form not submitting inofrmation

**form not submitting inofrmation -** 05-14-2007, 03:53 AM

I have a form on my website, that used to work, but I just realized
that now it doesn't. You don't get any errors, but I am not receiving
an email with the information after the submittal.

The form is located at http://www.inspired-evolution.com/Contact.php

and the PHP is:

PHP Code:

  <?php
include("emailval.php");
$site_name = "Inspired-Evolution.com";
$site_owner_email = "EMAIL REMOVED";
$your_domain = "www.inspired-evolution.com";
$current_url = $_SERVER['REQUEST_URI'];

$submit = $_REQUEST['submit'];

if(isset($submit)){

$name = $_REQUEST['name'];
$flizzum_flazzum = $_REQUEST['flizzum_flazzum'];
$subject = $_REQUEST['subject'];
$msg = $_REQUEST['msg'];

if(strlen($name) < 2){
$name_warn = "true";
}
if (MailVal($flizzum_flazzum, 2)){
$email_warn = "true";
}
if(strlen($msg) < 2){
$msg_warn = "true";
}

if (preg_match("/$your_domain/i", "$flizzum_flazzum")) {
$bogus_warn = "true";
}

if((!isset($name_warn))&&
(!isset($email_warn))&&
(!isset($bogus_warn))&&
(!isset($msg_warn))){

// headers for the email listed below
$headers .= "From: $name <$flizzum_flazzum>\n";  // your email client
will show the person's email address like normal
$headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; // sets
the mime type
$recipient = "EMAIL REMOVED";

$subject = "Contact From $site_name - $subject"; // this is the
subject of the email

$msg = wordwrap( $msg, 1024 );



mail($recipient, $subject, stripslashes($msg), $headers); // the
mail() function sends the message to you

// if everything is OK, print a thanks message
print("<h3 cl***='thanks> Hola $name, Thanks for getting in touch!</h3>
<p>We have received your e-mail and will respond at
<em>$flizzum_flazzum</em></p></div>");

exit;
}
}
?>

emailval.php is

PHP Code:

  <?php
// hardcore e-mail validation
function MailVal($Addr, $Level, $Timeout = 15000) {

//  Valid Top-Level Domains
$gTLDs = "com:net:org:edu:gov:mil:int:arpa:";
$CCs   = "ad:ae:af:ag:ai:al:am:an:ao:aq:ar:as:at:au:aw:az:ba:bb:bd:be:bf:".
"bg:bh:bi:bj:bm:bn:bo:br:bs:bt:bv:bw:by:bz:ca:cc:cf:cd:cg:ch:ci:".
"ck:cl:cm:cn:co:cr:cs:cu:cv:cx:cy:cz:de:dj:dk:dm:do:dz:ec:ee:eg:".
"eh:er:es:et:fi:fj:fk:fm:fo:fr:fx:ga:gb:gd:ge:gf:gh:gi:gl:gm:gn:".
"gp:gq:gr:gs:gt:gu:gw:gy:hk:hm:hn:hr:ht:hu:id:ie:il:in:io:iq:ir:".
"is:it:jm:jo:jp:ke:kg:kh:ki:km:kn:kp:kr:kw:ky:kz:la:lb:lc:li:lk:".
"lr:ls:lt:lu:lv:ly:ma:mc:md:mg:mh:mk:ml:mm:mn:mo:mp:mq:mr:ms:mt:".
"mu:mv:mw:mx:my:mz:na:nc:ne:nf:ng:ni:nl:no:np:nr:nt:nu:nz:om:pa:".
"pe:pf:pg:ph:pk:pl:pm:pn:pr:pt:pw:py:qa:re:ro:ru:rw:sa:sb:sc:sd:".
"se:sg:sh:si:sj:sk:sl:sm:sn:so:sr:st:su:sv:sy:sz:tc:td:tf:tg:th:".
"tj:tk:tm:tn:to:tp:tr:tt:tv:tw:tz:ua:ug:uk:um:us:uy:uz:va:vc:ve:".
"vg:vi:vn:vu:wf:ws:ye:yt:yu:za:zm:zr:zw:";

//  The countries can have their own 'TLDs', e.g. mydomain.com.au
$cTLDs = "com:net:org:edu:gov:mil:co:ne:or:ed:go:mi:";

$fail = 0;

//  Shift the address to lowercase to simplify checking
$Addr = strtolower($Addr);

//  Split the Address into user and domain parts
$UD = explode("@", $Addr);
if (sizeof($UD) != 2 || !$UD[0]) $fail = 1;

//  Split the domain part into its Levels
$Levels = explode(".", $UD[1]); $sLevels = sizeof($Levels);
if ($sLevels < 2) $fail = 1;

//  Get the TLD, strip off trailing ] } ) > and check the length
$tld = $Levels[$sLevels-1];
$tld = ereg_replace("[>)}]$|]$", "", $tld);
if (strlen($tld) < 2 || strlen($tld) > 3 && $tld != "arpa") $fail = 1;

$Level--;

//  If the string after the last dot isn't in the generic TLDs or
country codes, it's invalid.
if ($Level && !$fail) {
$Level--;
if (!ereg($tld.":", $gTLDs) && !ereg($tld.":", $CCs)) $fail = 2;
}

//  If it's a country code, check for a country TLD; add on the domain name.
if ($Level && !$fail) {
$cd = $sLevels - 2; $domain = $Levels[$cd].".".$tld;
if (ereg($Levels[$cd].":", $cTLDs)) { $cd--; $domain =
$Levels[$cd].".".$domain; }
}

//  See if there's an MX record for the domain
if ($Level && !$fail) {
$Level--;
if (!getmxrr($domain, $mxhosts, $weight)) $fail = 3;
}

//  Attempt to connect to port 25 on an MX host
if ($Level && !$fail) {
$Level--;
while (!$sh && list($nul, $mxhost) = each($mxhosts))
$sh = fsockopen($mxhost, 25);
if (!$sh) $fail = 4;
}

//  See if anyone answers
if ($Level && !$fail) {
$Level--;
set_socket_blocking($sh, false);
$out = ""; $t = 0;
while ($t++ < $Timeout && !$out)
$out = fgets($sh, 256);
if (!ereg("^220", $out)) $fail = 5;
}

if ($sh) fclose($sh);

return $fail;
} // End E-Mail Validation Function

?>

anyone see what might be causing the problem?

--
::Bruce::

**Re: [PHP] form not submitting inofrmation -** 05-14-2007, 03:54 AM

On Fri, March 16, 2007 1:05 pm, Bruce Gilbert wrote:
> I have a form on my website, that used to work, but I just realized
> that now it doesn't. You don't get any errors, but I am not receiving
> an email with the information after the submittal.
>
> The form is located at http://www.inspired-evolution.com/Contact.php
>
> and the PHP is:
>
> [php]
> <?php
> include("emailval.php");
> $site_name = "Inspired-Evolution.com";
> $site_owner_email = "EMAIL REMOVED";
> $your_domain = "www.inspired-evolution.com";
> $current_url = $_SERVER['REQUEST_URI'];
>
> $submit = $_REQUEST['submit'];
>
> if(isset($submit)){
>
> $name = $_REQUEST['name'];
> $flizzum_flazzum = $_REQUEST['flizzum_flazzum'];
> $subject = $_REQUEST['subject'];
> $msg = $_REQUEST['msg'];
>
> if(strlen($name) < 2){
> $name_warn = "true";
> }
> if (MailVal($flizzum_flazzum, 2)){
> $email_warn = "true";
> }
> if(strlen($msg) < 2){
> $msg_warn = "true";
> }
>
> if (preg_match("/$your_domain/i", "$flizzum_flazzum")) {
> $bogus_warn = "true";
> }
>
> if((!isset($name_warn))&&
> (!isset($email_warn))&&
> (!isset($bogus_warn))&&
> (!isset($msg_warn))){
>
> // headers for the email listed below
> $headers .= "From: $name <$flizzum_flazzum>\n"; // your email client
> will show the person's email address like normal
> $headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; // sets
> the mime type
> $recipient = "EMAIL REMOVED";
>
> $subject = "Contact From $site_name - $subject"; // this is the
> subject of the email
>
> $msg = wordwrap( $msg, 1024 );

Word-wrap for email at 1024 columns?

Ugh.

> mail($recipient, $subject, stripslashes($msg), $headers); // the
> mail() function sends the message to you

First off, mail() returns a value true/false to indicate whether its
attempt to inject the email into the sending queue succeeded.

It does NOT tell you if the email actually went out, but it at least
tells you if it has any chance at all of going out "soon".

Check the return value, and if it's FALSE, don't lie to the user and
say that the email was sent, when you know from the get-go that it
wasn't :-)

Also, you REALLY are wide open to spammer email header injection
attack here...

If I POST data where $_POST['name'] consists of the data between the
ASCII lines:

-----------------------------------------------------
"PHP Spammer" <EMAIL REMOVED>
Cc: EMAIL REMOVED, EMAIL REMOVED, EMAIL REMOVED
-----------------------------------------------------

Then I have just used YOUR form mail to send out my spam to you, and 3
victimes.

Multiply that Cc: line by, oh, 1000 Cc: lines, and you see a problem, eh?

A quick simple check that nobody's name, email, or subject has a
newline in it will foil this. Do it.

After that, there are several things that could go wrong.

To diagnose them, try some or all of the following:

1. send email from the command line, and see if that works.

2. su to the User PHP runs as (User in httpd.conf for PHP Apache
Module) and repeat test 1

3. Check if sendmail is even running and/or processing the mail queues.
3a. ps auxwwww | grep sendmail
3b. ls /var/spool/
Then ls /var/spool/XXX where XXX looks like any of:
mail, sendmail, mqueue, clientmqueue, etc

If you find a big honking list of all the email that never went out,
then you probably don't have sendmail running.

WARNING:
A quick way at that point to bring your server to its knees is to fire
up sendmail... It will then attempt to process all that backlog of
email. If you just don't care about the old emails, blow them away
before firing up sendmail. If you NEED those emails to go out, no
matter how late, then consider figuring out how to throttle sendmail
before you fire it up.

--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?