <?php $dbhost = 'localhost'; $dbuser = ' '; $dbpass = ' '; $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql'); mysql_select_db(" ", $conn); $result = mysql_query("SELECT ****, ********** FROM **** WHERE name='*****'"); while($row = mysql_fetch_array($result)) { $message = "<p><u><b><font size=\"5\" color=\"#800080\">********************</font></b></u></p> <p><b><font color=\"#800080\" size=\"4\">**************************************************</font></b></p> <p><b><font color=\"#800080\">*********</font></b> <b><font color=\"#333333\">**********</font></b></p> <p><b><font color=\"#800080\">********</font></b> <font color=\"#333333\"><b>***********</b></font></p> <p><font color=\"#800080\"><b>*******</b></font> <font color=\"#333333\"><a href=\"***********************************************</a></font></p> <p> </p>"; } $query=mysql_query('SELECT `email`,`name` FROM `users`'); //grab emails and names from database while($row = mysql_fetch_array($query)) //start a loop to send an email to each individual { //mail function with $row['email'] as the email address //I'm using phpmailer as an example here - - > include_once('phpMailer/class.phpmailer.php'); $mail = new PHPMailer(); // defaults to using php "mail()" $body = $message; //message inside the email $mail->From = "**************"; //email address that the email is being sent from $mail->FromName = "*************"; //more in depth for who the mail is from. $mail->Subject = "***********************************"; //The subject for the message //$mail->AltBody = "To view the message, please use an HTML compatible email viewer!"; // optional, comment out and test $mail->AddAddress($row[email], $row['name']); } mysql_close($conn); ?> Hi there everyone! I'm trying my best to Google my way through this issue, but have run into an issue I can't out-Google. I'm trying to write a script that is receiving an email, breaking it apart into it's various components and then storing into a database. I would like to sto from name from email to name to email subject headers body Here's what I've cobbled together from various tutorials and demo's: $fd = fopen("php://stdin", "r"); $email_content = ""; while (!feof($fd)) { $email_content .= fread($fd, 1024); } fclose($fd); //split the string into array of strings, each of the string represents a single line, received $lines = explode("\n", $email_content); // initialize variable which will assigned later on $from = ""; $subject = ""; $headers = ""; $message = ""; $is_header= true; //loop through each line for ($i=0; $i < count($lines); $i++) { if ($is_header) { // hear information. instead of main message body, all other information are here. $headers .= $lines[$i]."\n"; // Split out the To portion if (preg_match("/^To: (.*)/", $lines[$i], $matches)) { $to = $matches[1]; } $toregexp = '/To:\s*(([^\<]*?) <)?<?(.+?)>?\s*\n/i'; if(preg_match($toregexp, $email_content, $to_dissection)) { $toname = $to_dissection[2]; $toemail = $to_dissection[3]; } // Split out the subject portion if (preg_match("/^Subject: (.*)/", $lines[$i], $matches)) { $subject = $matches[1]; } //Split out the sender information portion if (preg_match("/^From: (.*)/", $lines[$i], $matches)) { $from = $matches[1]; } $fromregexp = '/From:\s*(([^\<]*?) <)?<?(.+?)>?\s*\n/i'; if(preg_match($fromregexp, $email_content, $from_dissection)) { $fromname = $from_dissection[2]; $fromemail = $from_dissection[3]; } } else { // content/main message body information $message .= $lines[$i]."\n"; } if (trim($lines[$i])=="") { // empty line, header section has ended $is_header = false; } } My issues are many. I've got from and to names that don't reflect the true data, the from address will be the original sender and not the most recent sender if it's forwarded and finally, the body is showing up empty. Clearly, I'm not handling this properly. With all the trouble-ticket like systems out there, there has to be a fairly bulletproof method of handling this, doesn't there? I'm thinking I've gone about this totally the wrong way. Any help would be greatly appreciated! Hello, any help would be greatly appreciated. I have two dropdowns with 2 options in each. Customer picks one option from each dropdown and the form gets emailed to addresses from the two selections. The code below gives and error. My form: <form method="POST" action="quote.php" onsubmit="return checkform(this)"> <input type="hidden" name="agent" value="recipient_1,recipient_2"> <input type="hidden" name="office" value="recipient_3,recipient_4"> <select name="agent" id="agent"> <option value="recipient_1">Agent1 </option> <option value="recipient_2">Agent2 </option> </select> <select name="office" id="office"> <option value="recipient_3">Location1 </option> <option value="recipient_4">Location2 </option> </select> <input type="submit" name="submit" value="Submit"> </form> quote.php is below: $recipients = array( 'recipient_1' => 'email_1@yahoo.com', 'recipient_2' => 'email_2@yahoo.com', 'recipient_3' => 'email_3@yahoo.com', 'recipient_4' => 'email_4@yahoo.com', ); $exploded_recipients = explode(",",$_REQUEST['agent']); foreach($exploded_recipients as $value) { $my_email = $recipients[$value]; $success = mail($my_email, $Subject, $Body, "From: <$EmailFrom>"); } Thanks in advance Hello all, I am having a bit of trouble with this contact form. Everything submits fine, errors work and all but the information isn't sent to my inbox. Can anyone point out where the problem is? Thanks in advance! Code: [Select] if(isset($_POST['Email_Address'])) { include 'free_settings.php'; function died($error) { echo "Sorry, but there were error(s) found with the form you submitted. "; echo "These errors appear below.<br /><br />"; echo $error."<br /><br />"; echo "Please go back and fix these errors.<br /><br />"; die(); } if(!isset($_POST['Full_Name']) || !isset($_POST['Email_Address']) || !isset($_POST['Your_Message'])) { died('We are sorry, but there appears to be a problem with the form you submitted.'); } $full_name = $_POST['Full_Name']; // required $email_from = $_POST['Email_Address']; // required $comments = $_POST['Your_Message']; // required $error_message = ""; $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/'; if(preg_match($email_exp,$email_from)==0) { $error_message .= 'The Email Address you entered does not appear to be valid.<br />'; } if(strlen($full_name) < 2) { $error_message .= 'Your Name does not appear to be valid.<br />'; } if(strlen($comments) < 2) { $error_message .= 'The Comments you entered do not appear to be valid.<br />'; } if(strlen($error_message) > 0) { died($error_message); } $email_message = "Form details below.\r\n"; function clean_string($string) { $bad = array("content-type","bcc:","to:","cc:","href"); return str_replace($bad,"",$string); } $email_message .= "Full Name: ".clean_string($full_name)."\r\n"; $email_message .= "Email: ".clean_string($email_from)."\r\n"; $email_message .= "Message: ".clean_string($comments)."\r\n"; $headers = 'From: '.$email_from."\r\n". 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); @mail($email_to, $email_subject, $email_message, $headers); header("Location: $thankyou"); ?> <script>location.replace('<?php echo $thankyou;?>')</script> <?php I could use some advice on how to capture and display my Users' Addresses. On my website, I display the User's... - Username - Photo - Location ...next to each Comment they post. Right now, I just have an *optional* field on my "Registration" form and "Update Details" form which ask for "Location". The problem, of course, is that that data isn't very useful beyond displaying it?! But at the same time, how do I capture Addresses from around the globe?! If all of my Users were in America, I would just do... - City - State - Zip ...but what do I do if someone is from Stuttgart, Germany?! My fear is a multinational Registration Form like this would scare people away... Quote (For Registrants in the U.S...) - City - State - Zip (For Registrants outside the U.S...) - City - State/Province/Region - Postal Code - Country And how would I handle the "Country" field? If I use a dropdown - which is usually recommended - then I'd have to maintain a very long and dynamic list, plus Users would have to scroll down through a list of a few hundred countries which my come across as *obnoxious*?! (I'm just trying to entice people to create a User Account, so I don't want to make it difficult!!) What is the best way to approach this? Thanks, Debbie Hi I have a couple of phpbb forums on my web space. One is randomly throwing people off and it is getting far worse. I have traced down the issue to the IP address. Phpbb stores the IP address and session id and checks that they match. If not it throws the user out. The session ids seem to be there OK, but the IP addresses aren't. When it causes a problem the IP address seems to be returned as "::" (yes, 2 colons). I have used the following routine to try and obtain a relevant IP address and it to returns "::" Code: [Select] function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet { $ip=$_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy { $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip=$_SERVER['REMOTE_ADDR']; } return $ip; } Any ideas? All the best Keith i wanting users to be able to update there email address and check to see if the new email already exists. if the email is the same as current email ignore the check. i have no errors showing up but if I enter a email already in the db it still accepts the new email instead of bringing the back the error message. Code: [Select] // email enterd from form // $email=$_POST['email']; $queryuser=mysql_query("SELECT * FROM members WHERE inv='$ivn' ") or die (mysql_error()); while($info = mysql_fetch_array( $queryuser )) { $check=$info['email']; // gets current email // } if($check!=$email){ // if check not equal to $email check the new email address already exists// $queryuser=mysql_query("SELECT * FROM members WHERE email='$email' "); //$result=mysql_query($sql); $checkuser=mysql_num_rows($queryuser); if($checkuser != 0) { $error= "0"; header('LOCATION:../pages/myprofile.php?id='.$error.''); } } cheers So, to keep this as short as possible, I am almost done making a website that lets visitors send already-made text messages to people. I just paid for hosting for the site, and they told me that I can only send 100 messages in one hour. This is fine as I was already intending on setting limits per ip address. So, I've set up MySQL and everything else works correctly. My only problem is that on the test script I've been working on over the weekend doesn't successfully check to see if an ip address exists in the database. Let me try and better explain what I need to do: I need the visitor's ip address to be logged on to the database the first time that they send a message in a day. (This part works.) But before it logs their ip address, it needs to check to see if it was already logged for the day. If their ip IS there then it will check to see how many messages they've sent today, if it is less than 5 then it will let them send the message and add 1 to the log. Otherwise it won't let them send the message. Tell me if it sounds too complicated. If I have a string like this: Code: [Select] Anne Somebody <anne@email.com>, John Smith <john@hotmail.co.uk>, bob Someoneelse <bob@email.it>is there a simple way of extracting the emails? I can do the explode and trim so I am really asking how to handle the Code: [Select] John Smith <john@hotmail.co.uk> in a reliable way. To be left with john@hotmail.co.uk Thanks, Hello, I'm attempting to write a PHP script to query WMI for an IP address of a host. The reason I'm doing this instead of getbyhostname is because NAT translations on the network can cause inaccurate results. The question is two-fold: 1) My Script is as follows <? $obj = new COM ( 'winmgmts://localhost/root/CIMV2' ); $wmi_network = $obj->ExecQuery("Select * From Win32_NetworkAdapterConfiguration"); foreach ( $wmi_network as $wmi_call ) { $ipaddr = $wmi_call->IPAddress; echo $ipaddr; } ?> I get the following error when running the script: Quote Catchable fatal error: Object of class variant could not be converted to string 2) How do I go about querying a remote host on the network with valid credentials? Thank you |