CODEWITHSUNDEEP
phpemail
Rickyrock
Rickyrock

Reputation: 328

Mail sending in php

I have to file to send mail.

First one is html file.

mailhtml.php

<form action="mailsend.php" method="post">
  <label for="name">Name:</label>
  <input type="text" name="name" id="name" />

  <label for="Email">Email:</label>
  <input type="text" name="email" id="email" />

  <label for="Message">Message:</label><br />
  <textarea name="message" rows="20" cols="20" id="message"></textarea>

  <input type="submit" name="submit" value="Submit" />
</form>

Second is mailsend.php

<?php
       try{
       $name = trim(strip_tags($_POST['name']));
       $email = trim(strip_tags($_POST['email']));
       $message = htmlentities($_POST['message']);

       // set here
       $subject = "Contact form submitted!";
       $to = '[email protected]';

       $body = <<<HTML
$message
HTML;

       $headers = "From: $email\r\n";
       $headers .= "Content-type: text/html\r\n";

       // send the email
       if(mail($to, $subject, $body, $headers))
       {
            echo "success";
       }
       else
       {
        echo "Not Success";
       }
       }
       catch (Exception $e) {
    echo 'Caught exception: ',  $e->getMessage(), "\n";
}
?>

Mail send successfully but my html data is not render in mail. It is look like same as i insert in textbox. See image.Thats i received in mail. enter image description here

Upvotes: 0

Views: 177

Answers (3)

Lepidosteus
Lepidosteus

Reputation: 12027

Please first note that this form allows a potential attacker to use your site to spam other people. You do not sanitize the $_POST values properly, you only strip tags from them, so it is possible to add custom headers.

For exemple, if I were to post to your form with

  $_POST['email'] = "[email protected]\r\nCC: [email protected], [email protected], [email protected], ...

I would be able to mass-spam a list of users using your server.

Please make sure to strip any new lines (\n) and carriage return (\r) from the values you receive before using them in a mail header.

As for your actual encoding issue, you are using htmlentities($_POST['message'], so the message you are sending has all it's html tags converted to text entities (eg < becomes &lt;)

Upvotes: 2

ahwm
ahwm

Reputation: 692

As Nick said, be sure to add the DOCTYPE and other tags, but also your htmlentities($_POST['message']) is converting your < and > to &lt; and &gt;

As per htmlentities in the PHP documentation.

Upvotes: 0

Nick
Nick

Reputation: 3156

Sounds like the message isn't properly formatted. Make sure you include a doctype and tags

<!DOCTYPE HTML>
<html>
your message here
</html>

Upvotes: 1

Related Questions