2

I was updating few non PHP related pages for the client which send form input over to PHP. However without making any changes to the code client reported to not getting the e-mails. Instead he said it only sends emails to one of the emails instead of all 3. Can some one pin point whats wrong with the code?

$email_to = "[email protected], [email protected], [email protected]"; 

    $email_subject = "VIP Access"."  [".date("Y-m-d @ h:m:s A")."]";

    $first_name   = $_POST["objFirstName"];
    $last_name = $_POST["objLastName"];
    $phone     = $_POST["objPhone"];
    $email_from = $_POST["objEmail"];

    $full_name = $first_name." ".$last_name;

    $message = "";

      function clean_string($string) {
        $bad = array("content-type", "bcc:", "to:", "cc:", "href");
        return str_replace($bad, "", $string);
      }


    $message .= "<html><body>\n";
    $message .= "<table rules='all' border='1' style='border-color:#000;' cellpadding='10' width='100%'>\n";
    $message .= "<tr style='background: #eee;'><td width='20%'><strong>Full Name:</strong> </td><td width='70%'>".clean_string($full_name)."</td></tr>\n";
    $message .= "<tr style='background: #eee;'><td width='20%'><strong>Email:</strong> </td><td width='70%'>".clean_string($email_from)."</td></tr>\n";
    $message .= "<tr style='background: #eee;'><td width='20%'><strong>Phone:</strong> </td><td width='70%'><a href='tel:".clean_string($phone)."'>".clean_string($phone)."</a></td></tr>\n";
    $message .= "</table>\n";
    $message .= "<img src='http://example.com/images/logo-trans.png' width='120' height='130' alt='Estate Brothers' style='text-align:center;'/>\n";
    $message .= "</body></html>\n";

    // create email headers
    $headers = "From: ".$email_from." via example.com\r\n"."Reply-To: ".$email_from."\r\n"."X-Mailer: PHP/".phpversion()."via example.com";
    $headers .= 'To: Example <[email protected]>, User <[email protected]>, User two <[email protected]>' . "\r\n";
    $headers .= 'MIME-Version: 1.0'."\r\n";
    $headers .= 'Content-type: text/html; charset=iso-8859-1'."\r\n";

    $mail_feed =  mail($email_to, $email_subject, $message, $headers);
Improve this question
13
  • 1
    @Prix That won't make a difference. Both will still be strings. Commented Mar 23, 2014 at 13:58
  • Editing a small error which might interfere with the headers. Commented Mar 23, 2014 at 14:00
  • What should your clean_string do? Why do you remove those strings? Commented Mar 23, 2014 at 14:00
  • @Prix use of " or ' wont make any difference. But thanks. Commented Mar 23, 2014 at 14:02
  • 1
    Is it a possibility to implement a different method of mailing? Like swiftmailer? I can provide a small snippet to easily use it. Commented Mar 23, 2014 at 14:09

2 Answers 2

Reset to default
1

Acquite swiftmailer here -> http://swiftmailer.org/ 

require_once 'swiftmailer/lib/swift_required.php';

function new_mail($subject, $content)
{
    // Create the message
    $message = Swift_Message::newInstance();

    // Give the message a subject
    $message->setSubject($subject);

    // Set the From address with an associative array
    $message->setFrom(array('[email protected]' => 'Sender')));

    // Set the To addresses with an associative array
    $message->setTo(array('[email protected]' => 'Example'));

    // Give it a body
    $message->setBody($content);

    $transport = Swift_MailTransport::newInstance();
    $mailer = Swift_Mailer::newInstance($transport);
    $result = $mailer->send($message);

}

new_mail('Subject', $messagecontentgoeshere);

If you want you can replace the TO and FROM parts with variables as well. So you can reuse the whole function everywhere on the site.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

It's not a real answer but an alternative so I don't know if it's appropriate to mark it as one. But glad I could help.
It is alternative, but its a good alternative answer since everyone knows mail() has issues.
Haven't used swiftmailer before but seems pretty interesting. +1 for sharing.
0

Try these things:

  1. Remove all spaces in the email_to variable (I know the RFC states spaces are allowed but some people ran into issues and removing the spaces fixes it for them):

    $email_to = '[email protected],[email protected],[email protected]';

  2. Insure you escape all your $_POST variable to avoid injections.

  3. You can do the TO using the headers as opposed to using mail to (notice concatenation fix like the other answers spoke about):

    $email_to = "[email protected]";
....
$headers = "From: ".$email_from." via example.com\r\n"."Reply-To: ".$email_from."\r\n"."X-Mailer: PHP/".phpversion()."via example.com\r\n";
$headers  .= 'To: [email protected], [email protected]'."\r\n";
$headers  .= 'MIME-Version: 1.0'."\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1'."\r\n";

  4. Another solution would be to send the email multiple times (insure you have the other fixes in for the headers including the missing \r\n for x-mailer):

    $email_to = array('[email protected]', '[email protected]', '[email protected]');
....
$mail_feed = true;
foreach ($email_to as $email) {
    $mail_feed =  $mail_feed && mail($email, $email_subject, $message, $headers);
}
Improve this answer

4 Comments

There is no DB end to this, it sends form data directly to the e-mail.
Yes, and injections are also a problems with emails not just DB: en.wikipedia.org/wiki/Email_injection.
Huh interesting. Thanks for pointing that out personally was not aware of that. I knew about SQL. But not plain mail.
@MemeCat a book I once read said. All foreign user input is tainted, unless it has been cleansed by programming. I always heed this sentence when working with input and output.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.