gardencat Posted November 12, 2013 Share Posted November 12, 2013 I've made a web site (for a client) that has a contact form. The form works fine, but the email that arrives shows a long weird address, which I assume is the hosting server name: Visitor@p3nlhgxxxxxxxxxsecureserver.net. These emails look scary to my website client, and she's afraid to open them. Is there some code I can add to the php file that will change who the email appears to be from in my client's inbox? This is part of what's in the php file: $EmailFrom = "Visitor"; $EmailTo = "MyClient@HerAddress.com"; $Subject = "Message from BusinessName website"; $Name = Trim(stripslashes($_POST['Name'])); $Email = Trim(stripslashes($_POST['Email'])); $Message = Trim(stripslashes($_POST['Message'])); Disclaimer . . . I know nothing about writing PHP. TIA - gardencat Quote Link to comment Share on other sites More sharing options...
keloa Posted November 12, 2013 Share Posted November 12, 2013 First, can you show us the full code so that will be able to help you.Another thing is a suggestion,which is why don't you give the visitor the ability to write his name instead of "visitor". Quote Link to comment Share on other sites More sharing options...
gardencat Posted November 12, 2013 Author Share Posted November 12, 2013 I do have a Name field in the form, but can't figure out how to get that to show up in the $EmailFrom area either. Here's everything in the PHP file: <?php $EmailFrom = "Website visitor"; $EmailTo = "MyClient@HerAddress.com"; $Subject = "Message from BusinessName website"; $Name = Trim(stripslashes($_POST['Name'])); $Email = Trim(stripslashes($_POST['Email'])); $Message = Trim(stripslashes($_POST['Message'])); // validation $validationOK=true; if (!$validationOK) { print "<meta http-equiv=\"refresh\" content=\"0;URL=error.htm\">"; exit; } // prepare email body text $Body = ""; $Body .= "Name: "; $Body .= $Name; $Body .= "\n"; $Body .= "Email: "; $Body .= $Email; $Body .= "\n"; $Body .= "Message: "; $Body .= $Message; $Body .= "\n"; // send email $success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>"); // redirect to success page if ($success){ print "<meta http-equiv=\"refresh\" content=\"0;URL=contactthanks.php\">"; } else{ print "<meta http-equiv=\"refresh\" content=\"0;URL=error.htm\">"; } ?> Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted November 12, 2013 Share Posted November 12, 2013 Try changing $EmailFrom to an email address. More information about the mail() function (including some examples) can be found here: http://php.net/manual/en/function.mail.php Quote Link to comment Share on other sites More sharing options...
JIXO Posted November 13, 2013 Share Posted November 13, 2013 Try to validate the emails first before displaying them, PEAR has a validation class here. Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted November 13, 2013 Share Posted November 13, 2013 Try to validate the emails first before displaying them, PEAR has a validation class here. I'm not sure how this applies directly to the topic at hand, but PHP can also handle validation: http://php.net/manual/en/filter.examples.validation.php Quote Link to comment Share on other sites More sharing options...
JIXO Posted November 13, 2013 Share Posted November 13, 2013 Well these guys class can check if the domain from which the email address is online. It can provide some advanced email validation if he decides to take the visitor email, anyway never mind. Quote Link to comment Share on other sites More sharing options...
Solution cyberRobot Posted November 13, 2013 Solution Share Posted November 13, 2013 Well these guys class can check if the domain from which the email address is online. It can provide some advanced email validation if he decides to take the visitor email, anyway never mind. To be honest, I was thinking your comment was spam. Perhaps my sensors are set too high. Based on the code posted, the email address which comes from the user ($_POST['Email']) is only used in the message body. The problem is caused by the hard-coded value used for $EmailFrom. The headers argument for "From:" requires an email address. Since one wasn't provided, it uses an address defined by the server. Quote Link to comment Share on other sites More sharing options...
gardencat Posted November 13, 2013 Author Share Posted November 13, 2013 Thank you, cyberRobot . . . . using ($_POST['Email']) fixed the problem. Thanks for the validation info, too. Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted November 13, 2013 Share Posted November 13, 2013 Thank you, cyberRobot . . . . using ($_POST['Email']) fixed the problem. Thanks for the validation info, too. Just keep in mind that this could open your script up to email injection attacks: https://www.google.com/search?q=php+email+injection+attack Information from the user, such is what you get from forms, should not be trusted. If you're not doing so already, the email address should be validated using something like the following: http://php.net/manual/en/filter.examples.validation.php Personally, I prefer to use a standard email as the from address such as the webmaster email for the website. It helps distinguish that the information came from an online form. Plus, it's easier to set up rules in an email client for filtering incoming mail. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.