warrens0017 Posted September 5, 2018 Share Posted September 5, 2018 Hi everyone, I am running into an issue when I am sending out emails using the mail() function. What I am trying to do is on one page, there is a text area that enters information into a form and sends it to another php to process. Here is the form: <form method='POST' action='../home/contact-send-email.inc.php'> <div class='input_form'> <input type='hidden' name='cid' value='".$rowcon['cid']."'><br> <input type='hidden' name='from' value='".$_SESSION['email']."'><br> <input type='hidden' name='email' value='".$rowcon['email']."'><br> <input type='text' name='subject' placeholder='Subject'><br> <textarea style='width: 103.5%; height: 500px; resize: none;' type='text' name='message' placeholder='Message'></textarea><br> <button type='submit'>Send Mail</button> </div> </form> Now with the text area, I want it to allow line breaks. The issue I am running into now is that when I send email out, I am getting the text but were I put the line breaks, there is a \r\n in text. Here is the mail process php: <?php include '../inc/dbh.php'; $from = mysqli_real_escape_string($conn, $_POST['from']); $msg = mysqli_real_escape_string($conn, $_POST['message']); $to = mysqli_real_escape_string($conn, $_POST['email']); $subject = mysqli_real_escape_string($conn, $_POST['subject']); $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type:text/html; charset=UTF-8\r\n"; $headers .= "From: ".$from."\r\n"; $headers .= "X-Mailer: PHP 5.x\r\n"; $txt = nl2br($msg); mail($to, $subject, $txt, $headers); ?> So quick over view: When I send an email out using this code and there are line breaks in there, where the line breaks are happening, in the email there is \r\n instead of the line break. Link to comment Share on other sites More sharing options...
iwato Posted September 5, 2018 Share Posted September 5, 2018 Did you notice the semi-colon in the middle of the following line of code? $headers .= "Content-type:text/html; charset=UTF-8\r\n"; Roddy Link to comment Share on other sites More sharing options...
Ingolme Posted September 5, 2018 Share Posted September 5, 2018 (edited) That's because you're using mysqli_real_escape_string. You don't need that function, that's only for databases and it's also only used in really old code. If all you're doing is sending an e-mail, remove the entire database connection file. For escaping things in an HTML e-mail, use htmlspecialchars(). 1 minute ago, iwato said: Did you notice the semi-colon in the middle of the following line of code? $headers .= "Content-type:text/html; charset=UTF-8\r\n"; Roddy That semi-colon is correct, it separates two of the components of the Content-Type header. Edited September 5, 2018 by Ingolme 1 Link to comment Share on other sites More sharing options...
justsomeguy Posted September 5, 2018 Share Posted September 5, 2018 That's what mysqli_real_escape_string is going to do. Why are you using that if your'e not using that data with a database? Ideally you shouldn't use that function at all, if you're working with data in a SQL query you should use prepared statements instead of trying to escape everything manually. Link to comment Share on other sites More sharing options...
Funce Posted September 5, 2018 Share Posted September 5, 2018 (edited) Can confirm, your issue stems from using `mysqli_real_escape_string`. That function just half-protects your queries from any anomalous characters, by escaping them, that may end up executing unwanted things. Not particularly useful in any case. Any special characters inside that function are taken literally `\r\n` rather than as they're supposed to be which is a Carriage Return and LineFeed Character. (Basically new line) In this case you won't even need to use mysqli_real_escape_string. You're not putting the data into the database are you? If you are I suggest reading up on 'Prepared Statements'. Edited September 5, 2018 by Funce Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now