Thread: How to include PHP code into static page
View Single Post
  #4  
Old 10-13-2008, 12:15 PM
 
exsecror exsecror is offline
 

X-Wizard
   
Join Date: Apr 2007
Posts: 1,284
 
Default Re: How to include PHP code into static page
As Jon has already stated, you actually need to have the static page send a POST request to the PHP file to send the e-mail. Also as already stated that code is horrifically insecure, always, sanitize user input because it cannot be trusted. This is better:

Note: This assumes you are using PHP5 and have the filter extension available. Also note that this code has not been tested.

Code:
<?php
$date = date('r');
$mailer = 'PHP ' . phpversion() . ' - ' . $_SERVER['SCRIPT_NAME'];

$headers = <<< EOT
From: info@email.com
Subject: Your subject
Date: $date
X-Mailer: $mailer
EOT;

$recipient = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);
$town = filter_input(INPUT_POST, 'town', FILTER_SANITIZE_STRING);
$province = filter_input(INPUT_POST, 'province', FILTER_SANITIZE_STRING);

$message = <<< EOT
Name: $name
Town: $town
Province: $province
EOT;

if ($recipient !== false || $name !== false || $town !== false || $province !== false) {
    mail($recipient, $subject, $message, $headers);
}
else {
    trigger_error('Fatal Error: Input data failed sanitizing!', E_USER_ERROR);
}
Reply With Quote