0

Am trying to send mail by passing the values form my JS page to PHP page in Wordpress, I made until the AJAX section 

jQuery.ajax({
    type: "POST",
    url:"contact.php",
    data: "frm_adrs=" + frm_adrs + "&to_adrs=" + to_adrs + "&sub=" + sub + "&number=" + number  +"&zip=" + zip + "&message=" + message,
    success: function(data) {
        //...
    }

In Php page

if (isset($_GET["frm_adrs"]))
{
    $frm_adrs = $_GET["frm_adrs"];
    $to_adrs = $_GET["to_adrs"];

Now the problem is the AJAX is not able to find the "contact.php" .. I am not developing any plugin, hence instead of ajaxurl I need to add a static url to send an email..

Thanks in advance

Improve this question
3
  • 2
    you have type :'post' in ajax and you are using $_GET[] in php. Commented Jul 6, 2015 at 12:49
  • So should I use $_POST[] in php instead of $_GET[] ?? @Rory McCrossan Commented Jul 7, 2015 at 10:16
  • Yes. See the comprehensive answer posted by @SarahAllen for more details. Commented Jul 7, 2015 at 10:17

2 Answers 2

Reset to default
1

Firstly, you have specified a relative directory to the file "contact.php" in your jQuery code. This means you must be executing the code from a URL stating the same directory as the anticipated location of contact.php. For instance, executing your code on the following URLs would have the respective effect;

/wordpress/index.php  => /wordpress/contact.php
/wordpress/contact    => /wordpress/contact/contact.php

So you need to verify that your contact.php file is located within the same directory as the file generating the request.

As pointed out by Jai in a comment, you are sending data via jQuery AJAX in the POST method, but your php script is anticipating (listening for) the GET method. This will be problematic as your backend script will not interpret the data you are sending to it.

If you are sending the data as a POST request, then you should use $_POST to retrieve it, otherwise if you're sending the data as a GET request, use $_GET to retrieve it. You can use a more ambiguous method of retrieving the data by using $_REQUEST, however this is not usually the best way of doing things.

You may want to use encodeURIComponent for certain fields using non-alphanumeric characters (for instance, your message variable) this will ensure the data is transmitted correctly between your front and back end code.

Furthermore, you might want to check out the OWASP top 10 list as your script is vulnerable to CSRF attacks, and can be used as an email relay. Check it here

Lastly, it is common practice to use some form of CAPTCHA verification on data forms requiring no previous form of bot filtering / user validation. This prevents bots using your script as a relay to send out malicious or spam emails.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Try this.. sub is a keyword not use sub please use sub1

for theame :- url: "echo get_template_directory_uri()"./contact.php,

for Page-template :- url: "echo get_template_directory_uri()"./page-template/contact.php,

$.ajax({
  method: "POST",
  url: "<?php echo get_template_directory_uri() ?>/contact.php",
  data: { 
        frm_adrs : frm_adrs, 
        to_adrs:to_adrs,
        sub1:sub1,
        number:number,
        zip:zip,
        message:message
        }
})
  .done(function( msg ) {
    alert( "Data Saved: " + msg );
  });

In php page

In page-template
require_once("../../../wp-load.php"); 

In Your theames root
require_once("../../wp-load.php"); 

if (isset($_REQUEST["frm_adrs"]))
{
    $frm_adrs = $_REQUEST["frm_adrs"];
    $to_adrs = $_REQUEST["to_adrs"];
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.