Home>

I am making a mail form.
Send the contents of the inquiry to the user to the user, and the administrator (self)
I also want to

Warning: session_start (): Cannot send session cookie --headers already sent by (output started at /home/etdfftytg/etdfftytg.php.xdomain.jp/public_html/mail.php:2) in /home/etdfftytg/etdfftytg.php. xdomain.jp/public_html/mail.php on line 6

Warning: session_start (): Cannot send session cache limiter --headers already sent (output started at /home/etdfftytg/etdfftytg.php.xdomain.jp/public_html/mail.php:2) in /home/etdfftytg/etdfftytg.php. xdomain.jp/public_html/mail.php on line 6

Japanese translation:
Warning: session_start (): Unable to send session cookie-header by /home/etdfftytg/etdfftytg.php (started at /home/etdfftytg/etdfftytg.php.xdomain.jp/public_html/mail.php:2) It has already been sent. 6th line xdomain.jp/public_html/mail.php

Warning: session_start (): Unable to send session cache limiter-header has already been sent (output started at /home/etdfftytg/etdfftytg.php.xdomain.jp/public_html/mail.php: 2) 6 Line /home/etdfftytg/etdfftytg.php.xdomain.jp/public_html/mail.php

Corresponding source code
<? php
if (! $_ POST) {
header ('Location: /');
}
session_start ();
if (isset ($_ POST ['name'],

$_POST ['email'],

$_POST ['comment'])) {
$_SESSION ['name'] = $_POST ['name'];
$_SESSION ['email'] = $_POST ['email'];
$_SESSION ['comment'] = $_POST ['comment'];
}
?><! DOCTYPE html><html><head><meta charset = "utf-8" /><title></title></head><body><? php
$action = $_POST ['action'];
$name = htmlspecialchars ($_SESSION ['name']);
$email = htmlspecialchars ($_SESSION ['email']);
$comment = htmlspecialchars ($_SESSION ['comment']);
$to ='@ yahoo.co.jp';// Email
$subject ='form-mail-sample-2';// Title
$message ='[name]'. "\ n". $Name. "\ n";
$message. ='[Email]'. "\ n". $Email. "\ n";
$message. ='[Comment]'. "\ n". $Comment. "\ n \ n \ n";
$header ='From:'. $Email. "\ r \ n";
$header. ='Reply-To:'. $Email. "\ r \ n";
if ($action == "post") {
echo'';
echo'<form action = "mail.php" method = "post">';
echo'';
echo'';
echo'<label>name</label>';
echo'<!-Cell->';
echo'';
echo $_SESSION ['name'];
echo'<!-Cell->';
echo'<!-row->';
echo'';
echo'';
echo'<label>email</label>';
echo'<!-Cell->';
echo'';
echo $_SESSION ['email'];
echo'<!-Cell->';
echo'<!-row->';
echo'';
echo'';
echo'<label>comment</label>';
echo'<!-Cell->';
echo'';
echo $_SESSION ['comment'];
echo'<!-Cell->';
echo'<!-row->';
echo'';
echo'';
echo'';
echo'<!-Cell->';
echo'';
echo'<p>Please send if the input is correct</p><br>';
echo'<button type = "submit" name = "action" value = "send">Send</button>';
echo'<button type = "button" onclick = "history.go (-1)">Return to input form</button>';
echo'<!-Cell->';
echo'<!-row->';
echo'</form>';
echo'<!-tb-cell->';
} elseif ($action == "send") {
$status = mb_send_mail ($to, $subject, $message, $header);
if ($status) {echo'<p>Message sent successfully</p>';
echo'<button type = "button" onclick = "history.go (-2)">Return to input form</button>';
} else {
echo'<p>Failed to send message</p>';
echo'<button type = "button" onclick = "history.go (-2)">Return to input form</button>';
}
$_SESSION = array ();
session_destroy ();
}
?></body></html>


`` `html




Email




















































  • Answer # 1

    This level of code will be a problem if you put it on the Internet, so if you want to use it in practice, ask a vendor.

    If it is for learning purposes, it is recommended that you proceed to the next step regardless of sending an email.
    It is impossible for beginners to properly create an email form.

    * In order to use it at the implementation level, it is necessary to know not only php but also attack methods related to infrastructure and mail forms, and technologies related to mail systems at a certain level.

    Reference: The top 10 "PHP mail forms" have a winning percentage of 10%

    By the way, the question script contains a vulnerability related to email header injection.