Current simple solution is this:
Code: Select all
<?php
$pagetitle='Feedback';
include("$DOCUMENT_ROOT/templates/header1.php");
include("$DOCUMENT_ROOT/templates/menu.php");
if(!empty($message)){ // only send if the form has been filled out.
$mailTo="feedback@domain.com";
$mailHeaders="From : $realname";
$mailSubject="$subject";
$mailBody="Sent by $realname ($email)\n\n";
$mailBody.="Message : $message";
mail($mailTo, $mailSubject, $mailBody, $mailHeaders);
echo "<b>Your email has been sent</b><p>";
}
print ("<form method=post>
Your name: <input type=text name=realname SIZE=40 MAXLENGTH=80><br>
Your email: <input type=text name=email SIZE=40 MAXLENGTH=80><br>
Subject: <input type=text name=subject SIZE=40 MAXLENGTH=80><br>
Your message:<br> <textarea name=message ROWS=5 COLS=40></TEXTAREA><br>
<input type=hidden name=sent value=1>
<input type=submit value=Send>
<input type=reset value=Clear>
</form>");
include("$DOCUMENT_ROOT/templates/footer1.php");
?>Code: Select all
<?php
/**
* Check single-line inputs:
* Returns false if text contains newline character
*/
function has_no_newlines($text)
{
return preg_match("/(%0A|%0D|\n+|\r+)/i", $text);
}
/**
* Check multi-line inputs:
* Returns false if text contains newline followed by
* email-header specific string
*/
function has_no_emailheaders($text)
{
return preg_match("/(%0A|%0D|\n+|\r+)(content-type:|to:|cc:|bcc:)/i", $text);
}
?>Code: Select all
<?php
if(!preg_match("/^([0-9a-zA-Z]([-.w]*[0-9a-zA-Z])*@([0-9a-zA-Z][-w]
*[0-9a-zA-Z].)+[a-zA-Z]{2,9})$/",$_POST["from"])) {
//email address is invalid
die("Invalid Email");
}
?>Code: Select all
<?php
$pagetitle='Feedback';
include("$DOCUMENT_ROOT/templates/header1.php");
include("$DOCUMENT_ROOT/templates/menu.php");
// Call procedures before going to mail form - is this right?
// Procedure 1.
/**
* Check single-line inputs:
* Returns false if text contains newline character
*/
function has_no_newlines($message)
{
return preg_match("/(%0A|%0D|\n+|\r+)/i", $message);
}
/**
* Check multi-line inputs:
* Returns false if text contains newline followed by
* email-header specific string
*/
function has_no_emailheaders($message)
{
return preg_match("/(%0A|%0D|\n+|\r+)(content-type:|to:|cc:|bcc:)/i", $text);
}
// Procedure 2.
if(!preg_match("/^([0-9a-zA-Z]([-.w]*[0-9a-zA-Z])*@([0-9a-zA-Z][-w]
*[0-9a-zA-Z].)+[a-zA-Z]{2,9})$/",$_POST["email"])) {
//email address is invalid
die("Invalid Email");
}
if(!empty($message)){ // only send if the form has been filled out.
$mailTo="feedback@domain.com";
$mailHeaders="From : $realname";
$mailSubject="$subject";
$mailBody="Sent by $realname ($email)\n\n";
$mailBody.="Message : $message";
mail($mailTo, $mailSubject, $mailBody, $mailHeaders);
echo "<b>Your email has been sent</b><p>";
}
print ("<form method=post>
Your name: <input type=text name=realname SIZE=40 MAXLENGTH=80><br>
Your email: <input type=text name=email SIZE=40 MAXLENGTH=80><br>
Subject: <input type=text name=subject SIZE=40 MAXLENGTH=80><br>
Your message:<br> <textarea name=message ROWS=5 COLS=40></TEXTAREA><br>
<input type=hidden name=sent value=1>
<input type=submit value=Send>
<input type=reset value=Clear>
</form>");
include("$DOCUMENT_ROOT/templates/footer1.php");
?>