$sql = "insert into book (uid,interest,tid,lid)values('$id','$interest','$tid','$lid') ";
$result = $conn->query($sql);
if($result)
{
echo"<script type='text/javascript'>
alert('added');
</script>";
$message = "Your have interest in ".$interest."";
$to=$email;
$subject="Booked for ".$title."";
$from = 'vkcvkc8@gmail.com';
$body="Booked for ".$title."located in".$location.".You will be charged with".$cost.
".Contact:".$contact."";
$headers = "From:".$from;
mail($to,$subject,$body,$headers);
}
else
{
echo"<script type='text/javascript'>
alert('error');
</script>";
}
不发送电子邮件 不发送电子邮件不发送电子邮件不发送电子邮件不发送电子邮件不发送电子邮件不发送电子邮件?????
答案 0 :(得分:-1)
你必须使用smtp设置才能发送邮件,因为大多数托管服务提供商现在已经关闭了php邮件功能由于安全原因,这是一个正确的smtp邮件功能的脚本,不要使用像PHP这样的第三方工具邮件程序只是要求您的托管服务提供商激活梨包中的邮件功能
<?php
require_once "Mail.php";
$from = "Web Master <webmaster@example.com>";
$to = "Nobody <nobody@example.com>";
$subject = "Test email using PHP SMTP\r\n\r\n";
$body = "This is a test email message";
$host = "SMTPhostname";
$username = "webmaster@example.com";
$password = "yourPassword";
$headers = array ('From' => $from, 'To' => $to, 'Subject' => $subject);
$smtp = Mail::factory('smtp', array ('host' => $host, 'auth' => true, 'username' => $username, 'password' => $password)); $mail = $smtp->send($to, $headers, $body);
if (PEAR::isError($mail)) {
echo("<p>" . $mail->getMessage() . "</p>"); }
else
{ echo("<p>Message successfully sent!</p>");
}
?>
答案 1 :(得分:-1)
如上所述 - 您的代码存在SQL注入的风险,因此使用prepared statement如下所示是明智的。
try{
$sql='insert into book ( uid, interest, tid, lid ) values (?,?,?,?)';
$stmt=$conn->prepare( $sql );
if( $stmt ){
/*
assuming parameters are
-----------------------
uid=integer
interest=string
tid=integer
lid=integer
*/
$stmt->bind_param('isii', $id, $interest, $tid, $lid );
$result=$stmt->execute();
if( $result && $stmt->affected_rows==1 ){
$message = "You have interest in {$interest}";
$to=$email;
$from='vkcvkc8@gmail.com';
$subject="Booked for {$title}";
$body="{$message}\n\nBooked for {$title} located in {$location}.\n\nYou will be charged with {$cost}\n\nContact:{$contact}";
$headers=array();
$headers[]="MIME-Version: 1.0";
$headers[]="Content-type: text/plain; charset:utf-8";
$headers[]="To: {$to}";
$headers[]="From: {$from}";
$headers[]="Reply-To: {$from}";
$headers[]="X-Mailer: PHP/".phpversion();
$status = mail( $to, $subject, $body, implode( "\r\n", $headers ) );
throw new Exception( $status ? 'success - mail sent' : 'fail - mail not sent' );
} else {
throw new Exception('Failed to insert data');
}
} else {
throw new Exception('Unable to prepare sql query');
}
}catch( Exception $e ){
exit( "<script>alert('{$e->getMessage()}');</script>" );
}