Contact form....
in [General]
|
From: Watson Blair on 26 Apr 2010 17:11 ya, i'm working on a walk around now, i just wanted to get the function up and running in it's most basic before i started supping it up, as it were. i was thinking about using a switch and assigning each of my radio buttons a value from 1 to 3... On Mon, Apr 26, 2010 at 4:35 PM, Benjamin Hawkes-Lewis < bhawkeslewis(a)googlemail.com> wrote: > [off-list] > > On Mon, Apr 26, 2010 at 8:16 PM, Watson Blair <bestudios.wb(a)gmail.com> > wrote: > > the file send.php is: > > > > <?php > > > > $subject =$_POST"subject"; > > > > $message=$_POST"message"; > > > > $name=$_POST"name"; > > > > $from=$_POST"from" > > > > $mail_from=$_POST"from"; > > > > $to =$_POST"to"; > > > > $header = "From: {$name} < {$from} >"; > > > > $send_contact=mail($to,$subject,$message, $header); > > > > if($send_contact){ > > echo "Thank you for Contacting Us!"; > > } > > else { > > echo "An error occurred while sending your message, review your > information > > and please try again."; > > } > > ?> > > Please note that code does not sanitize your inputs and would > therefore be vulnerable to email header injection: > > http://www.nyphp.org/PHundamentals/8_Preventing-Email-Header-Injection > > -- > Benjamin Hawkes-Lewis >
From: Brandon Rampersad on 26 Apr 2010 18:32
Ashley thank you for catching that, i caught it but then i saw your reply further down. On Mon, Apr 26, 2010 at 5:11 PM, Watson Blair <bestudios.wb(a)gmail.com>wrote: > ya, i'm working on a walk around now, i just wanted to get the function up > and running in it's most basic before i started supping it up, as it were. > i > was thinking about using a switch and assigning each of my radio buttons a > value from 1 to 3... > > On Mon, Apr 26, 2010 at 4:35 PM, Benjamin Hawkes-Lewis < > bhawkeslewis(a)googlemail.com> wrote: > > > [off-list] > > > > On Mon, Apr 26, 2010 at 8:16 PM, Watson Blair <bestudios.wb(a)gmail.com> > > wrote: > > > the file send.php is: > > > > > > <?php > > > > > > $subject =$_POST"subject"; > > > > > > $message=$_POST"message"; > > > > > > $name=$_POST"name"; > > > > > > $from=$_POST"from" > > > > > > $mail_from=$_POST"from"; > > > > > > $to =$_POST"to"; > > > > > > $header = "From: {$name} < {$from} >"; > > > > > > $send_contact=mail($to,$subject,$message, $header); > > > > > > if($send_contact){ > > > echo "Thank you for Contacting Us!"; > > > } > > > else { > > > echo "An error occurred while sending your message, review your > > information > > > and please try again."; > > > } > > > ?> > > > > Please note that code does not sanitize your inputs and would > > therefore be vulnerable to email header injection: > > > > http://www.nyphp.org/PHundamentals/8_Preventing-Email-Header-Injection > > > > -- > > Benjamin Hawkes-Lewis > > > -- A Brandon_R Production |