I'm looking at a problem with php displaying something

I have just done a php contact form for my website, but what I get is this:

https://gyazo.com/2f3c4faa5bc253a6e3ff94d78214867d

And the code I'm using is this:

<?php
include('***Contains private stuff***.php');
//Send mail function
function send_mail($to,$subject,$message,$headers){
    return @mail($to,$subject,$message,$headers);
}

if($_POST) {

    $to = "***PRIVATE MAIL***"; // Your email here
    $subject = 'Message from my website'; // Subject message here

        //MySQL
        $query = "INSERT INTO contact (name, email, subject, message) VALUES ('$name', '$email', '$subject', '$message')";
        $result = mysqli_query($connection, $query);

        //Sanitize input data, remove all illegal characters
        $name    = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
        $email    = filter_var($_POST['mail'], FILTER_SANITIZE_EMAIL);
        $subject = filter_var($_POST['subject'], FILTER_SANITIZE_STRING);
        $message = filter_var($_POST['message'], FILTER_SANITIZE_STRING);

        //Send Mail
        $headers = 'From: ' . $email .''. "\r\n".
            'Reply-To: '.$email.'' . "\r\n" .
            'X-Mailer: PHP/' . phpversion();


        $sent = send_mail($to, $subject, $message . "\r\n\n"  .'Name: '.$name. "\r\n" .'Email: '.$email, $headers);
        if (! $sent) {
            // log the error
            error_log('Mail Error: Message to ' . $to . ' wasn\'t sent');
        }
}
?>

And I just want to remove it, but can't really figure out the issue. Link to my friends website I'm using for the testing, and live view.

http://thomasmaneschijn.com/lukas/

And you should be able to see my html code on the site as well. Reason I marked the include section out is because there is some passwords and stuff that I don't want to leak.

You have few issues in your code:

Issue 1, Your code is wide open for SQL Injection, you must need to prevent your code with SQL Injection.

Issue 2, You are calling send_mail() without using any check, you need to move this inside the if($_POST) check, otherwise, it will execute on every page refresh.

Issue 3, Your INSERT query placement is wrong, from where you define these variables VALUES ('$name', '$email', '$subject', '$message') before this query?

According to your screen shot, you are getting json response just because of send_mail() method, if you move your code something like:

// Move `send_mail()` method here
if($_POST) {
// Your Variables
// Your Query / MYSQL / suggest you to use PDO here.
// Your method calling
}

Some helpful links:

How can I prevent SQL injection in PHP?

Are PDO prepared statements sufficient to prevent SQL injection?

Always use error_reporting() on local environment.

Lauv - I Like Me Better [Official Video], Lauv's debut album, ~how i'm feeling~ is available now: http://lauv.lnk.to/ howimfeelingYD I Duration: 3:26 Posted: Aug 10, 2017 Create an account or log in to Instagram - A simple, fun & creative way to capture, edit & share photos, videos & messages with friends & family.

@mail() returns TRUE if the mail was successfully accepted for delivery, FALSE otherwise. docs

So I guess that you have some problems with the params passed to the function. Consider the first if, if there is no $_POST you are actually not going to have those two variables defined. Also, since the send_mail() function is just called at the end of the file, it is going to be triggered upon visiting the page.

So my guess on this is that when you visit the page without having anything in the $_POST variable, you are going to miss the needed parameters for the send_email. Maybe try to dump the values of the parameters once you are inside send_email()

I (Kendrick Lamar song), I definition, the ninth letter of the English alphabet, a vowel. See more. Definition of -i- (Entry 8 of 8) —used as a connective vowel to join word elements especially of Latin origin matrilineal raticide me or I ?: Usage Guide Example Sentences Learn More about i

Your $to is not a valid email.

EDIT

To better understand your error, at least while developing I'd do the following:

if(@mail($to,$subject,$message,$headers)){
    echo json_encode(array('info' => 'success', 'msg' => "Your message has been sent. Thank you!"));
} else {
    echo json_encode(array('info' => 'error', 'msg' => "Error, your message hasn't been sent", 'error_info' => error_get_last()['message']));
}

See if that works.

You can also use this to better understand your error -

$sendMail = mail($to,$subject,$message,$headers);
if(!$sendMail) { $errorMessage = error_get_last()['message']; }

I, The ninth letter of the basic modern Latin alphabet. I (lower case ı). The letter i without a dot above, in both the upper case and the lower case versions. In some sans serif typefaces, the uppercase letter I, 'I' may be difficult to distinguish from the lowercase letter L, 'l', the vertical bar character '|', or the digit one '1'. In serifed typefaces, the capital form of the letter has both a baseline and a cap-height serif, while the lowercase L generally has a hooked ascender and a baseline serif.

<?php
include('***Contains private stuff***.php');
if($_POST) {

    $to = "***PRIVATE MAIL***"; // Your email here
    $subject = 'Message from my website'; // Subject message here

}

//Send mail function
function send_mail($to,$subject,$message,$headers){
    return @mail($to,$subject,$message,$headers);
}

//MySQL
$query = "INSERT INTO contact (name, email, subject, message) VALUES ('$name', '$email', '$subject', '$message')";
$result = mysqli_query($connection, $query);

//Sanitize input data, remove all illegal characters
$name    = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$email    = filter_var($_POST['mail'], FILTER_SANITIZE_EMAIL);
$subject = filter_var($_POST['subject'], FILTER_SANITIZE_STRING);
$message = filter_var($_POST['message'], FILTER_SANITIZE_STRING);

//Send Mail
$headers = 'From: ' . $email .''. "\r\n".
    'Reply-To: '.$email.'' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();


$sent = send_mail($to, $subject, $message . "\r\n\n"  .'Name: '.$name. "\r\n" .'Email: '.$email, $headers);
if (! $sent) {
    // log the error
    error_log('Mail Error: Message to ' . $to . ' wasn\'t sent');
}
?>

PHP error_log

I, Windows is either a registered trademark or a trademark of Microsoft Corporation in the United States and/or other countries. Mac is a trademark of Apple Inc. Ï, lowercase ï, is a symbol used in various languages written with the Latin alphabet; it can be read as the letter I with diaeresis or I-umlaut.. In Afrikaans, Catalan, Dutch, French, Galician, Welsh, Southern Sami, and occasionally English, ï is used when i follows another vowel and indicates hiatus (diaeresis) in the pronunciation of such a word.

[PDF] USCIS Form I-9, I definition is - the 9th letter of the English alphabet. How to use i in a sentence. me or I? The sixteenth letter of the Hungarian alphabet, called í and written in the Latin script.

I, I-94 is a place for U.S. visitors to find travel records. Log in to i-Ready®, online assessment and instruction that helps teachers provide all students a path to proficiency and growth in reading and mathematics.

I94, English. Espa�ol � 中文 (简体) � 中文 (繁體) � 한국어 � Русский � Tiếng Việt � Krey�l ayisyen � Charities & Nonprofits � Tax Pros. Search Toggle search. Search. Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

Comments
  • you dont want to see the error even if an error occurred?
  • Well, I mean it destroys my websites layout completely, which is annoying.
  • now your site is not working 500 error
  • Fixed, should be showing site now.
  • Well if you don’t want JSON-encoded data structures to show up in your page … then don’t output JSON-encoded data structures in the first place … Returning such data would make sense if you were making a background request to this script. But if you just want to submit your form to this normally, and this is supposed to provide the response in the form of the "next page" … well, then output error messages in a user-friendly way somewhere in the actual content, instead of spitting out JSON.
  • I will for sure, do that.
  • @luk19987 try them
  • @luk19987: emails are working before???, please update your question with updated code
  • there are so many example available on SO @luk19987: but i think, first of all you need to debug more.. like use one liner code to test email like mail('your email','subject','test'); place this right at the top of the file, if its work, then no need to use smtp, otherwise, you need to move on to smtp. or contact to hosting provider.
  • @luk19987: now u can close this question becuasse this question is related to php displaying something for email , u can create an another question.
  • Maybe you're correct, I can try and comment out the send_mail function? Just to see what happens?