We help IT Professionals succeed at work.

email form via php

aej1973
aej1973 asked
on
Hello:

I am building a form that is being hosted by a web hosting provider. This form has about 10 different fields that needs to be captured on a mysql database. I have been able to submit this form and capture the data on the database. Now I also need the data to be sent to a few email addresses at the same time. How do I do this? Thank you for the help.

A
Comment
Watch Question

CERTIFIED EXPERT

Commented:
the easiest wat is to use phpmailer its a Nice class  that takes care of mailing.

http://phpmailer.worxware.com/

It depends on the what existing platform you are using (i.e Joomla).

For the best mailer I would use the pear extension:

http://pear.php.net/package/Mail

Most hosting providers have this installed already.

If you are using the Zend Framework, or Symphany, than this is already built into the framework.
CERTIFIED EXPERT
Commented:
You have enough built-in functionality to do this with straight PHP.  Just populate $body with your query data and do the following, which will iterate through your array of recipients, and send each one the data in the body.  You can customize the subject line, and your real name, etc. as you wish.
$recipients=array("foo@bar.com", "bar@baz.com", "baz@foo.com");
for($i=0; $i<sizeof($recipients); $i++) {
    $rpath="myreturn@address.com"; $bcc="Bcc: $bcc";
    mail("$rpath","$subject",$body,"From: Firstname Lastname <$rpath>\r\n$bcc","-f$rpath");
}

Open in new window

Author

Commented:
Actually I have not used any framework, I have build these PHP pages from Scratch. I am attaching the form for your reference. Thank you.

<?php
//This should have been called from tech_add_schedule.php
//This file is used to save the tech schedule.
include "connect.php" ;

$tempdate = $_POST['f_date_c'];
$tempsdate = $_POST['date2'];
$tempcsr = $_POST['AGENTID'];
$tempid = $_POST['ANID'];
$tempname = $_POST['FNID'];
$templname = $_POST['LNID'];
$tempaddress = $_POST['ADDID'];
$tempcity = $_POST['CITYID'];
$tempstate = $_POST['STATEID'];
$tempzip = $_POST['ZIPID'];
$temptype = $_POST['TYPEID'];
$tempcomments = $_POST['COMMID'];
//$tempname = $_POST['FNID'];



//insert values into tech_schedule
$sql = "INSERT INTO work_order (order_date,schedule_date, agent, account_num, first_name, last_name, address, city, state, zip,type, wo_notes) " .
 "VALUES ('$tempdate', '$tempsdate','$tempcsr','$tempid','$tempname','$templname','$tempaddress','$tempcity', '$tempstate', '$tempzip','$temptype', '$tempcomments' )";
		      $result = mysql_query($sql) 
      or die(mysql_error());
header("location: test_done.html");
?>

Open in new window

CERTIFIED EXPERT

Commented:
Cool, just after $recipients= line, put:




$body="Below is the SQL INSERT that was executed:\n\n$sql\n";

Open in new window

asej1973: what out for sql injection.
Marco GasiFreelancer
CERTIFIED EXPERT
Top Expert 2010
Commented:
ziggyfish is right: use always mysql_real_escape_string (http://it2.php.net/mysql_real_escape_string) this way:

$tempdate = mysql_real_escape_string($_POST['f_date_c']);
$tempsdate = mysql_real_escape_string($_POST['date2']);
$tempcsr = mysql_real_escape_string($_POST['AGENTID']);
...

In addition, check if posted data are those expected: use is_int, is_string and other built-in check functions to ensure that posted data are correct before to insert them in database. You can check for length/size also, if you know what max length/size you can expect the data is.

Cheers

Author

Commented:
Thank you.

Explore More ContentExplore courses, solutions, and other research materials related to this topic.