Jump to content


Photo

NEED php form to email code (with spam protection)


  • Please log in to reply
2 replies to this topic

#1 redgtsviper

redgtsviper
  • Members
  • PipPip
  • Member
  • 19 posts

Posted 26 February 2006 - 04:34 PM

I have a form on my contact page that has the following fields Name, Email Address, Message. This form is on my contact.htm page.

When the info is submitted it goes to my contact.php to send the info to my email address. Below is the code that I am currently using to send emails. I am needing a way to modify what I have and make it where spammers cannot attack it and send out spam. I am new to PHP.


<?php
$msg = "My Website Online Contact Submission\n";
$msg .= "Name: $name\n";
$msg .= "Comments: $emailAddress\n\n";
$msg .= "Comments: $phone\n\n";
$msg .= "Comments: $message\n\n";

$to = "me@mydomain.com";
$subject = "CONTACT FROM WEBSITE";
$mailheaders = "From: Website Submission Form <$emailAddress>\n";
$mailheaders .= "Reply-To:$Email_Address <$emailAddress>\n\n";
// Mail to address
mail ( $to, $subject, $msg, $mailheaders );
?>

#2 jvalarta

jvalarta
  • Members
  • PipPipPip
  • Advanced Member
  • 42 posts

Posted 25 August 2006 - 05:49 AM

Add this to the top of your script:

<?

if(!isset($_SERVER['HTTP_USER_AGENT'])){ 
   exit; 
}

if(!$_SERVER['REQUEST_METHOD'] == "POST"){ 
   exit;     
}

?>


#3 AdRock

AdRock
  • Members
  • PipPipPip
  • Advanced Member
  • 911 posts

Posted 25 August 2006 - 07:34 PM

This is the code for my contact page.  I use a capthca image so the message can't be sent without the image text being entered in a text box.  Also it checks to make sure the user is actually on the page before sending the email.  If they come from a different site no email is sent
<?php
/**
 * Change the email address to your own.
 *
 * $empty_fields_message and $thankyou_message can be changed
 * if you wish.
 */
if(isset($session['userid'])){
include 'includes/connection.php';

$query = "SELECT * FROM users WHERE userid = '".$_SESSION['userid']."'";

$result = mysql_query($query);
while($row = mysql_fetch_assoc($result)){
$firstname = $row['first_name'];
$lastname = $row['last_name'];
$emailaddress = $row['email_address'];
}
}

// Change to your own email address
$your_email = "your@emailaddress.com";

// This is what is displayed in the email subject line
// Change it if you want
$subject = "Message via your contact form";

// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";

// This is displayed when the email has been sent
$thankyou_message = "<p>Thankyou. Your message has been sent.</p>";

// You do not need to edit below this line

$name = stripslashes($_POST['txtName']);
$email = stripslashes($_POST['txtEmail']);
$message = stripslashes($_POST['txtMessage']);

if (!isset($_POST['txtName'])) {

?>
<h2>Contact Us</h2>
<p class="style3"><b>Jack Godfrey Honeylands Support Fund</B><br>
Dave Godfrey<br>
82 New Street<br>
Cullompton<br>
Devon<br>
EX15 1HD<br>
		
<p class="style3">Email us at: <a class="two" href="mailto:dave@jackgodfrey.org.uk?subject=Website%20Feedback">dave@jackgodfrey.org.uk</a></p>
<p class="style3">Please fill in this form if you have any queries or suggestions.</p>
<form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">

    <p class="style3"><label for="txtName">Name:</label>
    <input type="text" title="Please enter your name" name="txtName" size="30" value="<? echo $firstname .' '.$lastname; ?>" /></p>

    <p class="style3"><label for="txtEmail">Email:</label>
    <input type="text" title="Please enter your email address" name="txtEmail" size="30" value="<? echo $emailaddress; ?>"/></p>

    <p class="style3"><label for="txtMessage">Comments:</label>
    <textarea title="Please enter your message" name="txtMessage" rows="10" cols="30"></textarea></p>

    <p class="style3">For security purposes, please enter the image shown in the text box below.<br>If you have trouble reading the image, refresh the page to display a new one.</p>
    
    <p class="style3"><label for="captcha"></label>
    <div class="captcha"><img src="/includes/captcha.php" alt="captcha image"></div></p>

    <p class="style3"><label for="verify">Image text:</label>
    <input type="text" title="Please enter the image text" name="verify" id="verify" size="6"/></p>

    <p class="style3"><label for="submit">&nbsp</label>
    <input type="submit" value="Send" class="submit-button"/>

</form>

<?php

}

elseif (empty($name) || empty($email) || empty($message) || empty($_POST['verify']) && $_POST['verify'] == $_SESSION['captchstr']) {

    echo $empty_fields_message;

}

else {

    // Stop the form being used from an external URL
    // Get the referring URL
    $referer = $_SERVER['HTTP_REFERER'];
    // Get the URL of this page
    $this_url = "http://".$_SERVER['HTTP_HOST'].$_SERVER["REQUEST_URI"];
    // If the referring URL and the URL of this page don't match then
    // display a message and don't send the email.
    if ($referer != $this_url) {
        echo "You do not have permission to use this script from another URL.<br>";
	echo "If you are behind a firewall please check your referrer settings."
        exit;
    }

    // The URLs matched so send the email
    mail($your_email, $subject, $message, "From: $name <$email>");

    // Display the thankyou message
    echo $thankyou_message;
    
}

?>

If your topic has been solved, please mark the topic as SOLVED.

This helps others from identifying which topics need help still




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users