使用PHP文件的HTML联系人/邮件表单的奇怪结果-Java 学习之路

我在使用电子邮件正确发送邮件表单中的数据时遇到问题 . 它对电子邮件消息有些奇怪 .

原始表格信息：

Enter Name: Fake Name
Enter Email Address: fake.name@doesnotexist.com
Enter Message: Email test number 4(four).

Submit
_____________________________________________

我收到的电子邮件：

From: <fake.name@doesnotexist.com>
Subject: <New Form submission>
Reply to: <warnerheston@sungraffix.net>
To: Me <web289portfolio@sungraffix.net>
_____________________________________________

You have received a new message from the user Fake Name.
Here is the message:
Email test number 4(four).web289portfolio@sungraffix.net
_____________________________________________

消息正文中的电子邮件是“（四）.web289portfolio @ sungraffix.net”并加下划线/超链接... STRANGE !!

在所有的消息体中都不支持任何电子邮件地址 . 用户在消息结束时没有输入电子邮件地址 . 一些情况下，PHP代码正在将目的地电子邮件地址发送到消息体中，并将用户消息的最后“字”附加到用户发送消息时的电子邮件地址 .

有人能告诉我我做错了什么吗？

<?php
if(!isset($_POST['submit']))
{
    //This page should not be accessed directly. Need to submit the form.
    echo "error; you need to submit the form!";
}
$name = $_POST['name'];
$visitor_email = $_POST['email'];
$message = $_POST['message'];



//Validate first
if(empty($name)||empty($visitor_email)||empty($message)) 
{
    header('Location: contact-form-incomplete.html');
    exit;
}

if(IsInjected($visitor_email))
{
    echo "Bad email value!";
    exit;
}

$email_from = $_POST['email']; //<== update the email address
$email_subject = "New Form submission";
$email_body = "You have received a new message from the user $name.\n".
    "Here is the message:\n $message".

$to = "web289portfolio@sungraffix.net";//<== update the email address
$headers = "From: $email_from \r\n";
$headers .= "Reply-To: $visitor_email \r\n";
//Send the email!
mail($to,$email_subject,$email_body,$headers);
//done. redirect to thank-you page.
header('Location: contact-thankyou.html');


// Function to validate against any email injection attempts
function IsInjected($str)
{
  $injections = array('(\n+)',
              '(\r+)',
              '(\t+)',
              '(%0A+)',
              '(%0D+)',
              '(%08+)',
              '(%09+)'
              );
  $inject = join('|', $injections);
  $inject = "/$inject/i";
  if(preg_match($inject,$str))
    {
    return true;
  }
  else
    {
    return false;
  }
}

?>

这是HTML表单：

<form method="post" name="myemailform" action="form-to-email.php">
        <p>
            <label for='name'><span class='form'>Enter Name:</span></label><br>
            <input type="text" name="name" size="36">
        </p>
        <p>
            <label for='email'><span class='form'>Enter Email Address:</span></label><br>
            <input type="email" name="email" size="36">
        </p>
        <p>
            <label for='message'><span class='form'>Enter Message:</span></label> <br>
            <textarea name="message" cols='48' rows='9' maxlength='300'></textarea>
        </p>
    <input type="submit" name='submit' value="submit">&nbsp;&nbsp;&nbsp;<input type="reset">
</form>

1 回答

0

仔细查看 $email_body 上的代码，实际上将 $email_body 与 $to 连接起来 . $email_body 末尾的串联 . 应为 ; .

回复于 2024-05-15T19:23:01+08:00

使用PHP文件的HTML联系人/邮件表单的奇怪结果

1 回答

相关问题