在使用htmlspecialchars的php mail()函数遇到问题时,每次页面加载时都会发送邮件 [英] Having trouble with php mail() function using htmlspecialchars, mail sends every time page loads
问题描述
<?php echo htmlspecialchars($ _ SERVER [PHP_SELF]) ;?>
作为表单动作,不知道现在是否需要这样做,但这就是为什么我问,不想进行任何注射。表单按照我希望的方式工作并发送邮件,除了在每次加载页面时发送邮件,包装箱中是否有信息或出现错误。
我希望在这里获得一些帮助。
-
正确地在< ;
-
我需要propper isset函数来使这个页面邮件程序工作,只有在POST时提交<按钮>被点击。
下面我将把当前所有的PHP和html表单代码。
先进的谢谢。
<?php
//定义变量并设置为空值
$ nameErr = $ emailErr = $ ethaddressErr = $ txhashErr = $ messagesErr =;
$ name = $ email = $ ethaddress = $ txhash = $ messages =;
if($ _SERVER [REQUEST_METHOD] ==POST){
if(empty($ _ POST [name])){
$ nameErr =名称是必需的;
} else {
$ name = test_input($ _ POST [name]);
//检查名称是否只包含字母和空格
if(!preg_match(/ ^ [a-zA-Z] * $ /,$ name)){
$ nameErr = 只允许使用字母和空格;
if(empty($ _ POST [email])){
$ emailErr =需要有效的电子邮件地址;
} else {
$ email = test_input($ _ POST [email]);
//检查电子邮件地址是否格式正确
if(!filter_var($ email,FILTER_VALIDATE_EMAIL)){
$ emailErr =电子邮件格式无效;
if(empty($ _ POST [ethaddress])){
$ ethaddress =;
} else {
$ ethaddress = test_input($ _ POST [ethaddress]);
if(!preg_match(/ ^(0x)?[0-9a-f] {40} $ / i,$ ethaddress)){
$ ethaddressErr =ETH地址格式无效;
if(empty($ _ POST [txhash])){
$ txhash =;
} else {
$ txhash = test_input($ _ POST [txhash]);
if(!preg_match(/ ^(0x)?[0-9a-f] {64} $ / i,$ txhash)){
$ txhashErr =Ethereum Transaction Hash Format无效 ;
if(empty($ _ POST [messages])){
$ messages =;
} else {
$ messages = test_input($ _ POST [messages]);
}
}
函数test_input($ data){
$ data = trim($ data);
$ data = stripslashes($ data);
$ data = htmlspecialchars($ data);
返回$ data;
}
?>
< form id =my-formmethod =postaction =<?php echo htmlspecialchars($ _ SERVER [PHP_SELF]);?>>
< div class =form-group has-feedback>
< label for =nameclass =control-label sr-only>名称< / label>
< input type =textname =namevalue =<?php echo $ name;?>必需的占位符=请输入您的姓名autofocus class =form-controlid =firstname/>< i aria-hidden =trueclass =form-control-feedback fa fa-user> < / I>< / DIV>
< span class =error><?php echo $ nameErr;?>< / span>
< div class =form-group has-feedback>
< label for =ethaddressclass =control-label sr-only> ETH地址< / label>
< input type =textname =ethaddressvalue =<?php echo $ ethaddress;?> placeholder =ERC20 Compliant ETH Addressclass =form-controlid =lastname/>< i aria-hidden =trueclass =form-control-feedback fa fa-link>< / I>< / DIV>
< span class =error><?php echo $ ethaddressErr;?>< / span>
< div class =form-group has-feedback>
< label for =txhashclass =control-label sr-only> TxHash< / label>
< input type =textname =txhashvalue =<?php echo $ txhash;?> placeholder =购买时的交易哈希,如果适用的话class =form-controlid =phonenumber/>< i aria-hidden =trueclass =form-control-feedback fa fa-hashtag> ;< / I>< / DIV>
< span class =error><?php echo $ txhashErr;?>< / span>
< div class =form-group has-feedback>
< label for =emailclass =control-label sr-only>电子邮件地址< / label>
< input type =textname =emailrequired value =<?php echo $ email;?> placeholder =请输入有效的电子邮件地址class =form-controlid =email/>< i aria-hidden =trueclass =form-control-feedback fa fa-envelope><< ; / I>< / DIV>
< span class =error><?php echo $ emailErr;?>< / span>
< div class =form-group has-feedback>
< label for =messagesclass =control-label sr-only>对团队的其他评论< / label>
< span class =error><?php echo $ messagesErr;?>< / span>
< button class =btn btn-default btn-lgtype =submitname =submitid =form-btn>发送< / button>
< / form>
<?php
$ to =hashguide@biopaycoin.com;
$ subject =BioPayCoin联系表单提交;
$ name = $ _POST [name];
$ messages = $ _POST [messages];
$ email = $ _POST [email];
$ ethaddress = $ _POST [ethaddress];
$ txhash = $ _POST [txhash];
$ message = $ name。 给你发了一条消息。 \r\\\
。 $电子邮件。 \r\\\
。 $ ethaddress。 \r\\\
。 $ txhash。 \r\\\
。 $消息;
$ headers =From:BPC-Contact-form@biopaycoin.com。 \r\\\
。
CC:hash.guide@gmail.com;
邮件($ to,$ subject,$ message,$ headers);
?>
c> mail($ to,$ subject,$ message,$ headers); 在每个页面加载的文件末尾。你应该把这部分放在检查$ _POST是否设置的条件中。
I have searched and tried multiple ways of doing this, but nothing seems to work out as planned. I am trying to set up a contact form and use
<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>
as the form action, not sure if that is needed nowadays, but that's why I am asking, I don't want any injections going on. The form is working the way I want it to and sending the mail, except it is sending the mail every single time the page loads, whether there is information in the box or errors come up. There are two things I would like some help on here.
Properly displaying a thank you message in a < span > element at the bottom of form, a modal popup or a bootstrap alert message.
I need the propper isset function to make this one page mailer work and only on POST when the submit < button > is clicked.
Below I will put all the PHP and html form code I have, currently. Thank you in advanced.
<?php
// define variables and set to empty values
$nameErr = $emailErr = $ethaddressErr = $txhashErr = $messagesErr = "";
$name = $email = $ethaddress = $txhash = $messages = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["email"])) {
$emailErr = "Valid Email is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if (empty($_POST["ethaddress"])) {
$ethaddress = "";
} else {
$ethaddress = test_input($_POST["ethaddress"]);
if (!preg_match("/^(0x)?[0-9a-f]{40}$/i",$ethaddress)) {
$ethaddressErr = "Invalid ETH Address Format";
}
}
if (empty($_POST["txhash"])) {
$txhash = "";
} else {
$txhash = test_input($_POST["txhash"]);
if (!preg_match("/^(0x)?[0-9a-f]{64}$/i",$txhash)) {
$txhashErr = "Invalid Ethereum Transaction Hash Format";
}
}
if (empty($_POST["messages"])) {
$messages = "";
} else {
$messages = test_input($_POST["messages"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form id="my-form" method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<div class="form-group has-feedback">
<label for="name" class="control-label sr-only">Name</label>
<input type="text" name="name" value="<?php echo $name;?>" required placeholder="Please Enter Your Name" autofocus class="form-control" id="firstname" /><i aria-hidden="true" class="form-control-feedback fa fa-user"></i></div>
<span class="error"><?php echo $nameErr;?></span>
<div class="form-group has-feedback">
<label for="ethaddress" class="control-label sr-only">ETH Address</label>
<input type="text" name="ethaddress" value="<?php echo $ethaddress;?>" placeholder="ERC20 Compliant ETH Address" class="form-control" id="lastname" /><i aria-hidden="true" class="form-control-feedback fa fa-link"></i></div>
<span class="error"><?php echo $ethaddressErr;?></span>
<div class="form-group has-feedback">
<label for="txhash" class="control-label sr-only">TxHash</label>
<input type="text" name="txhash" value="<?php echo $txhash;?>" placeholder="Transaction Hash of Purchase, if applicable" class="form-control" id="phonenumber" /><i aria-hidden="true" class="form-control-feedback fa fa-hashtag"></i></div>
<span class="error"><?php echo $txhashErr;?></span>
<div class="form-group has-feedback">
<label for="email" class="control-label sr-only">Email Address</label>
<input type="text" name="email" required value="<?php echo $email;?>" placeholder="Please Enter Valid Email Address" class="form-control" id="email" /><i aria-hidden="true" class="form-control-feedback fa fa-envelope"></i></div>
<span class="error"><?php echo $emailErr;?></span>
<div class="form-group has-feedback">
<label for="messages" class="control-label sr-only">Additional comments for the team</label>
<textarea rows="8" name="messages" placeholder="Additional Comments for the Team" required class="form-control"><?php echo $messages;?></textarea><i aria-hidden="true" class="form-control-feedback fa fa-pencil"></i></div>
<span class="error"><?php echo $messagesErr;?></span>
<button class="btn btn-default btn-lg" type="submit" name="submit" id="form-btn">SEND </button>
</form>
<?php
$to = "hashguide@biopaycoin.com";
$subject = "BioPayCoin Contact Form Submission";
$name = $_POST["name"];
$messages = $_POST["messages"];
$email = $_POST["email"];
$ethaddress = $_POST["ethaddress"];
$txhash = $_POST["txhash"];
$message = $name . " sent you a message" . "\r\n" . $email . "\r\n" . $ethaddress . "\r\n" . $txhash . "\r\n" . $messages;
$headers = "From: BPC-Contact-form@biopaycoin.com" . "\r\n" .
"CC: hash.guide@gmail.com";
mail($to,$subject,$message,$headers);
?>
From what I see you are calling mail($to,$subject,$message,$headers);
in the end of the file in every page load. you should put this part in the condition that check if $_POST is set or not.
这篇关于在使用htmlspecialchars的php mail()函数遇到问题时,每次页面加载时都会发送邮件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!