Connecting Tech Pros Worldwide Forums | Help | Site Map
bytes > topic > php > answers

PHP file displays code

Member
  
Join Date: Feb 2007
Posts: 95
#1: Oct 9 '07
I have a PHP file that usually sends an email. Instead, it now simply displays the code beginning with line 14 (where #eol= begins). Can anybody help me with this?

Expand|Select|Wrap|Line Numbers
  1. <?php
  2.  
  3.   #Change only the information after the equals sign
  4.  
  5.   $to = $_REQUEST['ProducerEmail'];  
  6.   $body = "Your request to bind the submission on ".$_REQUEST['IName']." has been received by United Brokers. After it has been reviewed for content by an Underwriter and it has been determined that no essential information is missing it will be sent to Processing and will, typically, be on its way back to you within 48 hours.  Thank you for your business.";
  7.   $subject = "RE: ".$_REQUEST['IName']." - Submission Received";
  8.   $fromaddress = $_REQUEST['UWemail']; 
  9.   $fromname = $_REQUEST['Underwriter'];
  10.   $agent = $_REQUEST['Agent'];
  11.   $producer = $_REQUEST['Producer'];
  12.  
  13.   # DO NOT EDIT BELOW THIS
  14.   $eol="\r\n";
  15.   $attachments=false;
  16.   $mime_boundary=md5(time());
  17.  
  18.   # Common Headers
  19.   $headers .= "From: ".$fromname."<".$fromaddress.">".$eol;
  20.   $headers .= "Reply-To: ".$fromname."<".$fromaddress.">".$eol;
  21.   $headers .= "Return-Path: ".$fromname."<".$fromaddress.">".$eol;    // these two to set reply address
  22.   $headers .= "Message-ID: <".time()."-".$fromaddress.">".$eol;
  23.   $headers .= "X-Mailer: PHP v".phpversion().$eol;          // These two to help avoid spam-filters
  24.  
  25.   # Boundry for marking the split & Multitype Headers
  26.   $headers .= 'MIME-Version: 1.0'.$eol.$eol;
  27.   $headers .= "Content-Type: multipart/mixed; boundary=\"".$mime_boundary."\"".$eol.$eol;
  28.  
  29.   # Open the first part of the mail
  30.   $msg = "--".$mime_boundary.$eol;
  31.  
  32.   $htmlalt_mime_boundary = $mime_boundary."_htmlalt"; //we must define a different MIME boundary for this section
  33.   # Setup for text OR html -
  34.   $msg .= "Content-Type: multipart/alternative; boundary=\"".$htmlalt_mime_boundary."\"".$eol.$eol;
  35.  
  36.   # Text Version
  37.   $msg .= "--".$htmlalt_mime_boundary.$eol;
  38.   $msg .= "Content-Type: text/plain; charset=iso-8859-1".$eol;
  39.   $msg .= "Content-Transfer-Encoding: 8bit".$eol.$eol;
  40.   $msg .= strip_tags(str_replace("<br>", "\n", substr($body, (strpos($body, "<body>")+6)))).$eol.$eol;
  41.  
  42.   # HTML Version
  43.   $msg .= "--".$htmlalt_mime_boundary.$eol;
  44.   $msg .= "Content-Type: text/html; charset=iso-8859-1".$eol;
  45.   $msg .= "Content-Transfer-Encoding: 8bit".$eol.$eol;
  46.   $msg .= $body.$eol.$eol;
  47.  
  48.   //close the html/plain text alternate portion
  49.   $msg .= "--".$htmlalt_mime_boundary."--".$eol.$eol;
  50.  
  51.   if ($attachments !== false)
  52.   {
  53.     for($i=0; $i < count($attachments); $i++)
  54.     {
  55.       if (is_file($attachments[$i]["file"]))
  56.       {   
  57.         # File for Attachment
  58.         $file_name = substr($attachments[$i]["file"], (strrpos($attachments[$i]["file"], "/")+1));
  59.  
  60.         $handle=fopen($attachments[$i]["file"], 'rb');
  61.         $f_contents=fread($handle, filesize($attachments[$i]["file"]));
  62.         $f_contents=chunk_split(base64_encode($f_contents));    //Encode The Data For Transition using base64_encode();
  63.         $f_type=filetype($attachments[$i]["file"]);
  64.         fclose($handle);
  65.  
  66.         # Attachment
  67.         $msg .= "--".$mime_boundary.$eol;
  68.         $msg .= "Content-Type: ".$attachments[$i]["content_type"]."; name=\"".$file_name."\"".$eol;  // sometimes i have to send MS Word, use 'msword' instead of 'pdf'
  69.         $msg .= "Content-Transfer-Encoding: base64".$eol;
  70.         $msg .= "Content-Description: ".$file_name.$eol;
  71.         $msg .= "Content-Disposition: attachment; filename=\"".$file_name."\"".$eol.$eol; // !! This line needs TWO end of lines !! IMPORTANT !!
  72.         $msg .= $f_contents.$eol.$eol;
  73.       }
  74.     }
  75.   }
  76.  
  77.   # Finished
  78.   $msg .= "--".$mime_boundary."--".$eol.$eol;  // finish with two eol's for better security. see Injection.
  79.  
  80.   # SEND THE EMAIL
  81.   ini_set(sendmail_from,$fromaddress);  // the INI lines are to force the From Address to be used !
  82.   $mail_sent = mail($to, $subject, $msg, $headers);
  83.  
  84.   ini_restore(sendmail_from);
  85.  
  86.   return $mail_sent;
  87.  
  88. ?>
  89.  

Atli's Avatar
Moderator
  
Join Date: Nov 2006
Location: Iceland
Posts: 3,751
#2: Oct 9 '07

re: PHP file displays code

Please use CODE tags when posting source code:

[CODE=php]
PHP code goes here.
[/CODE]

Moderator
code green's Avatar
Expert
  
Join Date: Mar 2007
Location: England
Posts: 1,083
#3: Oct 9 '07

re: PHP file displays code

This is usually because of a missed closing php tag or including a file without php tags.
All code is then parsed as HTML by the browser.
Can't see anything in your code.
Although could be coming via the REQUEST global, because you have no input validation whatsoever.
Rather dangerous to allow this.
Can you double check your code for any of the above and echo out the REQUEST global to see what is in there?
Atli's Avatar
Moderator
  
Join Date: Nov 2006
Location: Iceland
Posts: 3,751
#4: Oct 9 '07

re: PHP file displays code

Hi.

I, like code green, see nothing wrong with that code.

Are you sure this is the code that you are running. Is there a chance you are running an old, out of date version on your server, rather than the one you are editing?

When I first read your post I thought it had something to do with the <?php tags, but there doesn't seem to be anything wrong with them.

My only concern is, like code green mentioned, that you are using $_REQUEST without any validation. I would advise using the $_POST, $_GET and $_COOKIE super-globals instead of the $_REQUEST super-global, for increased security, and that you make sure the values that are passed are those you are expecting.
Reply

« previous question | next question »

Similar PHP bytes

/bytes/development

/bytes/it

Forums
Visit our community forums for general discussions and latest on Bytes

Our staff and community areas have moved to bytes.com/forums/

/bytes/about

We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights. Get the best answers to your questions from over 226,471 network members.

dev questions:
algorithms | asp | asp.net | c/c++ | coldfusion | c# | flash | html/css | java | javascript |
mobile dev | .net | perl | php | python | ruby | software dev | vb.net | visual basic | xml
it questions:
access | apache | careers | db2 | iis | macosx | mysql | networking | oracle | postgresql | sql server | unix | windows

About Bytes | Copyright 1995-2009 BYTES. All rights Reserved