My dice roller stopped working for some reason.

beanman1

http://www.nybn.org/diceform.php

The results do not display nor do any of the emails get sent. Here's the code that's supposed to roll the dice and send the emails. Any help would be appreciated.

<?php // Functions ------------------------------------------
function rollDice($dice) {	$faceArray = array();
					for ($i=0; $i<$dice; $i++ )	{
											$face = rand(1, 10);
											 		$faceArray[$i] = $face;	}
															return $faceArray;	};
function is_valid_email($email) {  

return preg_match('#^[a-z0-9.!\#$%&\'*+-/=?^_`{|}~]+@([0-9.]+|([^\s]+\.+[a-z]{2,6}))$#si', $email);}
function contains_bad_str($str_to_test) {  

$bad_strings = array(	"content-type:",	"mime-version:",	"multipart/mixed",	"Content-Transfer-Encoding:",	"bcc:",	"cc:",	"to:"  );
  foreach($bad_strings as $bad_string) {    if(eregi($bad_string, strtolower($str_to_test))) {      

  echo "$bad_string found. Suspected injection attempt - mail not being sent.";      exit;    }  }}
  function contains_newlines($str_to_test) {
     if(preg_match("/(%0A|%0D|\\n+|\\r+)/i", $str_to_test) != 0) {     

  echo "newline found in $str_to_test. Suspected injection attempt - mail not being sent.";     exit;   }}

		// Code -------------------------------------------	
		$name = $_POST['requiredname'];

		$dice = $_POST['requireddice'];

		$description = $_POST['requireddescription'];
		$email = $_POST['requiredemail'];
if (!is_valid_email($email)) 
{  echo 'Invalid email submitted - mail not being sent.';
  exit;}
  contains_bad_str($email);contains_bad_str($description);contains_newlines($email);contains_newlines($description);

  $faces = rollDice($dice);
  for ( $i=0; $i < (count($faces)-1); $i++){
  	$results = $results . $faces[$i] . ", ";
	}
	$results = $results . $faces[$i] . ", ";

echo ($results);

function redirect($url)
{
   header('Location: http://www.nybn.org/diceform.php ' . $url, true);
   die();
}


// email results //


$to = 'dicerolls@nybn.org'.',';
$to .= $email;$subject = "Dice roll for $name";
$message = "$name rolled a $results for $description";
$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: NYbN Dice Roller <dicerolls@nybn.org>' . "\r\n";

mail ($to, $subject, $message, $headers);
?>

NogDog

First step in my mind would be to locate the php error log on your host and see if anything "interesting" is being output there. Otherwise start putting debug statements into the code to localize where it's going astray.

Weedpacket

As NogDog says: doing some debugging first might go a long way.
(Incidentally, [man]eregi[/man] was deprecated in PHP 5.3.0 and removed in 7.0.0.)

dalecosp

beanman1;11064371 wrote:
http://www.nybn.org/diceform.php

The results do not display nor do any of the emails get sent.

I can believe the results don't display; how do you know the email doesn't get sent? Email delivery is never guaranteed. Where would bounces go?

BTW: works fine here on PHP v5.6.25; but my remove server tags the mail as very spammy. (I think I rolled a straight!!!) 😃

NogDog;11064373 wrote:
First step in my mind would be to locate the php error log on your host and see if anything "interesting" is being output there. Otherwise start putting debug statements into the code to localize where it's going astray.

Hear here! I wonder if [man]error_log/man would be helpful?

Weedpacket;11064375 wrote:
As NogDog says: doing some debugging first might go a long way.
(Incidentally, [man]eregi[/man] was deprecated in PHP 5.3.0 and removed in 7.0.0.)

So, the PHP version is critical.

You might think about the following:

An "echo" statement may or may not present output to the browser, depending on the server configuration and other stuff on the page (in other words, I see nothing but straight print statements without HTML ... check the "view source" in your browser and see if one of your messages appears there.
You can probably replace some of your functions (like is_valid_email()) with filter_input()/filter_var().
A more standard practice would be to have your functions return truthy/falsy and let the program itself halt execution if one fails. I'm not sure that's a game-stopper here, just more of any FYI if you'd never considered it.
What's the redirect function for? It never gets called.

Weedpacket

Another question to ask: if it used to work and now it doesn't work, what has changed in the meantime?