Hi everyone,
I'm a frontend designer starting to learn about getting forms to work. What I'm after is a script that I can learn from and get working on a site relatively quickly. Something that has the 'how to' details with the script, explaining stuff. A simple feedback form, that displays something similar to what I'm showing below. I need this script to generate an e-mail that is sent back to the visitor saying, thank you etc for your query. Would the same script work for creating a join e-mail database form ? Am I right in saying that?
Can anyone recommend a thorough tutorial with actual working scripts for php 5? My server supports php 5.
Much Appreciation. S
[HTML]<form action="" method="" name="" target="" id="" onsubmit="" >
<p><label for="name">Full Name</label>
<input name="fullname" type="text" class="text" id="fullname" />
</p>
<p><label for="email">E-Mail</label>
<input name="email" type="text" class="text" id="email" />
</p>
<p><label for="phone">Pho ne No.</label>
<input name="phone_no" type="text" class="text" id="phone_no" />
</p>
<p>
<label for="subject">S elect subject</label>
<select name="subject" class="text" id="subject">
<option selected="selec ted">Select subject</option>
<option value="design"> Design</option>
<option value="developm ent">Developmen t</option>
<option value="identity ">Brand Identity</option>
<option value="marketin g">Online Marketing</option>
<option value="question ">General Question</option>
</select></p>
<p><label for="question"> Your Question.</label>
<textarea name="question" cols="30" rows="10" id="question" class="text"></textarea>
</p>
<p><input name="Submit" class="submit" type="submit" value="submit" /><input name="reset" type="reset" value="reset" />
</p></form>[/HTML]
4 4059
Important info if you want to have the from address user inputed!
Copied from W3Schools: -
<html>
-
<body>
-
-
<?php
-
if (isset($_REQUEST['email']))
-
//if "email" is filled out, send email
-
{
-
//send email
-
$email = $_REQUEST['email'] ;
-
$subject = $_REQUEST['subject'] ;
-
$message = $_REQUEST['message'] ;
-
mail("someone@example.com", "Subject: $subject",
-
$message, "From: $email" );
-
echo "Thank you for using our mail form";
-
}
-
else
-
//if "email" is not filled out, display the form
-
{
-
echo "<form method='post' action='mailform.php'>
-
Email: <input name='email' type='text' /><br />
-
Subject: <input name='subject' type='text' /><br />
-
Message:<br />
-
<textarea name='message' rows='15' cols='40'>
-
</textarea><br />
-
<input type='submit' />
-
</form>";
-
}
-
?>
-
-
</body>
-
</html>
-
The problem with the code above is that unauthorized users can insert data into the mail headers via the input form.
What happens if the user adds the following text to the email input field in the form? -
someone@example.com%0ACc:person2@example.com
-
%0ABcc:person3@example.com,person3@example.com,
-
anotherperson4@example.com,person5@example.com
-
%0ABTo:person6@example.com
-
The mail() function puts the text above into the mail headers as usual, and now the header has an extra Cc:, Bcc:, and To: field. When the user clicks the submit button, the e-mail will be sent to all of the addresses above!
The best way to stop e-mail injections is to validate the input.
Now we have added an input validator that checks the email field in the form: -
<html>
-
<body>
-
-
<?php
-
function spamcheck($field)
-
{
-
//eregi() performs a case insensitive regular expression match
-
if(eregi("to:",$field) || eregi("cc:",$field))
-
{
-
return TRUE;
-
}
-
else
-
{
-
return FALSE;
-
}
-
}
-
-
//if "email" is filled out, send email
-
if (isset($_REQUEST['email']))
-
{
-
//check if the email address is invalid
-
$mailcheck = spamcheck($_REQUEST['email']);
-
if ($mailcheck==TRUE)
-
{
-
echo "Invalid input";
-
}
-
else
-
{
-
//send email
-
$email = $_REQUEST['email'] ;
-
$subject = $_REQUEST['subject'] ;
-
$message = $_REQUEST['message'] ;
-
mail("someone@example.com", "Subject: $subject",
-
$message, "From: $email" );
-
echo "Thank you for using our mail form";
-
}
-
}
-
else
-
//if "email" is not filled out, display the form
-
{
-
echo "<form method='post' action='mailform.php'>
-
Email: <input name='email' type='text' /><br />
-
Subject: <input name='subject' type='text' /><br />
-
Message:<br />
-
<textarea name='message' rows='15' cols='40'>
-
</textarea><br />
-
<input type='submit' />
-
</form>";
-
}
-
?>
-
-
</body>
-
</html>
-
Have a look at the tutorial at Send Email from a PHP Script
and another one at Geekz http://lampgeekz.netgeekz.net/forum/...opic,38.0.html
Ronald :cool:
Thanks for those suggestions Ronald, I checked out the tutorials on about.com and set up the php, seems to be working fine. I've put it to work on www.zofocreativ e.com/zofo_creative_e nquiry_form.htm . Yea, I found the about tutorials managable, as I'm not a php programmer, so I'm delighted with the result and to be able to do it myself without getting my programmers to to it. Cheers, nice one.
And do not forget to sanitize ALL fields. The sample that themadmidget supplied is a good example of spam prevention.
But you must also verify the 'correctness' of the email address[php]function valid_email ($str) {
return (ereg ('(^[0-9a-zA-Z_\.-]{1,}@([0-9a-zA-Z_\-]{1,}\.)+[0-9a-zA-Z_\-]{2,}$)', $str));
}[/php]
and minimally cleanse the subject and message fields, like this:[php]
$subject = strip_tags($_RE QUEST['subject'] );
$message = strip_tags($_RE QUEST['message'] );[/php]
Ronald :cool:
Sign in to post your reply or Sign up for a free account.
Similar topics |
by: Web Master |
last post by:
Hi,
I am having a little issue with Jacks Form mail php script. I have
installed it and configured the form to get it to work, but for some
bizarre reason I have 2 issues I can't seem to debug.
Issue#1: I get 2 copies of the form that gets submitted each time.
Issue#2: The header does not display the "FROM" information in
Outlook, but I can see the From information in my email spam filter
|
by: Ann |
last post by:
Hi,
I am trying to send a html email from a php script. This script emails
a common information to all the members in the database. The only
problem is I cannot specify colors, hyperlinks etc..Html tags like
<h1></h1>, <br/>, <b> etc works though..
Could any one tell me what i might be doing wrong? Any help will be
greatly appreciated.
|
by: Jane Withnolastname |
last post by:
I have a very simple navigation "menu" in the middle of my page. It is
three simple links and it lays out horizontally. To achieve this, I
used the following table:
<table align=center width="40%">
<tr>
<td align=left width="13%"><a href="#auctions">Auctions</a></td>
<td align=center width="13%"><a href="gallery.htm">Gallery</a></td>
<td align=right width="13%"><a
href="mailto:JaneWithnolastnameNOSPAM@yahoo.com">Contact</a></td>
|
by: Francois Keyeux |
last post by:
hello everyone:
i have a web site built using vbasic active server scripting running on
iis (it works on either iis 50 and 60, but is designed for iis 50)
i know how to create a plain text email by creating a text file, with
content following certain format, and saving that file into the correct
'..\mailroot\pickup' folder, and it is working fine
|
by: Margaret Werdermann |
last post by:
Hi all:
I'm having a nasty time with a particularly difficult piece of code
and was hoping someone might be able to help me. I have a FormMail
form that originally worked perfectly.
Then, I had to add a JavaScript function to the Submit button to make
a server function run when the form was submitted. Unfortunately,
this JavaScript wouldn't run when the button was designated as a
Submit, so I changed the button and placed a...
| |
by: fleemo17 |
last post by:
It's been a while since I had to set up a form on a site. Is Matt's
FormMail script still a good choice, or are there better options
available these days?
-F
|
by: Rico |
last post by:
Hello,
I'm using formmail.asp which is an emailing utility. Basically, the user
fills out a request page, clicks "Submit" and the page posts to formmail.asp
which emails the user information.
I'm running IIS5 on a Win2k server box and recently ran the Windows Updates
(the last time I do that). Anyway, that emailing form doesn't work now on
any of the sites I host. Any ideas?
|
by: willmore |
last post by:
Is sendmail the same as formmail ?
I have a cgi scripr that need a path to sendmail, but on my server are insted Formmail.
BG
Willmore
|
by: Pete Marsh |
last post by:
Wondering if anyone can see an error with this script. I get a server
configuration error. THat could mean a module is not being loaded, but
maybe there's a syntax error here, can anyone spot it? Thanks
<?
Error_Reporting(E_ALL & ~E_NOTICE);
$subject="from ".$_REQUEST ;
$headers= "From: ".$_REQUEST ."\n";
$headers.='Content-type: text/html; charset=iso-8859-1';
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |