Jump to content

Archived

This topic is now archived and is closed to further replies.

redgtsviper

NEED php form to email code (with spam protection)

Recommended Posts

I have a form on my contact page that has the following fields Name, Email Address, Message. This form is on my contact.htm page.

When the info is submitted it goes to my contact.php to send the info to my email address. Below is the code that I am currently using to send emails. I am needing a way to modify what I have and make it where spammers cannot attack it and send out spam. I am new to PHP.


<?php
$msg = "My Website Online Contact Submission\n";
$msg .= "Name: $name\n";
$msg .= "Comments: $emailAddress\n\n";
$msg .= "Comments: $phone\n\n";
$msg .= "Comments: $message\n\n";

$to = "me@mydomain.com";
$subject = "CONTACT FROM WEBSITE";
$mailheaders = "From: Website Submission Form <$emailAddress>\n";
$mailheaders .= "Reply-To:$Email_Address <$emailAddress>\n\n";
// Mail to address
mail ( $to, $subject, $msg, $mailheaders );
?>

Share this post


Link to post
Share on other sites
Add this to the top of your script:

[code]
<?

if(!isset($_SERVER['HTTP_USER_AGENT'])){
  exit;
}

if(!$_SERVER['REQUEST_METHOD'] == "POST"){
  exit;   
}

?>
[/code]

Share this post


Link to post
Share on other sites
This is the code for my contact page.  I use a capthca image so the message can't be sent without the image text being entered in a text box.  Also it checks to make sure the user is actually on the page before sending the email.  If they come from a different site no email is sent
[code]<?php
/**
* Change the email address to your own.
*
* $empty_fields_message and $thankyou_message can be changed
* if you wish.
*/
if(isset($session['userid'])){
include 'includes/connection.php';

$query = "SELECT * FROM users WHERE userid = '".$_SESSION['userid']."'";

$result = mysql_query($query);
while($row = mysql_fetch_assoc($result)){
$firstname = $row['first_name'];
$lastname = $row['last_name'];
$emailaddress = $row['email_address'];
}
}

// Change to your own email address
$your_email = "your@emailaddress.com";

// This is what is displayed in the email subject line
// Change it if you want
$subject = "Message via your contact form";

// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";

// This is displayed when the email has been sent
$thankyou_message = "<p>Thankyou. Your message has been sent.</p>";

// You do not need to edit below this line

$name = stripslashes($_POST['txtName']);
$email = stripslashes($_POST['txtEmail']);
$message = stripslashes($_POST['txtMessage']);

if (!isset($_POST['txtName'])) {

?>
<h2>Contact Us</h2>
<p class="style3"><b>Jack Godfrey Honeylands Support Fund</B><br>
Dave Godfrey<br>
82 New Street<br>
Cullompton<br>
Devon<br>
EX15 1HD<br>

<p class="style3">Email us at: <a class="two" href="mailto:dave@jackgodfrey.org.uk?subject=Website%20Feedback">dave@jackgodfrey.org.uk</a></p>
<p class="style3">Please fill in this form if you have any queries or suggestions.</p>
<form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">

    <p class="style3"><label for="txtName">Name:</label>
    <input type="text" title="Please enter your name" name="txtName" size="30" value="<? echo $firstname .' '.$lastname; ?>" /></p>

    <p class="style3"><label for="txtEmail">Email:</label>
    <input type="text" title="Please enter your email address" name="txtEmail" size="30" value="<? echo $emailaddress; ?>"/></p>

    <p class="style3"><label for="txtMessage">Comments:</label>
    <textarea title="Please enter your message" name="txtMessage" rows="10" cols="30"></textarea></p>

    <p class="style3">For security purposes, please enter the image shown in the text box below.<br>If you have trouble reading the image, refresh the page to display a new one.</p>
   
    <p class="style3"><label for="captcha"></label>
    <div class="captcha"><img src="/includes/captcha.php" alt="captcha image"></div></p>

    <p class="style3"><label for="verify">Image text:</label>
    <input type="text" title="Please enter the image text" name="verify" id="verify" size="6"/></p>

    <p class="style3"><label for="submit">&nbsp</label>
    <input type="submit" value="Send" class="submit-button"/>

</form>

<?php

}

elseif (empty($name) || empty($email) || empty($message) || empty($_POST['verify']) && $_POST['verify'] == $_SESSION['captchstr']) {

    echo $empty_fields_message;

}

else {

    // Stop the form being used from an external URL
    // Get the referring URL
    $referer = $_SERVER['HTTP_REFERER'];
    // Get the URL of this page
    $this_url = "http://".$_SERVER['HTTP_HOST'].$_SERVER["REQUEST_URI"];
    // If the referring URL and the URL of this page don't match then
    // display a message and don't send the email.
    if ($referer != $this_url) {
        echo "You do not have permission to use this script from another URL.<br>";
echo "If you are behind a firewall please check your referrer settings."
        exit;
    }

    // The URLs matched so send the email
    mail($your_email, $subject, $message, "From: $name <$email>");

    // Display the thankyou message
    echo $thankyou_message;
   
}

?>[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.