Basic Mailform

Josh-Josh- Royal Oak, MI
edited December 2003 in Internet & Media
Basic Mailform
-- Josh

[php]
<?php
if ($do != "sendmail") {
?>
<form name="sendmail" action="$PHP_SELF" method="post">
<font face="Verdana,Arial" size="2">
<input type="hidden" name="do" value="sendmail">
E-Mail: <input type="text" name="email" size="60">
Subject: <input type="text" name="subject" size="60">
Comments:<textarea name="comments" rows="10" cols="30"></textarea>
<input type="submit" value="submit">
</font>
</form>
<?php
} elseif ($do == "sendmail") {
mail("your@email.com",$subject,$email,$comments) or die("Error: the message could not be sent");
} // endif
?>
[/php]

Comments

  • KwitkoKwitko Sheriff of Banning (Retired) By the thing near the stuff Icrontian
    edited November 2003
    Small typo:
    action="$_SERVER"
  • ShortyShorty Manchester, UK Icrontian
    edited November 2003
    Added to Mr K's comment..

    $PHP_SELF will work if you have register_globals = on in your php.ini.. but having globals on is BAD for security.

    Use them off and use Mr K's suggestion instead :)
  • Josh-Josh- Royal Oak, MI
    edited November 2003
    Yeah, I seem to have problems with globals -.- always call for em to be enabled on all my scripts lol
  • KwitkoKwitko Sheriff of Banning (Retired) By the thing near the stuff Icrontian
    edited November 2003
    It's best to write scripts with the mindset that globals are off. PHP now comes with globals off out of the box, so most people who use PHP will code as such. Keep up the good work, Josh, just remember those globals! ;)
  • Josh-Josh- Royal Oak, MI
    edited November 2003
    Stupid globals.
    -.-
  • a2jfreaka2jfreak Houston, TX Member
    edited December 2003
    I could be mistaken, but I do believe that you can include a file that has your global variables set to the $_SERVER[] counter-part.

    eg: fake_globals.pm
    $PHP_SELF = $_SERVER;
    and so on and so forth.

    I'm not advocating this be done because I think it encourages poor programming practices and takes extra time to include the file when the script is called, but if you just can't break yourself from using global names, you can at least break yourself from using the global namespace which will increase security.
  • Park_7677Park_7677 Missouri Member
    edited December 2003
    Yes, using globals is bad programming practice... but if you're hell-bent on using $PHP_SELF without setting it by yourself, there is a way to restore the globals, without restoring the globals ;) This goes along with what a2jfreak was going for...


    [PHP]$tmp_str = ""; // Set a temp string

    foreach ($_SERVER as $key => $value) {

    $tmp_str .= $key ."=". $value ."&"; // Add the values to the string, formatted.

    }

    trim($tmp_str,"&"); // Trim the extra "&" off the end.

    parse_str($tmp_str); // Parse the temp string into variables

    unset($tmp_str, $key, $value); // Clean it up[/PHP]

    Now everything inside $_SERVER is outside. The global feeling without the security risk and painfully log code :D. I, myself, hate the globals theory, and have set them myself from day 1. I don't use the above code either, as now you have 29 variables for the use of a couple. Bad programming practice too, I might add.

    Enjoy anyway ;)
  • Josh-Josh- Royal Oak, MI
    edited December 2003
    What security does globals fix anyways..?
  • ShortyShorty Manchester, UK Icrontian
    edited December 2003
    http://www.phpbuilder.com/manual/security.registerglobals.php

    Will give you all your answers :)
Sign In or Register to comment.