Error non-SMTP ACL

Hi,

it seems the same issue you had last month:

• https://www.daniweb.com/web-development/php/threads/495015/mail-php-problem

The sender email must be authenticated before sending the email. The email to authenticate is the one set in the FROM header, i.e. the one defined here:

$headers = "From: website@website.com" . "\r\n";

Free hostings solves this problem by replacing the FROM email address with their and by setting yours as REPLY_TO, so they don't have to authenticate your SMTP server. For this reason it appears to work fine. Check the headers of the test messages you have sent.

Got It, Thank you.

I still can't not fix this...

<?php 
$action=$_REQUEST['action']; 
if ($action=="")    /* display the contact form */ 
    { 
    ?> 
    <form  action="" method="POST" enctype="multipart/form-data"> 
    <input type="hidden" name="action" value="submit"> 
    Your name:<br> 
    <input name="name" type="text" value="" size="30" required="required"/><br> 
    Your email:<br> 
    <input name="email" type="text" value="" size="30" required="required"/><br> 
    Your message:<br> 
    <textarea name="message" rows="7" cols="30" required="required"></textarea><br> 
    <input type="submit" value="Send email"/> 
    </form> 

    <?php 
    }  
else                /* send the submitted data */ 
    { 
    $name=$_REQUEST['name']; 
    $email=$_REQUEST['email']; 
    $message=$_REQUEST['message']; 
    if (($name=="")||($email=="")||($message=="")) 
        { 
        echo "All fields are required, please fill <a href=\"\">the form</a> again."; 
        } 
    else{         
        $from="From: $name<$email>\r\nReturn-path: $email"; 
        $subject="www.coronastar.ro"; 
        mail("mail@website.com", $subject, $message, $from); 
        echo 'succes!</h4>'; 
        } 
    }   
?> 

Let me try to explain: when you send an email message from your email client (for example Outlook or Mozilla Thunderbird) you connect to an SMTP server, submit password and if it's ok it will allow the sending of the message. You create the connection to SMTP and POP3 servers during the setup of the account, correct?

Now: when you send an email message from a PHP script you need to execute the same steps, otherwise, the SMTP server will deny the access and the email message will not be delivered.

At the moment at line 29 you are defining the FROM header basing on the sender email address:

$from="From: $name<$email>\r\nReturn-path: $email"; 

This is wrong, because this is the email defined by the client through your contact form. You don't have access to his credentials, so you cannot set the FROM header with his email address.

What you have to do is to:

1. define, in your script, an email address that you can authenticate through a password, for example: web@website.com which will be used in the FROM header;
2. use the Reply-To header to define the client email address, i.e. the value of the $email variable.

How to accomplish this? Use a PHP library that allows you to connect to your SMTP server. Something like PHPMailer:

• http://phpmailer.worxware.com/

An example:

<?php

require './PHPMailerAutoload.php';

$name    = $_REQUEST['name']; 
$email   = $_REQUEST['email']; 
$message = $_REQUEST['message']; 

$mail = new PHPMailer;
$mail->isSMTP();
$mail->SMTPDebug = 2;

# authentication
$mail->SMTPAuth  = TRUE;
$mail->Host      = 'smpt.website.com'
$mail->Username  = 'web@website.com';
$mail->Password  = 'PASSWORD HERE';

# from website
$mail->From      = 'web@website.com';
$mail->FromName  = 'Website';

# reply-to: email and name of the client
$mail->AddReplyTo($email, $name);

# receiver, send to
$mail->addAddress('mail@website.com');

$mail->Subject  = 'E-mail from website!';
$mail->Body     = $message;
$mail->WordWrap = 50;

echo ! $mail->send() ? 'Error: ' . $mail->ErrorInfo : 'Success!';

The mail() function, as explained in the linked thread of a month ago, can support SMTP authentication, but it's not the best function for this task.

Note that FROM and TO can be the same email address, you don't need to create something like web@website.com, mine is a simple example.

Thank you very much because you had the patience to explain , now I understand , but where do i find the smtp password ?

Edit: i upload all files "phpmailer" in my ftp webhosting. Now I need to add the above code to my contact page?

https://www.youtube.com/watch?v=AAGFIfJ6ymI

https://www.youtube.com/watch?v=JltHLzkghmY

You're welcome.

where do i find the smtp password ?

It's the password that you use to access the defined email account.

As I wrote: in a script like this, sender (FROM) and receiver (TO) can be the same email address. But:

1. this requires the disclosure of the password of this email account;
2. if this password is changed the script will fail.

For this reason I suggest to dedicate an email account only to the scripts. From your hosting control panel you should be able to create a new email account and to define his password.

Hi cereal, I managed to configure , I received mail(This is the HTML message body in bold!) but now I know how to connect the form table of the contact page.

    <form  action="" method="POST" enctype="multipart/form-data"> 
    <input type="hidden" name="action" value="submit"> 
    Your name:<br> 
    <input name="name" type="text" value="" size="30" required="required"/><br> 
    Your email:<br> 
    <input name="email" type="text" value="" size="30" required="required"/><br> 
    Your message:<br> 
    <textarea name="message" rows="7" cols="30" required="required"></textarea><br> 
    <input type="submit" value="Send email"/> 
    </form> 

Sorry, I'm not sure I've understood: you mean how to connect the form to the sending script? Through the action attribute of the form tag:

<form action="contact_page.php" method="POST">

Besides, the enctype should defined only when it's expected to upload a file through the form, yours does not seem to be the case, so you can remove it.

Now I want to create a contact form, where should I put the code of the form?

Oh, you can create a separated script and included it, just place it on top of the file and check if the request method is POST, and if the submission comes from the contact form, for example:

<?php

    $result = FALSE;

    if($_POST && array_key_exists('action', $_POST))
    {
        # mail script here
        $result = require './send.php';
    }
?>
<!DOCTYPE html>
<html>
    ...

<?php if($result) echo "<p>{$result}</p>"; ?>

And at the end of the send.php script, instead of:

echo ! $mail->send() ? 'Error: ' . $mail->ErrorInfo : 'Success!';

You place a return:

return ! $mail->send() ? 'Error: ' . $mail->ErrorInfo : 'Success!';

Now the $result variable will carry the value returned by the included script.

Otherwise point the form directly to the script and then redirect back with a session message. It's up to you.

I still cant fix this...

I have this form contact on my index page:

<form action="" method="post">
                <p class="clearfix">
                    <input type="text" name="name" value="" placeholder="Name" required="required" />
                    <input type="email" name="email" value="" placeholder="Email" required="required" />
                    <input type="text" name="website" value="" placeholder="Website" />
                </p>
                <p>
                    <textarea cols="109" rows="9" name="query" value="" placeholder="Your message" required="required"></textarea>
                    <input type="submit" value="Submit" />
                </p>
</form>

How I include this form to the sending php code(phpmailer).

<?php
require 'PHPMailerAutoload.php';

$mail = new PHPMailer;

//$mail->SMTPDebug = 3;

$mail->isSMTP();
$mail->Host = 'localhost';
$mail->SMTPAuth = true;
$mail->Username = 'reply_office@---.com';
$mail->Password = '---';
$mail->SMTPSecure = 'tls';
$mail->Port = 587;

$mail->From = 'reply_office@---.com';
$mail->FromName = 'Mailer';
$mail->addAddress('office@---.com');

$mail->isHTML(true);

$mail->Subject = 'Here is the subject';
$mail->Body    = 'This is the HTML message body <b>in bold!</b>';
$mail->AltBody = 'This is the body in plain text for non-HTML mail clients';

if(!$mail->send()) {
    echo 'Message could not be sent.';
    echo 'Mailer Error: ' . $mail->ErrorInfo;
} else {
    echo 'Message has been sent';
}

Hi as cereal been pointing out you just need to add your "phpmailer " /sending code on your form action like

<form action="phpmailer.php" method="post">

after that you need to pass the data from your form to the phpmailer.php script that you wrote like this

<?php
require 'PHPMailerAutoload.php';

//======= this is the data form your form====
$name=$_POST['name'];
$email=$_POST['email'];
$website=$_POST['website'];
 $query=$_POST['query'];
//===========end=======

$mail = new PHPMailer;
//$mail->SMTPDebug = 3;
$mail->isSMTP();
$mail->Host = 'localhost';
$mail->SMTPAuth = true;
$mail->Username = 'reply_office@---.com';
$mail->Password = '---';
$mail->SMTPSecure = 'tls';
$mail->Port = 587;
$mail->From = 'reply_office@---.com';
$mail->FromName = 'Mailer';
$mail->addAddress('office@---.com');
$mail->isHTML(true);
$mail->Subject = 'Here is the subject';
$mail->Body    = 'My name is $name. you can send me an email at $email and visit my webpage at $website and my asdfghj is $query';
$mail->AltBody = 'This is the body in plain text for non-HTML mail clients';
if(!$mail->send()) {
    echo 'Message could not be sent.';
    echo 'Mailer Error: ' . $mail->ErrorInfo;
} else {
    echo 'Message has been sent';
}

?>

after you made the changes you are ready to Go.

thank you for answer, I did what you said but now I get this error:

Message could not be sent.Mailer Error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting

It could be the port or the password. Remove the comment character from line 12 to enable the debugger and access the information, with level 3 it will show the communications between server and client:

$mail->SMTPDebug = 3;

And also follow the link returned by the error:

• https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting

It explains why the connection can fail.

Sorry I was forgget password..., now it fix but still can't recevice on mail subject (/email/query/website) that the client fill.
I recevice the text your wrote:

$mail->Subject = 'Here is the subject';
$mail->Body    = 'My name is $name. you can send me an email at $email and visit my webpage at $website and my asdfghj is $query';
$mail->AltBody = 'This is the body in plain text for non-HTML mail clients';

Just replace the text with the input received from the form:

$message = $_POST['query']; # name of textarea

And then set the body:

$mail->Body = $message;

The same applies to subject and altbody (which is optional and helpful if in body you set an HTML message). To get the email address of the sender replace:

$mail->addAddress('office@---.com');

With:

$email = $_POST['email'];

$mail->addAddress($email);

For the moment get it to work, after that you MUST add validation and sanitazation, because at the moment the script is not safe against attacks. The validation & sanitazation process is not complex you just have to add some rules through filter_input(), as example:

$name    = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);

# sanitize
$email   = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);

# validate if sanitization was successful
$email   = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);

$message = filter_input(INPUT_POST, 'query', FILTER_SANITIZE_STRING);

Docs:

• http://php.net/filter-input
• http://php.net/manual/en/filter.filters.sanitize.php
• http://php.net/manual/en/filter.filters.validate.php
• http://php.net/manual/en/filter.filters.php

A sanitize filter is used to remove extra characters, like javascript, html tags, null bytes. A validation filter, instead, is used to verify that the input is in the correct format. When filter_input() fails it returns boolean FALSE, so after you set the variables $name, $email and $message you could verify the status of them and decide if run the mail script or not, so you should just replace:

if(!$mail->send()) {

with:

if($name !== FALSE && $email !== FALSE && $message !== FALSE && !$mail->send())

Or, better, you could place an independent if statement before the require of the PHPMailer class and exit before loading it in case of failure.

Thank you cereal, you made my day:) I almost finish this but it has remained one problem, how i add 'website' on body.

$mail->Body    = $message = $_POST['query'];

and I want the website to in that body section, something like this:

$mail->Body    = $message = $_POST['query + website'];

You're welcome!

This $_POST['query + website']; cannot work, because there you're trying to access an index key, in order to work your array should look have an index key like in your test:

$a = array(
        'query'           => 'abc',
        'website'         => 'http://some.url/',
        'query + website' => 'def'
    );

echo $a['query'];
echo $a['website'];
echo $a['query + website'];

You can use string concatenation:

$message  = $_POST['query'] . "\n\r";
$message .= "Website: " . $_POST['website'] . "\n\r";

$this->Body = $message;

by prepending the assignment operator (=) with a dot (.) you append the new value to the variable instead of overwriting it. Which is the same of writing:

$message = $_POST['query'] . "\n\r Website: " . $_POST['website'] . "\n\r";

Note: double quotes are important to properly translate the linefeed (\n) and carriage return (\r) characters.

Done!!! I finish. Thank you very much, I really appreciate your help.

Great, you're welcome. If we have finished, then please mark the article as solved. Bye!