Hey I have this code that sends an email with some data sent by a form:
<?php
if (isset($_POST['submit'])) {
error_reporting(E_NOTICE);
function valid_email ($str) {
return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE;
}
if ($_POST['name'] != '' && $_POST['email'] != '' && $_POST['tel'] != '' && valid_email($_POST['email']) == TRUE && strlen($_POST['comment']) > 1) {
$to = preg_replace("([
])", "", $_POST['receiver']);
$from = preg_replace("([
])", "", $_POST['name']);
$subject = 'Online Message';
$message = $_POST['comment'];
$match = "/(bcc:|cc:|content\-type:)/i";
if (preg_match($match, $to) || preg_match($match, $from) || preg_match($match, $message) || preg_match($match, $subject)) {
die("Header injection detected.");
}
$headers = "From: \"".$_POST['name']."\" <".$_POST['email'].">
";
$headers .= "Reply-to: ".$_POST['email']."
";
if (mail($to, $subject, $message, $headers)) {
echo 1; //SUCCESS
} else {
echo 2; //FAILURE - server failure
}
} else {
echo 3; //FAILURE - not valid email
}
} else {
die("Direct access not allowed!");
}
I want to add the $_POST['tel'] to the $message variable so in the body of the email I can get the message plus the telephone that people type into the form. In the first part of the code I think I made the telephone input obligatory.
I tried doing $message = $_POST['comment'] && $_POST['tel']; but the only thing I recieve is a 1 in the body of the mail that is the first number of the telephone entered.
