IT 280 Web Development II, Spring 2008
Sending form information by email
PHP operator: String Concatenation
- Like other programming languages, PHP has an operator to concatenate strings (literals, variables, and expressions) into a single string.
- The PHP symbol is the dot. (JavaScript uses the plus.) For example, in
<?php $fiddle = "Hello.";
echo "The word is " . $fiddle;
//concatenate string literal and variable
?>
the echoed text will be
The word is Hello.
Sending mail
- Sending form information by email is a frequent and useful web application.
- PHP provides a built-in function for sending mail.
- The server must support this usage.
- We do have the ability to use it on wyrd.
The mail() function
- The function is named
mail(). - It requires several arguments.
- All of the arguments are strings.
- The first three are:
- the recipient
- the subject
- the body of the message>/li>
- The fourth is used to provide additional header information.
- Each additional header is of the form
header_identifier: value - You can use From, Cc, and Bcc. There must be a colon (:) between the identifier and the value.
- If you include more than one, they must be separated by \r\n, the CRLF combination.
- We will use it in an example to provide a "From" and a "Cc".
- Each additional header is of the form
Example
<?php
mail(
"echang@wyrd.hood.edu", //recipient
"Testing PHP mail function", //subject
"This is just a test.
Its purpose is to see if the mail gets through. \n" //message
. $_SERVER["HTTP_REFERER"]. "\n"
. $_SERVER["REMOTE_ADDR"]. "\n"
,
"From: chang@hood.edu\r\nCc: echang@cs.hood.edu");
//two additional headers combined in single string
?>
The example is mail_1.php. PLEASE do not click on it repeatedly.
PHP operator: Variable interpolation
- In PHP, if you use a simple variable inside a double-quoted string, it will be interpolated - the value will be inserted in its place.
- This does not hold for single-quoted strings.
EWxample
<?php $fiddle = "Hello.";
echo "The word is $fiddle"; //double quotes
echo 'The variable is $fiddle'; //single quotes
?>
The echos will output will be
The word is Hello
The variable is $fiddle
Another Example
The example is process_mail_form.php
The program takes the From address and the message from a form.
Security Warning
Carelessly written email applications can be used to send spam.
In particular, if the recipient is taken from the form rather than determined in the program code, a malicious user can save and modify the form to insert their own list of recipients. That user could also call the program directly and repeatedly via a script thousands of times.
Allowing some flexibility
But what if you want the user to be able to choose which of several recipients should receive the message?
The solution is to send a code
<h1>Simple mail application</h1>
<?php
$who = $_POST["who"];
if ($who == "1") {
$recipient = "president@mycompany.com";
}
else if ($who == "2") {
$recipient = "trashbin@mycompany.com";
}
else if ($who == "3") {
$recipient = "mailboy@mycompany.com";
}
else {
$recipient = " Improper code";
}
if ($recipient != "bad code") {
// go ahead and process the message
//actual processing code would be inserted here
}
else {
echo "Choose one of the listed recipients";
}
echo "<p>Selected:", $recipient,"</p>";
?>
<hr />
<form method="post"
action="coded_recipient.php">
Send to: <select name="who">
<option value="1">Company president</option>
<option value="2">Complaint department</option>
<option value="3">Mail room</option>
</select>
<br />
My email: <input name="email"
type="text" /><br />
Message:<br />
<textarea name="message"
rows="15"
cols="60">
</textarea><br />
<input type="submit" />
</form>
The example uses a very simple (i.e. primitive) method of associating codes with addresses. More sophisticated programming would handle them in many different ways, storing the values in various data structures or a database.
The example is coded_recipient.php.
Hood College Department of Computer Science: Course materials © 1997-2006 by Elizabeth Chang.