Hi just a quick question, I have an email validation/SMTP auth script that I call via an includes file when the email is submitted.

Problem is once the email has been submitted and parsed, email sent etc., the page reloads the page up the include(myfile.php); then everything seems to get cut off.

Does anyone know why this is?

I know I can give it a quick fix by plonking the HTML into the include file, but I am then stuck if I want to use the script elsewhere on my site.

    No way to tell without seeing what you are doing. You probably tell it somewhere to stop in an if/else statement

      below is my script

      <?php
//Declare mail function
$to = "some@email.com";
$nameto = "Webmaster";
$from = $_REQUEST['email'];
$namefrom = $_REQUEST['name'];
$subject = $_REQUEST['subject'] . " " . "Query From Web site";
$message = $_REQUEST['body'];
authSendEmail($from, $namefrom, $to, $nameto, $subject, $message);
//End Function Declaration

//Filter out non standard email address'
if (!filter_var($from, FILTER_VALIDATE_EMAIL)){
		echo "E-Mail is not valid";
		}

//If string_to_test contains any of the string stored in the array then drop out and return an error message to the user
contains_bad_str($email);
contains_bad_str($subject);
contains_bad_str($message);

function contains_bad_str($str_to_test) {
	$bad_strings = array(
        "content-type:",
		"mime-version:",
		"multipart/mixed",
		"Content-Transfer-Encoding:",
		"bcc:",
		"cc:",
		"to:"
	);

foreach($bad_strings as $bad_string) {
	if(eregi($bad_string, strtolower($str_to_test))) {
		$str1 = "<p>$bad_string found. Suspected injection attempt - mail not being sent.</p>";
		echo htmlspecialchars($str1, ENT_QUOTES);
		exit;
	}
}
}

//If strings_to_test contains new lines dropout and return an error message to the user
contains_newlines($email);
contains_newlines($subject);

function contains_newlines($str_to_test) {
	if(preg_match("/(%0A|%0D|\\n+|\\r+)/i", $str_to_test) != 0) {
		$str2 = "<p>newline found in $str_to_test. Suspected injection attempt - mail not being sent.</p>";
		echo htmlspecialchars($str2, ENT_QUOTES);
		exit;
	}
} 

//If incorect access to the request method is detected drop out and return error message to the user
if($_SERVER['REQUEST_METHOD'] != "POST"){
   $str3 = "<p>Unauthorized attempt to access page.</p>";
   echo htmlspecialchars($str3, ENT_QUOTES);
   exit;
}


//If all is well in the above proceed to send the email

//Authenticate Send
//This will send an email using auth smtp and output a log array
//logArray - connection,
function authSendEmail($from, $namefrom, $to, $nameto, $subject, $message)
{
//SMTP  Server Details
/* * * * CONFIGURATION START * * * */
$smtpServer = "smtp.server.com";
$port = "25";
$timeout = "30";
$username = "someuser";
$password = "somepass";
$localhost = "localhost";
$newLine = "\r\n";
/* * * * CONFIGURATION END * * * * */

//Connect to the host on the specified port
$smtpConnect = fsockopen($smtpServer, $port, $errno, $errstr, $timeout);
$smtpResponse = fgets($smtpConnect, 515);
if(empty($smtpConnect)){
	$output = "Failed to connect: $smtpResponse";
	return $output;
	}
	else{
		$logArray['connection'] = "Connected: $smtpResponse";
		}
		//Request Auth Login
		fputs($smtpConnect,"AUTH LOGIN" . $newLine);
		$smtpResponse = fgets($smtpConnect, 515);
		$logArray['authrequest'] = "$smtpResponse";

	//Send Username
	fputs($smtpConnect, base64_encode($username) . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['authusername'] = "$smtpResponse";

	//Send Password
	fputs($smtpConnect, base64_encode($password) . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['authpassword'] = "$smtpResponse";

	//Say Hello to SMTP
	fputs($smtpConnect, "HELO $localhost" . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['heloresponse'] = "$smtpResponse";

	//Email From
	fputs($smtpConnect, "MAIL FROM: $from" . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['mailfromresponse'] = "$smtpResponse";

	//Email To
	fputs($smtpConnect, "RCPT TO: $to" . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['mailtoresponse'] = "$smtpResponse";

	//The Email
	fputs($smtpConnect, "DATA" . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['data1response'] = "$smtpResponse";

	//Construct Headers
	$headers = "MIME-Version: 1.0" . $newLine;
	$headers .= "Content-type: text/html; charset=iso-8859-1" . $newLine;
	$headers .= "To: $nameto <$to>" . $newLine;
	$headers .= "From: $namefrom <$from>" . $newLine;

	fputs($smtpConnect, "To: $to\nFrom: $from\nSubject: $subject\n$headers\n\n$message\n.\n");
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['data2response'] = "$smtpResponse";

	// Say Bye to SMTP
	fputs($smtpConnect,"QUIT" . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['quitresponse'] = "$smtpResponse";
}
?>

      The email is sent fine apart from new lines aren't inserted into the body of the message, but I think that is for another topic. this is included on my contact.php page vis an include($_SERVER['DOCUMENT_ROOT'] . "/path/to/file/sendmail.php");

      could this be sorted by using an ob_start(); ob ob_end_flush();?

        Where are you reloading?
        This page is not generating any output, so it makes sense that you do not see any?

          you have a lot of inconsistent logic going on there in the way you're handling errors. sometimes you are exiting the script, which will not let anything continue to process, and in the email part you're returning in the function.

          it would probably help if you posted the piece of the contact script where you are handling the POST data and including that file.

          for a quick fix, you may just want to add a header re-direct at the bottom of your email handling function. this way it will just send the user to any page. keep in mind that it's a header redirect though so nothing can be printed to the browser above this code:

          <?php
header('location: contact.php');
?>

            I have modified my code, not tested it yet as I do not have FTP access at the moment.

            Was wondering if this was a better attempt at the code, I am still a relative newbie to programming and am not sure if nesting my statements like this will work.

            <?php
//Declare mail function
$to = "webmaster@enemydesign.co.uk";
$nameto = "Webmaster";
$from = $_REQUEST['email'];
$namefrom = $_REQUEST['name'];
$subject = $_REQUEST['subject'] . " " . "Query From Web site";
$message = $_REQUEST['body'];
authSendEmail($from, $namefrom, $to, $nameto, $subject, $message);
//End Function Declaration

//Store contents for string spam check
contains_bad_str($email);
contains_bad_str($subject);
contains_bad_str($message);

//Store contents for new line in spam check
contains_newlines($email);
contains_newlines($subject);

//Filter out non standard email address'
if (!filter_var($from, FILTER_VALIDATE_EMAIL)){
		echo "E-Mail is not valid";
		}elseif{
			//If string_to_test contains any of the string stored in the array then drop out and return an error message to the user
			function contains_bad_str($str_to_test) {
				$bad_strings = array(
			        "content-type:",
					"mime-version:",
					"multipart/mixed",
					"Content-Transfer-Encoding:",
					"bcc:",
					"cc:",
					"to:"
					);

			foreach($bad_strings as $bad_string) {
				if(eregi($bad_string, strtolower($str_to_test))) {
					echo "$bad_string found. Suspected injection attempt - mail not being sent.";
					exit;
				}
			}
		}
	}elseif{
			//If strings_to_test contains new lines dropout and return an error message to the user
			function contains_newlines($str_to_test) {
				if(preg_match("/(%0A|%0D|\\n+|\\r+)/i", $str_to_test) != 0) {
					echo "<p>newline found in $str_to_test. Suspected injection attempt - mail not being sent.</p>";
					exit;
				}
			} 
	 //If incorect access to the request method is detected drop out and return error message to the user
	}elseif($_SERVER['REQUEST_METHOD'] != "POST"){
		echo = "<p>Unauthorized attempt to access page.</p>";
		exit;
	}


//If all is well in the above proceed to send the email

//Authenticate Send
//This will send an email using auth smtp and output a log array
//logArray - connection,
function authSendEmail($from, $namefrom, $to, $nameto, $subject, $message)
{
//SMTP  Server Details
/* * * * CONFIGURATION START * * * */
$smtpServer = "smtp.dsl.pipex.com";
$port = "25";
$timeout = "30";
$username = "mizo09@dsl.pipex.com";
$password = "aaronson";
$localhost = "localhost";
$newLine = "\r\n";
/* * * * CONFIGURATION END * * * * */

//Connect to the host on the specified port
$smtpConnect = fsockopen($smtpServer, $port, $errno, $errstr, $timeout);
$smtpResponse = fgets($smtpConnect, 515);
if(empty($smtpConnect)){
	$output = "Failed to connect: $smtpResponse";
	echo $output;
	}
	else{
		$logArray['connection'] = "Connected: $smtpResponse";
		}
		//Request Auth Login
		fputs($smtpConnect,"AUTH LOGIN" . $newLine);
		$smtpResponse = fgets($smtpConnect, 515);
		$logArray['authrequest'] = "$smtpResponse";

	//Send Username
	fputs($smtpConnect, base64_encode($username) . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['authusername'] = "$smtpResponse";

	//Send Password
	fputs($smtpConnect, base64_encode($password) . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['authpassword'] = "$smtpResponse";

	//Say Hello to SMTP
	fputs($smtpConnect, "HELO $localhost" . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['heloresponse'] = "$smtpResponse";

	//Email From
	fputs($smtpConnect, "MAIL FROM: $from" . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['mailfromresponse'] = "$smtpResponse";

	//Email To
	fputs($smtpConnect, "RCPT TO: $to" . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['mailtoresponse'] = "$smtpResponse";

	//The Email
	fputs($smtpConnect, "DATA" . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['data1response'] = "$smtpResponse";

	//Construct Headers
	$headers = "MIME-Version: 1.0" . $newLine;
	$headers .= "Content-type: text/html; charset=iso-8859-1" . $newLine;
	$headers .= "To: $nameto <$to>" . $newLine;
	$headers .= "From: $namefrom <$from>" . $newLine;

	fputs($smtpConnect, "To: $to\nFrom: $from\nSubject: $subject\n$headers\n\n$message\n.\n");
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['data2response'] = "$smtpResponse";

	// Say Bye to SMTP
	fputs($smtpConnect,"QUIT" . $newLine);
	$smtpResponse = fgets($smtpConnect, 515);
	$logArray['quitresponse'] = "$smtpResponse";
}
?>

            The HTML form looks like this;

            <div class="content">
					<form action='/contact/mail.php' method='post'>
					<table border='0'>
						<tr>
							<td>Name:</td><td><input type='text' name='name' size='50' maxlength='50' /></td>
						</tr><tr>
							<td>Email:</td><td><input type='text' name='email' size='50' maxlength='50' /></td>
						</tr><tr>
							<td>Subject:</td><td><input type='text' name='subject' size='50' maxlength='50' /></td>
						</tr><tr>
							<td>Message:</td><td><textarea name='body' rows='10' cols='50'></textarea></td>
						</tr><tr>
							<td>&nbsp;</td><td><input type='submit' value='Submit' />&nbsp;&nbsp;&nbsp;&nbsp;<input type='reset' value='Reset' /></td>
						</tr>
					</table>
				</form>
				<?php include ($_SERVER['DOCUMENT_ROOT'] . "/includes/sendmail.php");?>
				</div>
			</div>

		<!-- primary content end -->

	</div>

	<?php include($_SERVER['DOCUMENT_ROOT'] . "/includes/sidebar.inc.php");?>

	</div>

	<?php include($_SERVER['DOCUMENT_ROOT'] . "/includes/footer.inc.php");?>

            When the page has reloaded it stops right after <?php include ($_SERVER['DOCUMENT_ROOT'] . "/includes/sendmail.php");?>.

              I am still not sure what you mean with reloaded.

              If you do send the mail, and then reload the page this:
              elseif($_SERVER['REQUEST_METHOD'] != "POST"){
              echo = "<p>Unauthorized attempt to access page.</p>";
              exit;

              will stop the page from loading any further, because you are not actually posting any data.. I am however confused as to how you get the page to load in the first place, with that section in there..

                When I click submit it posts the mail to its self therefore reloading the page

                  ah, right; But that is not exactly reloading after sending the email:

                  Problem is once the email has been submitted and parsed, email sent etc., the page reloads the page up the include(myfile.php); then everything seems to get cut off.

                  From what I can see in your code there is no reason to not load without errors displayed. Does your script generate any of the error messages defined? If not What errors does PhP give you? You do have error reporting to E_ALL right?

                    No errors reported, Error reporting is on as it is my testing server.

                    the actual page setup was like this.

                    Main email page
                    posts to
                    |
                    Secondary email page
                    which includes
                    mail script

                    although I have worked out a better way of doing it now

                    What I have done now is have a javascript send the data off to the php mail script, wich returns false to stop the page from reloading, then the mail script (which I have modified to return a message upon successful completion also), sends its message back to the javascript which is then loaded in to the page in to a div with an id=error. Which I have positioned underneath the form and used css to colour it accordingly.

                      Write a Reply...