PHP Email Script (Non technical, More General)


#1

Hello everyone,

I’m trying to get my “go-to-move” PHP email script to work, but am having issues. I call it my “go-to"move” because I’ve used this exact script countless times before, including on my three other DreamHost domains.

Whenever I try to send an email using the script, it returns an error saying “Please fill in ALL fields.” Since there isn’t anything wrong with the PHP code itself, I’m wondering… Is there some setting I need to tinker with in the panel? Maybe a simple setting that won’t allow email to be sent out using PHP scripts?

Here is the example that I’ve used on countless other sites and it’s worked fine… Give it a try to see the error. FYI, the subject input is just an empty/dummy/filler input, doesn’t connect with PHP or anything, but that isn’t the problem, it’s like that on all my other sites as well.

http://hope4ms.org/emailtest/

I’ve uploaded the source code of the php into TXT files and will link to them below.

http://hope4ms.org/emailtest_source/

Any ideas? Any help will be greatly appreciated.

Thanks,
Brad


#2

I’m going to take a stab at this one – register_globals?

Your other DH sites on PHP4? This one on PHP5? register_globals and register_long_arrays is disabled in PHP5. You would be getting this error if it’s trying to check variables that don’t exist anymore.

And from your discription, this is an old script. Old scripts are prone to being badly written.
(PHP Authers have been told since '99 NOT to use register_globals, but they STILL DID! Now it’s biting them in the arse!)


yerba# rm -rf /etc
yerba#


#3

Oh, just noticed that you put the source, up. And guess what, that’s what it is; register_globals:

To fix it: Ever occurance of $visitor, $visitormail and $notes needs to be changed to $_POST[‘visitor’], $_POST[‘visitoremail’] and so forth. This goes for ALL variables you’re passing from your form. Same format.

Also, you might want to do some verification of values, too. Your script is HIGHLY subseptiable to being used as a spam bot. It’s easy to fix: remove any \n’s from email and subject:
$from = str_replace("\n", ‘’ $from);
$subject = str_replace("\n", ‘’ $subject);

You can get into more advanced filtering with preg_replace, but the above there will be sufficent to protect your script.


yerba# rm -rf /etc
yerba#


#4

Thank you so much! Really appreciate the time you took to help me. Works like a charm now.