I am very, very new to php and I though that I found this great one size fits all php script that will handle all my forms no matter what the field name is.
<?php
if ($_SERVER['REQUEST_METHOD']=="POST"){
if (strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])>8 ¦¦
!strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST']))
die("Bad referer");
$msg="Values submitted by the user:\n";
foreach($_POST as $key => $val){
if (is_array($val)){
$msg.="Item: $key\n";
foreach($val as $v){
$v = stripslashes($v);
$msg.=" $v\n";
}
} else {
$val = stripslashes($val);
$msg.="$key: $val\n";
}
}
$recipient="Myemail@myemail.com";
$subject="Subject line of email";
error_reporting(0);
if (mail($recipient, $subject, $msg)){
echo "<h1>Thank you</h1><p>Response message</p>\n";
echo nl2br($input);
} else
echo "An error occurred and the message could not be sent.";
} else
echo "Bad request method";
?>
However, I am worried that my form may get hijacked and therefore I wanted to place some security.
So I found
function clean_input_4email($value, $check_all_patterns = true)
{
$patterns[0] = '/content-type:/';
$patterns[1] = '/to:/';
$patterns[2] = '/cc:/';
$patterns[3] = '/bcc:/';
if ($check_all_patterns)
{
$patterns[4] = '/\r/';
$patterns[5] = '/\n/';
$patterns[6] = '/%0a/';
$patterns[7] = '/%0d/';
}
}
however I cannot figure out how to call this function or even if this is the best solution.
If anybody can help me, I would be most thankfull.