#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2013
    Posts
    1
    Rep Power
    0

    Help manda_mail.php


    I need help with this file does not work me

    PHP Code:
    $to = $_GET["Email"] . "@" . $_GET["Dominio"];
        $from = $_GET["From"] . "@" . $_GET["Dominio"];
        $correo = $_GET["Email"];
        //Datos para procesar el correo
        $respuesta = $_GET["Confirmacion"];
        $from =  $_GET["Correo"];
        $replyto = $_GET["ReplyTo"];
        $subject = $_GET["Subject"];

        
        //Servidor de correo del cliente. Siempre va mail.dominio por ejemplo: mail.syop.com.mx
        //$server = "smtpout.secureserver.net";
        $server = "mail.".$_GET["Dominio"]."";

        //Variables que recibe de estilo
        $nombre_empresa= $_GET["Empresa"];
        
        $font = $_GET["font"];
        $color_titulo = $_GET["c_tit"];
        $background_titulo = $_GET["b_tit"];
        
        $color_subtitulo = $_GET["c_stit"];
        $background_subtitulo = $_GET["b_stit"];
        
        //VALIDACIONES PARA TODOS LOS CAMPOS
        //|| $server == "smtpout.secureserver.net"
        if($server == "" ){
        echo "Tienes un error en la forma de contacto, no has cambiado el servidor de correo.";
        exit;
        }
        else if (  $_GET["Email"] == "" ||  $_GET["Dominio"] == "" || $subject == "" ||  $_GET["From"] == ""){
        echo "No estas mandando los campos escondidos para procesar el correo. <br/> 
                Estos campos pueden ser Email, Dominio o From.";
        exit;
        }
        else if ( $nombre_empresa == " " || $font == "" || $color_titulo== "" || $background_titulo== "" || $color_subtitulo== "" || $background_subtitulo== ""){
        echo "No estas mandando todos los campos para personalizar el correo. <br/> 
              Revisa los hiddens de tu forma de contacto.";
        exit;
        }
        if($respuesta == ""){
        echo "Tienes un error en la forma de contacto, falta mandar la confirmaci&oacute;n.";
        exit;
        }

        //Se borran las variables que no queremos que imprima en el correo.
        unset ($_GET['Enviar']);
        unset ($_GET['Submit']);
        unset ($_GET['Email']);
        unset ($_GET['Dominio']);
        unset ( $_GET["Confirmacion"]);
        unset ($_GET["Empresa"]);
        unset ($_GET["font"]);
        unset ($_GET["c_tit"]);
        unset ($_GET["b_tit"]);
        unset ($_GET["c_stit"]);
        unset ($_GET["b_stit"]);


         //Headers que tiene que tener para mandar el correo en html.
          $headers = "From: $from\r\n" .
         "Content-Type: text/html; ". 
           "charset=UTF-8; format=flowed\n". 
           "MIME-Version: 1.0\n". 
           "Content-Transfer-Encoding: 8bit\n ". 
           "X-Mailer: PHP\n";

        // Se tienen las variables en el arreglo $Get y se les asigna llave y valor para imprimir.
        foreach ($_GET as $key => $value)
        {
        $body.= '
        <tr class="fondo">
            <td width="16%" class="left">&nbsp;'.$key.':</td>
            <td width="84%">&nbsp;'.$value.'</td>
        </tr>';
        }

        $mensaje= '
    <html>
    <head>
    <title>----Forma de Contacto----</title>
    <meta http-equiv="Content-Type"  content="text/html; charset=utf-8"/>
    <style type="text/css">

    .ancho{
    height:40px;
    }

    body{
    font-family:Lucida Sans;
    font-size:12px;
    color:#646464;
    }

    .borderright{
    border-right:medium;
    border-right-width:medium;
    border-right-color:#D3D3D3;
    border-right-style:solid;
    }

    .borderbottom{
    border-bottom:medium;
    border-bottom-width:medium;
    border-bottom-color:#D3D3D3;
    border-bottom-style:solid;
    }

    .fondo{
    background-color:#fff;
    }

    .left{
    padding-left:30px;
    font-weight:bold;

    }

    .subtitulo{
    font-family:'.$font.';
    font-size:14px;
    color:'.$color_subtitulo.';
    background-color:'.$background_subtitulo.';
    padding-top:5px;
    padding-left:20px;
    text-align:center;
    font-style:italic;
    font-weight:bold;
    }

    .titulo{
    font-family:'.$font.';
    font-size:20px;
    color:'.$color_titulo.';
    padding-top:5px;
    padding-left:20px;
    background-color:'.$background_titulo.';
    }

                </style>
            </head>
        
            <body>
            <table width="50%" border="0" cellpadding="0" cellspacing="2" class="borderright borderbottom">
                  <tr>
                    <td colspan="2" class="titulo ancho">'.$nombre_empresa.'</td>
                  </tr>
                  <tr>
                    <td colspan="2" class="subtitulo">El Solicitante introdujo los siguientes campos </td>
                  </tr>
                   '.$body.'
                <tr>
                <td>&nbsp;</td>
                <td align="right" style="font-size:12px; font-family:Times New Roman, Times, serif; color:#001a78;">SysOp</td></tr>
            </table>
            </body>
        </html>';
        
        //Manda el correo
        mail("$to", "$subject", "$mensaje", "$headers");

        //Se hace un location hacia la p?na de respuesta que se env?como par?tro.
        print "<script>document.location.href='$respuesta'</script>";
    ?>
    <html>
        <?php
        
    print "Mail enviado exitosamente";
        
    ?>
    </body>
    </body>
    </html>
    Last edited by requinix; December 10th, 2013 at 05:37 PM. Reason: php tags
  2. #2
  3. Transforming Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,113
    Rep Power
    9398
    Originally Posted by dacsoluciones
    I need help with this file does not work me
    That sucks.
  4. #3
  5. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Oh lord ...

    Do you really think it's a good idea to let anybody use your mailserver? Do you really think you should let the user set the receiver and the content of the email?

    If you ever wondered where all the spam mails come from: There's your answer. You've just installed your own open mail relay for people to send spam and malware around -- with your IP address attached to it.

    I hope that code isn't online yet. If it is, you need to take it offline now. I'm serious. Stuff like this will harm innocent people, it will get your server onto blacklists, it will seriously p*ss off your hoster, and it may even get you into legal trouble.

    The Internet is not your friendly neighbourhood.

    If you put something online, it's accessible to pretty much everybody. Every criminal, every frustratrated kid. You must aware of that and act accordingly. Otherwise, you'll get yourself and the people around you into deep trouble.

    My suggestion would be this:

    • Put away the code.
    • Stop copypasting stuff you found somewhere on the Internet. A lot of the PHP code out there is really malware.
    • Learn the basics of web security.
    • Learn how to properly send mails with PHP
    • Think before and while you write the code: Is this really a good idea? Could it be dangerous?
    • Ask a more experienced programmer for a review.

    If that's too much, I think you should wait with the email script and start a project with less risk involved.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".

IMN logo majestic logo threadwatch logo seochat tools logo