I'm not great with PHP so my brother set me up with a simple email reply form which can be filled out and it sends the content to my email address. My brother tested it on his own web server (completely seperate from CLEO network) and it works fine, I happily received the replies in my inbox.
As soon as I put the page on our CLEO webspace, you can fill it in and it happily tells you that the reply has been sent, but I'm not getting the replies in my inbox.
Running the PHPinfo thing from our webspace shows that 'sendmail' is enabled on the web server. I'm just wondering if they block it somewhere else. I have emailed our cleo contact about this but just thought I would ask on here to.
The server probably isn't configured to send mail anywhere sensible. ie, it'll just bin stuff.
Most RBCs will not allow traffic out unless it is routed via their mail relay for filtering. This is one of the things set out by the DfES and BECTA for accrediation. Some RBCs give schools the option to opt out of the filters (or in the case of EMBC they give schools access to turn filtering to the lowest level and say 'on your own head be it'.)
Ok, I'll wait and see what CLEO says on the matter. But they must have a solution for a simple web reply form.
Conversly, the system may be listed in a spam blacklist. Thus spam filtering at the recievers end is discarding it.
I set up a simple form the other week in PHP and its working fine.
Chris,
does it use sendmail then?
Its just using the PHP function so whatever the server is set to use:
Code:<?php { $Address = "sendto@thisemail.com"; $Subject = "the subject"; $Name = $_REQUEST['name']; $Content = $_REQUEST['content']; $Redirect = "../index.php?page=emailthankyou"; $message = "Name: $Name\r\nComments: $Content\r\n "; mail ($Address, $Subject, $message); header("Location: $Redirect"); exit; } ?>
Mmmmm
Well, something is blocking it. Here is my code:
Code:<?php if ($_POST['formsent'] == "1") { if ((($_POST['name'] != "" && ($_POST['email'] != "" && ($_POST['story'] != ""))))) { mail("mwood@nctc.cumbria.sch.uk","Story from website","".$_POST['story']."\n\nFrom:".$_POST['name']."\n\nE-Mail address: ".$_POST['email']."\n\nYear of leaving: ".$_POST['year']."","From: ".$_POST['email'].""); ?> Thank you. Your story has been sent. Click <a href=/>here</a> to return to the homepage... <?php } else { ?> You have not entered the required details. Please ensure that your name, e-mail address and the story fields are complete. <?php } } else { ?>
You need to be very careful using simple mailing scripts like this. I got stung when some spammer started using mine to send spam.
Even though the To field was hard coded, others were able to set the CC and BCC field somehow.
I started getting vast quantities of undeliverable mail. That was a couple of months ago and I still get it now dating back to when it started.
I stopped it by a) checking the refering URL was correct (as there was only one page that linked to the form page)
and b) stripping out dissallow strings from the email fieldCode:if ($HTTP_REFERER!="http://mydomain.com/order.php") {echo "There was an error processing your request. It looks like you arrived at this page from somewhere other than the approved order page."; exit;}
Code:$disallowed_email = array(':',';',"'",'"','=','(',')','{','}','bcc:','cc:','to:'); foreach($disallowed_email as $value) { if(stristr($_POST[Email],$value)){header("location: $_SERVER[HTTP_REFERER]");exit;} }
Also prevent the form being used with GET (only allow POST)
Code:if ($_SERVER['REQUEST_METHOD'] != "POST"){exit;}
Thanks I will add those.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote