Jump to content

Line Break in email not working

Recommended Posts

Hi everyone,

I am running into an issue when I am sending out emails using the mail() function.

What I am trying to do is on one page, there is a text area that enters information into a form and sends it to another php to process. Here is the form:

<form method='POST' action='../home/contact-send-email.inc.php'>
  <div class='input_form'>
    <input type='hidden' name='cid' value='".$rowcon['cid']."'><br>
    <input type='hidden' name='from' value='".$_SESSION['email']."'><br>
    <input type='hidden' name='email' value='".$rowcon['email']."'><br>
    <input type='text' name='subject' placeholder='Subject'><br>
    <textarea style='width: 103.5%; height: 500px; resize: none;' type='text' name='message' placeholder='Message'></textarea><br>
    <button type='submit'>Send Mail</button>

Now with the text area, I want it to allow line breaks. The issue I am running into now is that when I send email out, I am getting the text but were I put the line breaks, there is a \r\n in text. Here is the mail process php:

include '../inc/dbh.php';

$from = mysqli_real_escape_string($conn, $_POST['from']);
$msg = mysqli_real_escape_string($conn, $_POST['message']);

$to = mysqli_real_escape_string($conn, $_POST['email']);

$subject = mysqli_real_escape_string($conn, $_POST['subject']);

$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type:text/html; charset=UTF-8\r\n";
$headers .= "From: ".$from."\r\n";
$headers .= "X-Mailer: PHP 5.x\r\n";

$txt = nl2br($msg);

mail($to, $subject, $txt, $headers);

So quick over view:

When I send an email out using this code and there are line breaks in there, where the line breaks are happening, in the email there is \r\n instead of the line break.

Link to post
Share on other sites

Did you notice the semi-colon in the middle of the following line of code?

$headers .= "Content-type:text/html; charset=UTF-8\r\n";


Link to post
Share on other sites

That's because you're using mysqli_real_escape_string. You don't need that function, that's only for databases and it's also only used in really old code. If all you're doing is sending an e-mail, remove the entire database connection file.

For escaping things in an HTML e-mail, use htmlspecialchars().


1 minute ago, iwato said:

Did you notice the semi-colon in the middle of the following line of code?

$headers .= "Content-type:text/html; charset=UTF-8\r\n";


That semi-colon is correct, it separates two of the components of the Content-Type header.

Edited by Ingolme
  • Thanks 1
Link to post
Share on other sites

That's what mysqli_real_escape_string is going to do.  Why are you using that if your'e not using that data with a database?

Ideally you shouldn't use that function at all, if you're working with data in a SQL query you should use prepared statements instead of trying to escape everything manually.

Link to post
Share on other sites

Can confirm, your issue stems from using `mysqli_real_escape_string`. That function just half-protects your queries from any anomalous characters, by escaping them, that may end up executing unwanted things. Not particularly useful in any case.

Any special characters inside that function are taken literally `\r\n` rather than as they're supposed to be which is a Carriage Return and LineFeed Character. (Basically new line)


In this case you won't even need to use mysqli_real_escape_string. You're not putting the data into the database are you? If you are I suggest reading up on 'Prepared Statements'.

Edited by Funce
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...