Altering code for a secure contact form

[faery_gold]

Hi everyone,

 

I've had a look through existing threads on secure contact forms but can't find anything that will answer my question.

 

I found some code that will create a secure contact form but the code only had a field for email address and the message area. I wanted one that had an extra field for name.

 

I've altered the code to include a name variable but when I execute the code if fails and executes the error message

  "Something went wrong when the server tried to send your message. This is usually due to a  server error, and is probably not your fault. We apologise for any inconvenience caused."

instead of sending the message. When I take the name variable out of the mail function it works perfectly.

 

Would someone be able to have a look and tell me why this isn't working when I change it? I've highlighted my changes in red.

 

Many thanks in advance 

 

<?php

  $to='******@hotmail.com';

  $messageSubject='Portfolio Contact Form';

  $confirmationSubject='Message sent to Portfolio';

  $confirmationBody="Message: ";

  $email='';

  $name='';

  $body='';

  $displayForm=true;

  if ($_POST){

        $email=stripslashes($_POST['email']);

$body=stripslashes($_POST['body']);

$name=stripslashes($_POST['name']);

    // validate e-mail address

    $valid=eregi('^([0-9a-z]+[-._+&])*[0-9a-z]+@([-0-9a-z]+[.])+[a-z]{2,6}$',$email);

    $crack=eregi("(\r|\n)(to:|from:|cc:|bcc:)",$body);

    if ($email && $body && $valid && !$crack){

      if (mail($to,$messageSubject,$name,$body,'From: '.$email."\r\n")

          && mail($email,$confirmationSubject,$name,$confirmationBody.$body,'From: '.$to."\r\n")){

        $displayForm=false;

?>

<p>

  Your message was successfully sent.

  In addition, a confirmation copy was sent to your e-mail address.

  Your message is shown below.

</p>

<?php

        echo '<p>'.htmlspecialchars($body).'</p>';

      }else{ // the messages could not be sent

?>

<p>

  Something went wrong when the server tried to send your message.

  This is usually due to a server error, and is probably not your fault.

  We apologise for any inconvenience caused.

</p>

<?php

      }

    }else if ($crack){ // cracking attempt

?>

<p><strong>

  Your message contained e-mail headers within the message body.

  This seems to be a cracking attempt and the message has not been sent.

</strong></p>

<?php

    }else{ // form not complete

?>

<p><strong>

  Your message could not be sent.

  You must include both a valid e-mail address and a message.

</strong></p>

<?php

    }

  }

  if ($displayForm){

 

  }

?>

 

[Psycho]

You are putting the variables in the wrong order. A simple look at the manual for mail() would have made that clear. I don't see why you would make the assumtion to add the name after the subject in any event.

 

In any event you don't state what name you are trying to use. Are you wanting to add a name for the sender or the recipient.

 

If you want the name to appear for the recipient it needs to be included with the email address as the first paramater like this:

John Doe <john.doe@example.com>

 

If you want the name to appear for the sender, it is in the same format, but it included as part of the second to last parameter which is for the additional headers and can include additional information:

FROM: John Doe <john.doe@example.com>

 

Take a look at the manual for more info: http://us.php.net/manual/en/function.mail.php

[faery_gold]

Thanks very much for your help. Obviously I'm quite new to PHP! I'll try not to make such a rookie mistake again and I'll always check php.net before posting questions on the forum