• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

Need help editing a PHP script.

P

Proxy

Pumpkin Ghost
Joined
Apr 24, 2005
Messages
4,308
Hey guys, on one of my sites, when I test the "Send Message" link there is an error that pops up at the very top of the screen:

Warning: mail() [function.mail]: "sendmail_from" not set in php.ini or custom "From:" header missing in C:\inetpub\ClientSites\Build-It by Roy Site\send_simpleform.php on line 13

The page itself is resolving, I am just not sure what to do about this message. If anyone can help out that would be awesome! I have never really messed with PHP before so I am new to this.
 
Ok here are the first 13 lines, the last line being the one that I think is having problems:

<?
if (($_POST[message] == " ")){
header("Location: contactus.html");
exit;
}

$msg = "EMAIL SENT FROM SITE\n";
$msg .= "Sender's Inquiry: $_POST[message]\n";

$to = "blah@gmail.com";
$subject = "Web Site Inquiry";

mail($to, $subject, $msg);

I just opened it up in notepad.
 
$msg .= "Sender's Inquiry: $_POST[message]\n";


You have a period before that equal sign. Does that make a difference?

Edit:

Whether that is an issue or not, you need to set a FROM address. Either set it in the php.ini file, or include it in the additional parameters part of the mail() function.
http://us3.php.net/manual/en/function.mail.php
 
tgabe213 said:
$msg .= "Sender's Inquiry: $_POST[message]\n";


You have a period before that equal sign. Does that make a difference?

Edit:

Whether that is an issue or not, you need to set a FROM address. Either set it in the php.ini file, or include it in the additional parameters part of the mail() function.
http://us3.php.net/manual/en/function.mail.php
Click to expand...

Ok so then it would look something like this?

<?
if (($_POST[message] == " ")){
header("Location: contactus.html");
exit;
}

$msg = "EMAIL SENT FROM SITE\n";
$msg = "Sender's Inquiry: $_POST[message]\n";

$headers = 'From: reachtheapex.com' . "\r\n" .
$to = "blah@gmail.com";
$subject = "Web Site Inquiry";

mail($headers, $to, $subject, $msg);
 
PHP isn't my fortay, but it appears that it was a From address. youremail@whatever.com

Here's a snippet from my php.ini file. This is unmodified from original install. Lines 706-720

Code: 
[mail function]
; For Win32 only.
SMTP = localhost
smtp_port = 25

; For Win32 only.
[B];sendmail_from = me@example.com[/B]

; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
;sendmail_path =

; Force the addition of the specified parameters to be passed as extra parameters
; to the sendmail binary. These parameters will always replace the value of
; the 5th parameter to mail(), even in safe mode.
;mail.force_extra_parameters =

You could probably just remove the comment on that line in your ini file, that way you don't need to declare anything in your code.
 
your missing the from address value in your function, when sendmail tries to send the message there is not from value.
signature_distory.jpg
 
Hey guys it works! Thanks for all the help. This was the final solution:

<?
if (($_POST[message] == " ")){
header("Location: contactus.html");
exit;
}

$msg = "EMAIL SENT FROM SITE\n";
$msg .= "Sender's Inquiry: $_POST[message]\n";

$to = "blah@gmail.com";
$subject = "Web Site Inquiry";
$headers = 'From: reachtheapex.com' . "\r\n" .;

mail($to, $subject, $msg, $headers);
 
Last edited:
btw, using the .= was correct for
$msg .= "Sender's Inquiry: $_POST[message]\n";

dot in php is the string concatenation operator so .= is the same as
$msg = $msg . "....";

removing the . ignores the first part
$msg = "EMAIL SENT FROM SITE\n";

you should notice that line is not part of the email without the dot.
 
tim_m said:
btw, using the .= was correct for
$msg .= "Sender's Inquiry: $_POST[message]\n";

dot in php is the string concatenation operator so .= is the same as
$msg = $msg . "....";

removing the . ignores the first part
$msg = "EMAIL SENT FROM SITE\n";

you should notice that line is not part of the email without the dot.
Click to expand...


I added the dot backin. Just for got to make note of it here in the fixed code.
 
The "." in PHP is to add to the variable. So:
Code: 
$msg = "XXX";
$msg = $msg . "YYY";
echo ($msg);
Will return "XXXYYY", just as:
Code: 
$msg = "XXX";
$msg .= "YYY";

To the original topic: Your error is that you need to define the SMTP fields on a Windows host. PHP does not use Sendmail on Windows, it has it's own buil-in function. You need to define:
Code: 
[mail function]
; For Win32 only.
SMTP = (your SMTP relay/smarthost)
smtp_port = 25

; For Win32 only.
;sendmail_from = me@example.com (optional and can be overriden by the script.

More info:
http://www.w3schools.com/PHP/php_ref_mail.asp
 
I see you have found a solution and gotten it working, but I will point out that the mail() function in PHP isn't authenticated with your server, and there's a lot of potential security holes there. In most cases, web servers are configured so that the mail() function uses the "nobody" account to send mail, meaning it's untraceable and a huge security risk.

I'd highly recommend you use a mail class such as PHP Mailer that authenticates with an SMTP email account on your server to send mail, you then disable the global availability of mail() on your server. This method has a lot less security vulnerabilities than the method you've implemented as it disables mail() and ensures that all email sent from your server is authenticated.

It's relatively easy for someone to take advantage of your method and use your server as part of a spamming network.
 
webdes03 said:
I see you have found a solution and gotten it working, but I will point out that the mail() function in PHP isn't authenticated with your server, and there's a lot of potential security holes there. In most cases, web servers are configured so that the mail() function uses the "nobody" account to send mail, meaning it's untraceable and a huge security risk.

I'd highly recommend you use a mail class such as PHP Mailer that authenticates with an SMTP email account on your server to send mail, you then disable the global availability of mail() on your server. This method has a lot less security vulnerabilities than the method you've implemented as it disables mail() and ensures that all email sent from your server is authenticated.

It's relatively easy for someone to take advantage of your method and use your server as part of a spamming network.
Click to expand...

I launch IIS 6.0 interface (Because this is the only one where SMTP shows in 2008), I configured the relay for 127.0.0.1 so that it only auths, and sends mail that is generated internally.
 
You must log in or register to reply here.
Back
Top