Introduction
This article describes on how to create PHP Form Mailer.
Main
This article will help you stop spammer to send their trash using your form. It will also sends email to you the site owner and sends a confirmation to the sender including a copy of their query.
Please find below as the html code to create the contact form:
<html>
<head>
<title>PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi form
mailers)</title>
<style>
BODY{color:#000000; font-size: 8pt; font-family: Verdana}
.button {background-color: rgb(128,128,128); color:#ffffff; font-size: 8pt;}
.inputc {font-size: 8pt;}
</style>
</head>
<body>
<form name="phpformmailer" action="contact.php" align="center" method="post">
<div align="center"><center><table bgcolor="#F2F2F2" width="528" cellspacing="6">
<tr>
<td width="159"><strong>Contact Us</strong></td>
<td width="349"><a
href="http://thedemosite.co.uk/phpformmailer/source_code_php_form_mailer_more_secure_than_cgi_form_mailers.php"><small>PHP
Form Mailer - phpFormMailer <strong>- Source code</strong></small></a></td>
</tr>
<tr>
<td align="right" width="159"><small>Your name:</small></td>
<td width="349"><font face="Arial"><input class="inputc" size="29" name="name"></font></td>
</tr>
<tr>
<td align="right" width="159"><font color="#000080" size="1">*</font><small> Your email
address:</small></td>
<td align="left" width="349"><font face="Arial"><input class="inputc" size="29"
name="email"></font></td>
</tr>
<tr align="middle">
<td align="right" width="159"><font color="#000080" size="1">*</font><small> Confirm email
address:</small></td>
<td width="349" align="left"><font face="Arial"><input class="inputc" size="29"
name="email2"></font></td>
</tr>
<tr>
<td align="right" width="159"><font color="#000080" size="1">*</font><small> Subject:</small></td>
<td width="349"><font face="Arial"><input class="inputc" size="29" name="thesubject"></font></td>
</tr>
<tr>
<td align="right" width="159"> <p><font color="#000080" size="1">*</font><small> Your
request or query:</small></td>
<td width="349"><textarea style="FONT-SIZE: 10pt" name="themessage" rows="7" cols="27"></textarea></td>
</tr>
<tr>
<td width="159"></td>
<td width="349"><script language="JavaScript"><!--
function validateForm()
{
var okSoFar=true
with (document.phpformmailer)
{
var foundAt = email.value.indexOf("@",0)
if (foundAt < 1 && okSoFar)
{
okSoFar = false
alert ("Please enter a valid email address.")
email.focus()
}
var e1 = email.value
var e2 = email2.value
if (!(e1==e2) && okSoFar)
{
okSoFar = false
alert ("Email addresses you entered do not match. Please re-enter.")
email.focus()
}
if (thesubject.value=="" && okSoFar)
{
okSoFar=false
alert("Please enter the subject.")
thesubject.focus()
}
if (themessage.value=="" && okSoFar)
{
okSoFar=false
alert("Please enter the details for your enquiry.")
themessage.focus()
}
if (okSoFar==true) submit();
}
}
// --></script><input type="button" class="button"
value="Send" name="B1" ONCLICK="javascript:validateForm()"><small> <small>You must fill in
the fields marked with a *</small></small></td>
</tr>
</table>
</center></div>
</form>
</body>
</html>
To send email, below are some of the variables that you need to change:
$valid_ref1, $valid_ref2 and $replyemail from code:
<?php
/* PHP Form Mailer - phpFormMailer v2.1, last updated 30th Nov 2005 - check back often for updates!
(easy to use and more secure than many cgi form mailers) FREE from:
www.TheDemoSite.co.uk
Should work fine on most Unix/Linux platforms */
// ------- three variables you MUST change below -------------------------------------------------------
$valid_ref1="http://Your--domain/contact.html";// chamge "Your--domain" to your domain
$valid_ref2="http://www.Your--domain/contact.html";// chamge "Your--domain" to your domain
$replyemail="YOU@Your--domain";//change to your email address
// ------------------------------------------------------------
//clean input in case of header injection attempts!
function clean_input_4email($value, $check_all_patterns = true)
{
$patterns[0] = '/content-type:/';
$patterns[1] = '/to:/';
$patterns[2] = '/cc:/';
$patterns[3] = '/bcc:/';
if ($check_all_patterns)
{
$patterns[4] = '/\r/';
$patterns[5] = '/\n/';
$patterns[6] = '/%0a/';
$patterns[7] = '/%0d/';
}
//NOTE: can use str_ireplace as this is case insensitive but only available on PHP version 5.0.
return preg_replace($patterns, "", strtolower($value));
}
$name = clean_input_4email(Introduction
This article describes on how to create PHP Form Mailer.
Main
This article will help you stop spammer to send their trash using your form. It will also sends email to you the site owner and sends a confirmation to the sender including a copy of their query.
Please find below as the html code to create the contact form:
<html>
<head>
<title>PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi form
mailers)</title>
<style>
BODY{color:#000000; font-size: 8pt; font-family: Verdana}
.button {background-color: rgb(128,128,128); color:#ffffff; font-size: 8pt;}
.inputc {font-size: 8pt;}
</style>
</head>
<body>
<form name="phpformmailer" action="contact.php" align="center" method="post">
<div align="center"><center><table bgcolor="#F2F2F2" width="528" cellspacing="6">
<tr>
<td width="159"><strong>Contact Us</strong></td>
<td width="349"><a
href="http://thedemosite.co.uk/phpformmailer/source_code_php_form_mailer_more_secure_than_cgi_form_mailers.php"><small>PHP
Form Mailer - phpFormMailer <strong>- Source code</strong></small></a></td>
</tr>
<tr>
<td align="right" width="159"><small>Your name:</small></td>
<td width="349"><font face="Arial"><input class="inputc" size="29" name="name"></font></td>
</tr>
<tr>
<td align="right" width="159"><font color="#000080" size="1">*</font><small> Your email
address:</small></td>
<td align="left" width="349"><font face="Arial"><input class="inputc" size="29"
name="email"></font></td>
</tr>
<tr align="middle">
<td align="right" width="159"><font color="#000080" size="1">*</font><small> Confirm email
address:</small></td>
<td width="349" align="left"><font face="Arial"><input class="inputc" size="29"
name="email2"></font></td>
</tr>
<tr>
<td align="right" width="159"><font color="#000080" size="1">*</font><small> Subject:</small></td>
<td width="349"><font face="Arial"><input class="inputc" size="29" name="thesubject"></font></td>
</tr>
<tr>
<td align="right" width="159"> <p><font color="#000080" size="1">*</font><small> Your
request or query:</small></td>
<td width="349"><textarea style="FONT-SIZE: 10pt" name="themessage" rows="7" cols="27"></textarea></td>
</tr>
<tr>
<td width="159"></td>
<td width="349"><script language="JavaScript"><!--
function validateForm()
{
var okSoFar=true
with (document.phpformmailer)
{
var foundAt = email.value.indexOf("@",0)
if (foundAt < 1 && okSoFar)
{
okSoFar = false
alert ("Please enter a valid email address.")
email.focus()
}
var e1 = email.value
var e2 = email2.value
if (!(e1==e2) && okSoFar)
{
okSoFar = false
alert ("Email addresses you entered do not match. Please re-enter.")
email.focus()
}
if (thesubject.value=="" && okSoFar)
{
okSoFar=false
alert("Please enter the subject.")
thesubject.focus()
}
if (themessage.value=="" && okSoFar)
{
okSoFar=false
alert("Please enter the details for your enquiry.")
themessage.focus()
}
if (okSoFar==true) submit();
}
}
// --></script><input type="button" class="button"
value="Send" name="B1" ONCLICK="javascript:validateForm()"><small> <small>You must fill in
the fields marked with a *</small></small></td>
</tr>
</table>
</center></div>
</form>
</body>
</html>
To send email, below are some of the variables that you need to change:
$valid_ref1, $valid_ref2 and $replyemail from code:
<?php
/* PHP Form Mailer - phpFormMailer v2.1, last updated 30th Nov 2005 - check back often for updates!
(easy to use and more secure than many cgi form mailers) FREE from:
www.TheDemoSite.co.uk
Should work fine on most Unix/Linux platforms */
// ------- three variables you MUST change below -------------------------------------------------------
$valid_ref1="http://Your--domain/contact.html";// chamge "Your--domain" to your domain
$valid_ref2="http://www.Your--domain/contact.html";// chamge "Your--domain" to your domain
$replyemail="YOU@Your--domain";//change to your email address
// ------------------------------------------------------------
//clean input in case of header injection attempts!
function clean_input_4email($value, $check_all_patterns = true)
{
$patterns[0] = '/content-type:/';
$patterns[1] = '/to:/';
$patterns[2] = '/cc:/';
$patterns[3] = '/bcc:/';
if ($check_all_patterns)
{
$patterns[4] = '/\r/';
$patterns[5] = '/\n/';
$patterns[6] = '/%0a/';
$patterns[7] = '/%0d/';
}
//NOTE: can use str_ireplace as this is case insensitive but only available on PHP version 5.0.
return preg_replace($patterns, "", strtolower($value));
}
$name = clean_input_4email($_POST["name"]);
$email = clean_input_4email($_POST["email"]);
$thesubject = clean_input_4email($_POST["thesubject"]);
$themessage = clean_input_4email($_POST["themessage"], false);
$error_msg='ERROR - not sent. Try again.';
$success_sent_msg='<p align="center"><strong> </strong></p>
<p align="center"><strong>Your message has been successfully sent to us<br>
</strong> and we will reply as soon as possible.</p>
<p align="center">A copy of your query has been sent to you.</p>
<p align="center">Thank you for contacting us.</p>';
$replymessage = "Hi $name
Thank you for your email.
We will endeavour to reply to you shortly.
Please DO NOT reply to this email.
Below is a copy of the message you submitted:
--------------------------------------------------
Subject: $thesubject
Query:
$themessage
--------------------------------------------------
Thank you";
// email variable not set - load $valid_ref1 page
if (!isset($_POST['email']))
{
echo "<script language=\"JavaScript\"><!--\n ";
echo "top.location.href = \"$valid_ref1\"; \n// --></script>";
exit;
}
$ref_page=$_SERVER["HTTP_REFERER"];
$valid_referrer=0;
if($ref_page==$valid_ref1) $valid_referrer=1;
elseif($ref_page==$valid_ref2) $valid_referrer=1;
if(!$valid_referrer)
{
echo "<script language=\"JavaScript\"><!--\n alert(\"$error_msg\");\n";
echo "top.location.href = \"$valid_ref1\"; \n// --></script>";
exit;
}
$themessage = "name: $name \nQuery: $themessage";
mail("$replyemail",
"$thesubject",
"$themessage",
"From: $email\nReply-To: $email");
mail("$email",
"Receipt: $thesubject",
"$replymessage",
"From: $replyemail\nReply-To: $replyemail");
echo $success_sent_msg;
/*
PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi form mailers)
FREE from:
www.TheDemoSite.co.uk */
?>
References
This article is taken from:
http://thedemosite.co.uk/phpformmailer/source_code_php_form_mailer_more_secure_than_cgi_form_mailers.php
POST["name"]);
$email = clean_input_4email(Introduction
This article describes on how to create PHP Form Mailer.
Main
This article will help you stop spammer to send their trash using your form. It will also sends email to you the site owner and sends a confirmation to the sender including a copy of their query.
Please find below as the html code to create the contact form:
<html>
<head>
<title>PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi form
mailers)</title>
<style>
BODY{color:#000000; font-size: 8pt; font-family: Verdana}
.button {background-color: rgb(128,128,128); color:#ffffff; font-size: 8pt;}
.inputc {font-size: 8pt;}
</style>
</head>
<body>
<form name="phpformmailer" action="contact.php" align="center" method="post">
<div align="center"><center><table bgcolor="#F2F2F2" width="528" cellspacing="6">
<tr>
<td width="159"><strong>Contact Us</strong></td>
<td width="349"><a
href="http://thedemosite.co.uk/phpformmailer/source_code_php_form_mailer_more_secure_than_cgi_form_mailers.php"><small>PHP
Form Mailer - phpFormMailer <strong>- Source code</strong></small></a></td>
</tr>
<tr>
<td align="right" width="159"><small>Your name:</small></td>
<td width="349"><font face="Arial"><input class="inputc" size="29" name="name"></font></td>
</tr>
<tr>
<td align="right" width="159"><font color="#000080" size="1">*</font><small> Your email
address:</small></td>
<td align="left" width="349"><font face="Arial"><input class="inputc" size="29"
name="email"></font></td>
</tr>
<tr align="middle">
<td align="right" width="159"><font color="#000080" size="1">*</font><small> Confirm email
address:</small></td>
<td width="349" align="left"><font face="Arial"><input class="inputc" size="29"
name="email2"></font></td>
</tr>
<tr>
<td align="right" width="159"><font color="#000080" size="1">*</font><small> Subject:</small></td>
<td width="349"><font face="Arial"><input class="inputc" size="29" name="thesubject"></font></td>
</tr>
<tr>
<td align="right" width="159"> <p><font color="#000080" size="1">*</font><small> Your
request or query:</small></td>
<td width="349"><textarea style="FONT-SIZE: 10pt" name="themessage" rows="7" cols="27"></textarea></td>
</tr>
<tr>
<td width="159"></td>
<td width="349"><script language="JavaScript"><!--
function validateForm()
{
var okSoFar=true
with (document.phpformmailer)
{
var foundAt = email.value.indexOf("@",0)
if (foundAt < 1 && okSoFar)
{
okSoFar = false
alert ("Please enter a valid email address.")
email.focus()
}
var e1 = email.value
var e2 = email2.value
if (!(e1==e2) && okSoFar)
{
okSoFar = false
alert ("Email addresses you entered do not match. Please re-enter.")
email.focus()
}
if (thesubject.value=="" && okSoFar)
{
okSoFar=false
alert("Please enter the subject.")
thesubject.focus()
}
if (themessage.value=="" && okSoFar)
{
okSoFar=false
alert("Please enter the details for your enquiry.")
themessage.focus()
}
if (okSoFar==true) submit();
}
}
// --></script><input type="button" class="button"
value="Send" name="B1" ONCLICK="javascript:validateForm()"><small> <small>You must fill in
the fields marked with a *</small></small></td>
</tr>
</table>
</center></div>
</form>
</body>
</html>
To send email, below are some of the variables that you need to change:
$valid_ref1, $valid_ref2 and $replyemail from code:
<?php
/* PHP Form Mailer - phpFormMailer v2.1, last updated 30th Nov 2005 - check back often for updates!
(easy to use and more secure than many cgi form mailers) FREE from:
www.TheDemoSite.co.uk
Should work fine on most Unix/Linux platforms */
// ------- three variables you MUST change below -------------------------------------------------------
$valid_ref1="http://Your--domain/contact.html";// chamge "Your--domain" to your domain
$valid_ref2="http://www.Your--domain/contact.html";// chamge "Your--domain" to your domain
$replyemail="YOU@Your--domain";//change to your email address
// ------------------------------------------------------------
//clean input in case of header injection attempts!
function clean_input_4email($value, $check_all_patterns = true)
{
$patterns[0] = '/content-type:/';
$patterns[1] = '/to:/';
$patterns[2] = '/cc:/';
$patterns[3] = '/bcc:/';
if ($check_all_patterns)
{
$patterns[4] = '/\r/';
$patterns[5] = '/\n/';
$patterns[6] = '/%0a/';
$patterns[7] = '/%0d/';
}
//NOTE: can use str_ireplace as this is case insensitive but only available on PHP version 5.0.
return preg_replace($patterns, "", strtolower($value));
}
$name = clean_input_4email($_POST["name"]);
$email = clean_input_4email($_POST["email"]);
$thesubject = clean_input_4email($_POST["thesubject"]);
$themessage = clean_input_4email($_POST["themessage"], false);
$error_msg='ERROR - not sent. Try again.';
$success_sent_msg='<p align="center"><strong> </strong></p>
<p align="center"><strong>Your message has been successfully sent to us<br>
</strong> and we will reply as soon as possible.</p>
<p align="center">A copy of your query has been sent to you.</p>
<p align="center">Thank you for contacting us.</p>';
$replymessage = "Hi $name
Thank you for your email.
We will endeavour to reply to you shortly.
Please DO NOT reply to this email.
Below is a copy of the message you submitted:
--------------------------------------------------
Subject: $thesubject
Query:
$themessage
--------------------------------------------------
Thank you";
// email variable not set - load $valid_ref1 page
if (!isset($_POST['email']))
{
echo "<script language=\"JavaScript\"><!--\n ";
echo "top.location.href = \"$valid_ref1\"; \n// --></script>";
exit;
}
$ref_page=$_SERVER["HTTP_REFERER"];
$valid_referrer=0;
if($ref_page==$valid_ref1) $valid_referrer=1;
elseif($ref_page==$valid_ref2) $valid_referrer=1;
if(!$valid_referrer)
{
echo "<script language=\"JavaScript\"><!--\n alert(\"$error_msg\");\n";
echo "top.location.href = \"$valid_ref1\"; \n// --></script>";
exit;
}
$themessage = "name: $name \nQuery: $themessage";
mail("$replyemail",
"$thesubject",
"$themessage",
"From: $email\nReply-To: $email");
mail("$email",
"Receipt: $thesubject",
"$replymessage",
"From: $replyemail\nReply-To: $replyemail");
echo $success_sent_msg;
/*
PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi form mailers)
FREE from:
www.TheDemoSite.co.uk */
?>
References
This article is taken from:
http://thedemosite.co.uk/phpformmailer/source_code_php_form_mailer_more_secure_than_cgi_form_mailers.php
POST["email"]);
$thesubject = clean_input_4email(Introduction
This article describes on how to create PHP Form Mailer.
Main
This article will help you stop spammer to send their trash using your form. It will also sends email to you the site owner and sends a confirmation to the sender including a copy of their query.
Please find below as the html code to create the contact form:
<html>
<head