faery_gold Posted June 23, 2009 Share Posted June 23, 2009 Hi everyone, I've had a look through existing threads on secure contact forms but can't find anything that will answer my question. I found some code that will create a secure contact form but the code only had a field for email address and the message area. I wanted one that had an extra field for name. I've altered the code to include a name variable but when I execute the code if fails and executes the error message "Something went wrong when the server tried to send your message. This is usually due to a server error, and is probably not your fault. We apologise for any inconvenience caused." instead of sending the message. When I take the name variable out of the mail function it works perfectly. Would someone be able to have a look and tell me why this isn't working when I change it? I've highlighted my changes in red. Many thanks in advance <?php $to='******@hotmail.com'; $messageSubject='Portfolio Contact Form'; $confirmationSubject='Message sent to Portfolio'; $confirmationBody="Message: "; $email=''; $name=''; $body=''; $displayForm=true; if ($_POST){ $email=stripslashes($_POST['email']); $body=stripslashes($_POST['body']); $name=stripslashes($_POST['name']); // validate e-mail address $valid=eregi('^([0-9a-z]+[-._+&])*[0-9a-z]+@([-0-9a-z]+[.])+[a-z]{2,6}$',$email); $crack=eregi("(\r|\n)(to:|from:|cc:|bcc:)",$body); if ($email && $body && $valid && !$crack){ if (mail($to,$messageSubject,$name,$body,'From: '.$email."\r\n") && mail($email,$confirmationSubject,$name,$confirmationBody.$body,'From: '.$to."\r\n")){ $displayForm=false; ?> <p> Your message was successfully sent. In addition, a confirmation copy was sent to your e-mail address. Your message is shown below. </p> <?php echo '<p>'.htmlspecialchars($body).'</p>'; }else{ // the messages could not be sent ?> <p> Something went wrong when the server tried to send your message. This is usually due to a server error, and is probably not your fault. We apologise for any inconvenience caused. </p> <?php } }else if ($crack){ // cracking attempt ?> <p><strong> Your message contained e-mail headers within the message body. This seems to be a cracking attempt and the message has not been sent. </strong></p> <?php }else{ // form not complete ?> <p><strong> Your message could not be sent. You must include both a valid e-mail address and a message. </strong></p> <?php } } if ($displayForm){ } ?> Quote Link to comment https://forums.phpfreaks.com/topic/163427-altering-code-for-a-secure-contact-form/ Share on other sites More sharing options...
Psycho Posted June 23, 2009 Share Posted June 23, 2009 You are putting the variables in the wrong order. A simple look at the manual for mail() would have made that clear. I don't see why you would make the assumtion to add the name after the subject in any event. In any event you don't state what name you are trying to use. Are you wanting to add a name for the sender or the recipient. If you want the name to appear for the recipient it needs to be included with the email address as the first paramater like this: John Doe <john.doe@example.com> If you want the name to appear for the sender, it is in the same format, but it included as part of the second to last parameter which is for the additional headers and can include additional information: FROM: John Doe <john.doe@example.com> Take a look at the manual for more info: http://us.php.net/manual/en/function.mail.php Quote Link to comment https://forums.phpfreaks.com/topic/163427-altering-code-for-a-secure-contact-form/#findComment-862280 Share on other sites More sharing options...
faery_gold Posted June 26, 2009 Author Share Posted June 26, 2009 Thanks very much for your help. Obviously I'm quite new to PHP! I'll try not to make such a rookie mistake again and I'll always check php.net before posting questions on the forum Quote Link to comment https://forums.phpfreaks.com/topic/163427-altering-code-for-a-secure-contact-form/#findComment-863999 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.