使用php发送表单数据但不发送

时间:2017-01-10 05:33:36

标签: php html

我不知道我做错了什么。我正在尝试使用PHP来联系我表单。这是代码:

<?php
if($_POST["submit"]) {
    $recipient="qdpicks@gmail.com";
    $subject="Form to email message";
    $Name=$_POST["Name"];
    $Email=$_POST["Email"];
    $Reason=$_POST["Reason"];
    $Message=$_POST["Message"];

    $mailBody="Name: $Name\nEmail: $Email\n\n$Reason $Message";
    mail($recipient, $subject, $mailBody, "From: $Name <$Email>");
    $thankYou="<p>Thank you! Your message has been sent.</p>";
}
?>
<!DOCTYPE html>
<html>
    <head>
        <link rel="stylesheet" type="text/css" href="QDPicks.css">
        <title> QDPicks</title>
    </head>
    <body>
        <header>
            <a class="btn btn-primary btn-lg" href="QDPicks.html" role="button">Home</a>
            <a class="btn btn-sample btn-lg active pull-right" href="QDPicksContactUs.html" role="button">Contact Us</a>
            <a class="btn btn-sample btn-lg pull-right" href="QDPicksCompany.html" role="button">Company</a>
            <a class="btn btn-sample btn-lg pull-right" href="QDPicksProducts.html" role="button">Products</a>
        </header>
        <header><p1>Contact Us</p1></header>
        <form method="post" action="QDPicksContactUs.php >
            <div class="form-group">
                <label for="InputReason1"></label>
                <input type="text" class="form-control" id="InputReason1" name="Name">

                <label for="exampleInputEmail1"></label>
                <input type="email" class="form-control" id="exampleInputEmail1" name="Email">

                <label for="InputReason1"></label>
                <input type="text" class="form-control" id="InputReason1" name="Reason">
            </div>
            <div class="form-group">
                <textarea type="text" class="form-control" rows="3" name="Message">     </textarea>
                <p3 class="help-block">Explain on the reason for contact.</p3>
            </div>
            <div class="checkbox">
            </div>
            <button type="submit" class="btn btn-default">Submit</button>
        </form>
        <script src="https://code.jquery.com/jquery-1.12.0.min.js"></script>
        <script    src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"> </script>
    </body>

    <!-- Latest compiled and minified CSS -->
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">

     <!-- Optional theme -->
     <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">

     <!-- Latest compiled and minified JavaScript -->
     <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>

</html>

当我输入我的信息并点击提交时,数据消失就像它发送了一封电子邮件但没有收到电子邮件。也很抱歉 - 由于某些原因,某些代码被切断了但不是任何关键部分

3 个答案:

答案 0 :(得分:0)

你忘了在 action =“QDPicksContactUs.php

之后加上

用此行替换您的标记

  
<form method="post" action="QDPicksContactUs.php" >

可能是您的代码在此更改后正常运行

答案 1 :(得分:0)

首先,这里缺少双引号

 <form method="post" action="QDPicksContactUs.php >

如果您在同一页面发帖,也无需在操作中提供页面名称。

在标签中添加名称,如:

<button name="submit" type="submit" class="btn btn-default">Submit</button>

最后将if($_POST["submit"])替换为if(isset($_POST["submit"]))

另外,您是否在localhost上运行代码?

答案 2 :(得分:0)

让我们专注于发送电子邮件的代码。请阅读我的评论。

if($_POST["submit"]) {

    // you probably shouldn't post a real email here on SO
    $recipient="qdpicks@gmail.com";
    $subject="Form to email message";

    // you should validate this field if you are sticking it in your mail headers as you do below.
    $Name=$_POST["Name"];

    // you should DEFINITELY validate this before trying to send mail
    $Email=$_POST["Email"];
    $Reason=$_POST["Reason"];
    $Message=$_POST["Message"];

    $mailBody="Name: $Name\nEmail: $Email\n\n$Reason $Message";

    // first, you don't even bother checking to see if this returns TRUE
    // secondly, because you don't validate $Name or $Email, this command is vulnerable to Mail Header Injection
    mail($recipient, $subject, $mailBody, "From: $Name <$Email>");

    $thankYou="<p>Thank you! Your message has been sent.</p>";
}

所以你的表单很糟糕,因为你没有验证任何东西,你没有检查邮件命令实际上是否返回了一个成功的结果,并且它很容易被Mail Header Injection攻击。

首先,验证$ Name:

    $Name=$_POST["Name"];
    if (!preg_match('/^[a-zA-Z_\-]+$/', $Name)) {
        die("sorry! Name is not valid");
    }

其次,验证$ Email 

    $Email = $_POST["Email"];
    if (!filter_var($Email, FILTER_VALIDATE_EMAIL)) {
        die("Sorry, email is not valid");
    }

第三,检查邮件功能的结果。如果它返回FALSE或其他空值,则出现问题 - 尽管我们可能无法在不要求系统管理员查看邮件日志的情况下找到答案。

    if (!mail($recipient, $subject, $mailBody, "From: $Name <$Email>")) {
        die("OH NO. The mail function did not work.");
    }

考虑阅读邮件功能的manual

  

如果邮件成功接受传递,则返回 TRUE ,否则返回 FALSE

     

重要的是要注意,仅仅因为邮件被接受传递,并不意味着邮件实际上将到达预定目的地。

相关问题
最新问题