Page 1 of 1

Need help with a PHP contact form

Posted: Thu Jun 18, 2009 11:54 am
by bensd
Please be kind with me, I am a PHP newbie :)

I am working on a contact form and need to amend the following line of code:

Code: Select all

mail("ben@gercia.co.uk", ''.$subject, $_SERVER['REMOTE_ADDR']. "\n\n" .$message, "From: $from");
This is currently sending me an email from the person who fills out the contact form (from email - $from) and is displayed like this:
000.000.000.000
 
This is the message.
I would like to reformat the email sent with some addition text, a couple of line breaks and add in the senders name (taken from the form - $name), so the email displays like this:
IP Address: 000.000.000.000
 
Name: Senders Name
 
Message:
This is the message.
I have been playing around with this for a while trying to do it but not having much luck!

Any help appreciated.

-Ben

Re: PHP Help Needed

Posted: Thu Jun 18, 2009 1:22 pm
by Eric!
If you are accepting this input from a form available to the general public than be very cautious. You must filter all those fields carefully.

Try starting with the two pieces of code I posted here
viewtopic.php?f=1&t=101854

get the form contact.html
and the script _mail.php

study them to learn how to do what you want. It will provide the info you are looking for and will keep spammers from hijacking your mail server via injection.

You might find a small typo or two in there because I can't test it at the moment, but it should really help you.

By the way, in the future use a more descriptive title in your post so people know what kind of problem you have and don't just skip over it because it is too vague. It is hard to spend time reading every post to see if you can help or not..

Re: PHP Help Needed

Posted: Fri Jun 19, 2009 7:03 am
by bensd
I have changed the title of my post.

Thanks for link however i am happy with my current form.

Form is already being filtered by javascript.

Just need some guidance about editing the line of code.

Re: Need help with a PHP contact form

Posted: Fri Jun 19, 2009 8:23 am
by jayshields
Don't rely on JavaScript validation alone, it can easily be bypassed.

Basically to change your line of code all you need to understand is that commas separate function parameters, dots (full-stops) concatenate strings and "\n" is a new line. To understand the parameters of the mail() function you should check the manual http://php.net/mail

Re: Need help with a PHP contact form

Posted: Fri Jun 19, 2009 9:51 am
by Eric!
I have spent a lot of time making mistakes with email contact forms. I suggest you study my php code carefully because the spammers are agressive at finding holes.

Your javascript filters are WORTHLESS. Spammers will post directly to your php code and bypass your html totally. They have simple tools to scan your html form, extract variables and preform a wide range of insertion techniques to your php code. Learn from my mistakes! In one hour they can send out 1,000,000 mesages from your mail domain and you'll spend months trying to get your domain off blocked lists.

Also if you look at my code you'll see how to do the IP address, senders name and line breaks (\n or \r\n) stuff you are asking about.

Re: Need help with a PHP contact form

Posted: Fri Jun 19, 2009 12:46 pm
by jayshields
Eric! wrote:my php code
Where is this PHP code?

Re: PHP Help Needed

Posted: Fri Jun 19, 2009 10:44 pm
by Eric!
Eric! wrote: Try starting with the two pieces of code I posted here
viewtopic.php?f=1&t=101854

get the form contact.html
and the script _mail.php
Look familiar?