Jump to content
warrens0017

Line Break in email not working

Recommended Posts

Hi everyone,

I am running into an issue when I am sending out emails using the mail() function.

What I am trying to do is on one page, there is a text area that enters information into a form and sends it to another php to process. Here is the form:

<form method='POST' action='../home/contact-send-email.inc.php'>
  <div class='input_form'>
    <input type='hidden' name='cid' value='".$rowcon['cid']."'><br>
    <input type='hidden' name='from' value='".$_SESSION['email']."'><br>
    <input type='hidden' name='email' value='".$rowcon['email']."'><br>
    <input type='text' name='subject' placeholder='Subject'><br>
    <textarea style='width: 103.5%; height: 500px; resize: none;' type='text' name='message' placeholder='Message'></textarea><br>
    <button type='submit'>Send Mail</button>
  </div>
</form>

Now with the text area, I want it to allow line breaks. The issue I am running into now is that when I send email out, I am getting the text but were I put the line breaks, there is a \r\n in text. Here is the mail process php:

<?php
include '../inc/dbh.php';

$from = mysqli_real_escape_string($conn, $_POST['from']);
$msg = mysqli_real_escape_string($conn, $_POST['message']);

$to = mysqli_real_escape_string($conn, $_POST['email']);

$subject = mysqli_real_escape_string($conn, $_POST['subject']);

$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type:text/html; charset=UTF-8\r\n";
$headers .= "From: ".$from."\r\n";
$headers .= "X-Mailer: PHP 5.x\r\n";

$txt = nl2br($msg);

mail($to, $subject, $txt, $headers);
?>

So quick over view:

When I send an email out using this code and there are line breaks in there, where the line breaks are happening, in the email there is \r\n instead of the line break.

Share this post


Link to post
Share on other sites

Did you notice the semi-colon in the middle of the following line of code?

$headers .= "Content-type:text/html; charset=UTF-8\r\n";

Roddy

Share this post


Link to post
Share on other sites

That's because you're using mysqli_real_escape_string. You don't need that function, that's only for databases and it's also only used in really old code. If all you're doing is sending an e-mail, remove the entire database connection file.

For escaping things in an HTML e-mail, use htmlspecialchars().

 

1 minute ago, iwato said:

Did you notice the semi-colon in the middle of the following line of code?


$headers .= "Content-type:text/html; charset=UTF-8\r\n";

Roddy

That semi-colon is correct, it separates two of the components of the Content-Type header.

Edited by Ingolme
  • Thanks 1

Share this post


Link to post
Share on other sites

That's what mysqli_real_escape_string is going to do.  Why are you using that if your'e not using that data with a database?

Ideally you shouldn't use that function at all, if you're working with data in a SQL query you should use prepared statements instead of trying to escape everything manually.

Share this post


Link to post
Share on other sites

Can confirm, your issue stems from using `mysqli_real_escape_string`. That function just half-protects your queries from any anomalous characters, by escaping them, that may end up executing unwanted things. Not particularly useful in any case.

Any special characters inside that function are taken literally `\r\n` rather than as they're supposed to be which is a Carriage Return and LineFeed Character. (Basically new line)

 

In this case you won't even need to use mysqli_real_escape_string. You're not putting the data into the database are you? If you are I suggest reading up on 'Prepared Statements'.

Edited by Funce

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×