When i send some email, it only sends the first word from the subject:
Example: I send an email with the name of "Send email", it only sends the word "Send", how can i prevent that?
Code:
The subject is selected in a select box
';
?>
Check if the button was clicked
if(isset($_POST['send'])){
$sendername = 'Company';
$from = 'noreplay@compaty.com';
$to = safe($_POST['to']);
$subject = safe($_POST['subject']);
$message = 'teste';
$headers = 'MIME-Version: 1.0' . PHP_EOL;
$headers .= 'Content-type: text/html; charset=iso-8859-1' . PHP_EOL;
$headers .= "From: $sendername <$from>".PHP_EOL;
mail($to, $subject, $message, $headers);
}else{
$to = NULL;
}
Safe function
function safe($value) {
return mysql_real_escape_string($value);
}
Answer
The main problem is caused by not escaping variables and not properly encapsulating your attribute values; use this instead:
foreach($templatesarr as $val){
printf('',
htmlspecialchars($val['name'], ENT_QUOTES, 'UTF-8')
);
}
It now uses "" to delimit the value attribute of the option element.
No comments:
Post a Comment