Alright, here we go.
So there's this legacy client of ours that has apparently been having email troubles on a site I had no involvement with in the distant past. Their emails were being received nicely up until (allegedly!) a month or so ago.
They initially wanted a captcha for the form so we provided but, so the story goes, they eventually started getting complaints from patients trying to fill it out on the website. So they had us remove it. My coworker(s) simply commented out the captcha portion and called it a day.
The client says that "whatever they did" broke the form and so now no email is getting through. Well I checked out the PHP\HTML and it all seems to be on the level..
The code executes just fine, no errors given, but nothing is received. So I figured it may be something with the server.
Well, the client only has one email account on the server (via cpanel) and it's not the ones the form is associated with. Further, this email account (detailed below) has not received a single email in 3 months.
They're using WHM\Cpanel with Cent OS and the PHP file seems to be in good order. The firewall as well is configured just as it should be to allow mail functionality according to my research.. But if I log into their email client (roundcube) and attempt to send any email whatsoever I get the error:
SMTP Error (-1): Connection to server failed.
When I try to send an email TO the aforementioned address it simply never arrives.
I'm assuming this is completely related.
Below is the template code straight from Expression Engine (1.7.x):
<?php
session_start();
//require_once('scripts_server/recaptchalib.php');
$privatekey = "6LfP7AcAAAAAAGnqNwep55dvYLrgUvJt479b1Vr0";
error_reporting(0);
$sent_notice = "";
$patient_name = "";
$your_name = "";
$message = "";
$error_list = array();
if(!empty($_POST))
{
// Verify the session var is equal (security)
if( $_SESSION["randomuniquenumber"] != true )
{
$error_list[] = "Server Error: Please refresh the page.";
}
// Check the names to see if they're empty or invalid
if(empty($_POST['patient_name'])) {
$error_list[] = "Please enter the patient's name.";
}else {
if(preg_match("/^[-A-Za-z\.\s]+$/", $_POST['patient_name'])) {
$patient_name = $_POST['patient_name'];
}else {
$error_list[] = "Please only use alphabetical characters for names.";
}
}
if(empty($_POST['your_name'])) {
$error_list[] = "Please enter your name.";
}else {
if(preg_match("/^[-A-Za-z\.\s]+$/", $_POST['your_name'])) {
$your_name = $_POST['your_name'];
}else {
$error_list[] = "Please only use alphabetical characters for names.";
}
}
// Check the message is filled out
if( !empty($_POST['message']) ) {
if( strlen($_POST['message']) > 1000 ) {
$error_list[] = "Messages are limited to 1000 characters.";
}else {
$message = htmlentities($_POST['message']);
}
}
else {
$error_list[] = "Please fill out the message field.";
}
// Check the re-captcha ------------------------------------------------
// $resp = recaptcha_check_answer ($privatekey,
// $_SERVER["REMOTE_ADDR"],
// $_POST["recaptcha_challenge_field"],
// $_POST["recaptcha_response_field"]);
//
// if (!$resp->is_valid) {
// $error_list[] = "The reCAPTCHA wasn't entered correctly.";
//
// }
// If everything was filled out properly
if(empty($error_list))
{
// Send the email
$to = 'mike@madmonkinteractive.com'; //'patientemail@lenoir.org'
$subject = 'LenoirMemorial.org - Message for a Patient';
$headers = "From: Via the patient web form at LenoirMemorial.org <patientemail@lenoir.org>";
$email_message = 'Patient\'s Name: ' . $patient_name . "
" .
'Sender\'s Name: ' . $your_name . "
" .
'Message: ' . "
" . stripslashes($message);
mail($to, $subject, $email_message, $headers);
if(@mail($to, $subject, $email_message, $headers))
{
echo "<script>javascript: alert('Mail Sent Successfully')></script>";
}else{
echo "<script>javascript: alert('Mail Failure')></script>";
}
// Now properly escape the data contained in the vars
$patient_name = mysql_real_escape_string( $patient_name );
$your_name = mysql_real_escape_string( $your_name );
$message = mysql_real_escape_string( stripslashes($message) );
// Connect to the DB and add the the user's info
mysql_connect('localhost', 'lenoirm_lenoirm', 'IMz2Aub1qnmX');
mysql_select_db('lenoirm_lenoirm');
$date = date("M-j-Y");
$sql = "INSERT INTO email_patient SET patient_name='".$patient_name."', message='".$message."', your_name='".$your_name."', date='".$date."' ";
mysql_query($sql) or die(mysql_error());
session_unset();
session_destroy();
// Inform the user that their email has been set
//header("Location: http://lenoirmemorial.org/index.php/get_in_touch/thank_you/");
}
}
else {
$_SESSION["randomuniquenumber"] = true;
}
?>
{embed="includes/header"}
{embed="includes/nav"}
{embed="includes/left_sidebar"}
<div id="col2">
<div class="video-box">
<div class="video-top">
<div class="video-middle">
<h2>Email a Patient</h2>
<p><img alt="Brighten Someone's Day" src="/custom/images_content/emailapatient.jpg" style="float: right; margin-left: 10px; margin-right: 10px;" /></p>
<p>Would you like to brighten a patient's day with a message of support and encouragement? Stay in touch and let them know you're thinking about them by sending a customized, free email message.</p>
<h3>Simple and Easy!</h3>
<p>Lenoir Memorial Hospital offers a simple and easy way for friends and family to send free messages to patients. Simply fill out and submit the electronic form below. Our Volunteer Services department will print your email message on special stationery and then deliver it to the patient.</p>
<h3>Delivery Information</h3>
<p>Email messages are delivered Monday through Friday during regular business hours. Messages received after 1:00 PM may not be delivered until the next business day. We will do our best to deliver messages in a timely manner. We cannot deliver messages to patients who have not been admitted as inpatients or to patients who have been discharged. Please make sure you fill out the patient's first and last name correctly.</p>
<h3>Confidentiality</h3>
<p>Please remember that email messages are not secure, and the form you will use to send your message is not secure. Members of our volunteer staff will see your message. We maintain the right not to deliver messages that are deemed inappropriate. Due to some sensitivity and confidentiality requirements, email messages will not be delivered to certain units and patients.</p>
<p>If you have a question about emailing a patient, please contact us at 252-522-7006.</p>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" id="email_patient">
<?php
if(count($error_list) != 0) {
foreach($error_list as $error) {
echo '<p class="form_feedback">'.$error.'</p>';
}
}
if($sent_notice != "") {echo $sent_notice;}
?>
<ul>
<li>
<label for="patient_name">Patient's First and Last Name:</label>
<input type="text" name="patient_name" value="<?php if($patient_name != "") echo $patient_name; ?>" id="patient_name" />
</li>
<li>
<label for="your_name">Your Name:</label>
<input type="text" name="your_name" value="<?php if($your_name != "") echo $your_name; ?>" id="your_name" />
</li>
<li>
<label for="message">Message (1000 Character Limit):</label>
<textarea name="message" rows="8" cols="40"><?php if($message != "") echo stripslashes($message); ?></textarea>
</li>
<li>
<?php
//$publickey = "6Len9wYAAAAAAIzFGpc_paC-F_88OftuRiw3UyWt";
//$publickey = "6LfP7AcAAAAAAENozkyqiIOGqVdkNI_ea8UmEctu";
// echo recaptcha_get_html($publickey);
?>
</li>
<li>
<input type="submit" name="submit" value="Submit" id="submit" />
</li>
</ul>
</form>
</div>
</div>
<div class="video-bottom">
</div>
</div>
</div>
{embed="includes/news_events_sidebar"}
{embed="includes/footer"}
Edit: Ran this code, I get the message "error" being printed...
$result = mail($to, $subject, $email_message, $headers);
if(!$result) {
echo "Error";
} else {
echo "Success";
}
