Ok so I am trying to create a contact form that validates user input to keep hackers from submitting codes and trying to require number, text, and email only. I have already styled the form and imported my php file. The contact from will send it to my gmail account. but everytime I test the php It allows for any type of data to be entered no matter if it is supposed to be a number and letters are submitted and the other way around. If I could get some help in telling me where I went wrong that would be great. I am a beginner at programming and only have the knowledge I recieved from school but I'm pretty good at html and css but having problems with the php validation. The form sends the email but like I said it allows any and all input.
<?php
$name = $_POST['name'];
$tel = $_POST['tel'];
$email = $_POST['email'];
$message = $_POST['message'];
$from = 'From: www.webdesignheros.com';
$to = 'heenanwrk#gmail.com';
$subject = 'Service Email for HeenanTech';
$tel = filter_input(INPUT_POST, 'tel', FILTER_SANITIZE_INT);
$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING|FILTER_FLAG_NO_ENCODE_QUOTES);
$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$message = filter_input(INPUT_POST, 'message', FILTER_SANITIZE_STRING|FILTER_FLAG_NO_ENCODE_QUOTES);
$body = "From: $name\n Phone: $tel\n Email: $email\n Message: $message\n";
?>
<?php
if ($_POST['submit']){
if(mail($to, $subject, $body, $from)){
echo'<p>Thank you for your email!</p>';
} else {
echo '<p> Oops! Something went wrong, try sending your message again</p>';
}
}
?>
Additionally the form can be found at [http://webdesignheros.com/Contact.html][1]
[1]: http://webdesignheros.com/Contact.html and if someone could tell me how to reject certain input before the submit that would be awesome too. like if an invalid entry was input and they move on to the next input it would reject it and not let the submit button be pushed. would i use the pattern="a-z" in the html or would i need to add javascript for that?
<?php
if (isset($_POST["submit")){
$name = $_POST["name"];
$tel = $_POST["tel"];
$email = $_POST["email"];
$message = $_POST["message"];
$from = "From: www.webdesignheros.com";
$to = "heenanwrk#gmail.com";
$subject = "Service Email for HeenanTech";
$body = "From: $name\n Phone: $tel\n Email: $email\n Message: $message\n";
mail($to, $subject, $body, $from);
if(mail($to, $subject, $body, $from)){
echo'<p>Thank you for your email!</p>';
} else {
echo '<p> Oops! Something went wrong, try sending your message again</p>';
}
}
?>
Related
<?php
if (isset($_POST["sendMessage"])) {
$firstName = trim($_POST['firstName']);
$lastName = trim($_POST['lastName']);
$email = trim($_POST['email']);
$phone = trim($_POST['phone']);
$message = trim($_POST['message']);
$from = 'somebody#gmail.com';
$to = 'someone#gmail.com';
$subject = 'webmaster#example.com';
$txt = 'Prottyasha School';
$headers = "From: somebody#gmail.com" . "\r\n" .
"CC: somebody#gmail.com";
$body = "From: First-Name: $firstName\n Last-Name: $lastName\n
E-Mail: $email\n Phone: $phone\n Message: $message";
//echo "success?";
if (mail($to, $subject, $body, $headers)) {
$result = '<div class="alert alert-success">Thank You! I will be in touch</div>';
} else {
$result = '<div class="alert alert-danger">Sorry there was an error sending your message. Please try again later</div>';
}
echo $result;
}
?>
It works fine but i want to make it validated. suppose someone give a invalid phone number or email then it will message its invalid mail or phone number. i want to make it full validated. anyone please help me.
I don't think it's possible to check if the mail was successfully delivered. mail() returns boolean true when a mail has been accepted for delivery or sent to the local email service. There's no way to know if that email was delivered to the recipient.
I have a rather simple HTML/PHP form that just needs to send the data to my email. The email I'm using is not using the same domain as the website.
I've been stuck on this for hours now and I cant seem to find the solution. Could someone take a look?
<?php
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$message = $_POST['message'];
$gender = $_POST['gender'];
$user_name = $_POST['user_name'];
$email = $_POST['email"];
$message = $_POST['message'];
$from = $_POST['user_name'];
$to = 'example#email.com';
$subject = 'Comment';
$body = "From: $first_name\n From: $last_name\n Sex: $gender\n Username: $user_name\n E-Mail: $email\n Message:\n $message";
if ($_POST['submit']) {
if (mail ($to, $subject, $body, $from)) {
echo 'Your message has been sent!';
} else {
echo 'Something went wrong, go back and try again!';
}
}
?>
Assuming that your PHP code file is sendMail.php
let this be form.html
<form name="sendMail" id="sendMail" action="sendMail.php" method="post">
<input type="text" name="first_name" />
<input type="text" name="last_name" />
<input type="text" name="message" />
<input type="text" name="gender" />
<input type="text" name="user_name" />
<input type="text" name="email" />
<input type="submit" name="submit" />
</form>
Basically, your PHP code should work according to the form above. Of course you may want to change gender field to radiogroup/dropdown and/or message to textarea.
<?php
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$message = $_POST['message'];
$gender = $_POST['gender'];
$user_name = $_POST['user_name'];
$email = $_POST['email'];
$message = $_POST['message'];
$from = $_POST['user_name'];
$to = 'example#email.com';
$subject = 'Comment';
$body = "From: $first_name\n From: $last_name\n Sex: $gender\n Username: $user_name\n E-Mail: $email\n Message:\n $message";
if ($_POST['submit']) {
if (mail ($to, $subject, $body, $from)) {
echo 'Your message has been sent!';
}
else {
echo 'Something went wrong, go back and try again!';
}
}
?>
There is one point to correct that $email = $_POST['email"]; should be $email = $_POST['email'];.
And you should ensure that PHP mail settings have to be set properly. I suggest you to use PHPMailer which is so simple and runs smoothly with too few configuration.
Just write isset() in first if condition.
try above code again.
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$message = $_POST['message'];
$gender = $_POST['gender'];
$user_name = $_POST['user_name'];
$email = $_POST['email"];
$message = $_POST['message'];
$from = $_POST['user_name'];
$to = 'example#email.com';
$subject = 'Comment';
$body = "From: $first_name\n From: $last_name\n Sex: $gender\n Username: $user_name\n E-Mail: $email\n Message:\n $message";
if (isset($_POST['submit'])) {
if (mail ($to, $subject, $body, $from)) {
echo 'Your message has been sent!';
} else {
echo 'Something went wrong, go back and try again!';
}
}
The PHP
The fourth parameter of the mail() function should be a list of additional email headers. You're passing it a user name. You should have something like this:
$email = $_POST['email'];
$email = preg_replace('/[[:cntrl:]]/', '', $email);
$headers = "From: $email\r\n";
...
mail ($to, $subject, $body, $headers);
The second line filters out control characters from the email address. Without this, a malicious user could insert newline characters to add their own email headers, such as CC: headers to send unsolicited spam.
Mixing domains
Also, you might not be allowed to send email with a From: address from a different domain name than your web site (or mail server). You could contact the administrator of your server/web site and ask what your options are.
Some things to consider:
You could try to use a local From: address and leave the actual (external) email address in the Reply-To: header. Eg:
$headers = "From: Me#mydomain.example\r\n";
$headers .= "Reply-To: Someone#otherdomain.example\r\n";
Some email clients might not respect the Reply-To: header, though.
If the address in the From: header is not the actual sender of the email, you should specify the real sender in a Sender: header. Eg:
$headers = "From: Someone#otherdomain.example\r\n";
$headers .= "Sender: Me#mydomain.example\r\n";
You may need to specify the From: address in an additional parameter to the Mail Transfer Agent:
mail ($to, $subject, $body, $headers, "-f '$email'");
Sending email from a different domain name may count against you by SPAM filters. You may need an SPF record to ensure that your emails go through.
You might be better off using a full-featured email class, such as PHPMailer rather than the crude mail() function.
See also
Documentation
RFC 5322 - Internet Message Format: 3.6.2. Originator Fields
The PHP mail() function
SPF - Sender Policy Framework
Stack Overflow
Should I use the Reply-To header when sending emails as a service to others?
How do you make sure email you send programmatically is not automatically marked as spam?
Potential issues using member's "from" address and the "sender" header
I am new to php and stackoverflow and I am trying to figure out a simple website contact form. I have the form and email functioning properly, but I have one nagging issue I can't figure out.
When the email is sent, the from email says myusername#p3pxxxxxx.com which is my server. When I direct the email to my domain based email account, they don't get to my inbox, I bet the spam filters are stopping the odd email address. So I tried sending it to my gmail inbox, which worked, but I don't check that email regularly. I'd rather have it go to my domain based email account.
So, I am looking for a way to edit the 'from' email address. Instead of the user/server I would like it to use a real email address, mine or the person that sent it would be even better. Here are a couple of attempts and what I currently have, none of which worked.
Couple of Attempts:
Attempted to pull the email address entered my sender.
//$mailheader = "From: ".$_POST["email"]."\r\n";
//$mailheader .= "Reply-To: ".$_POST["email"]."\r\n";
This was another attempt.
//$mailheaders = "From: webmaster#example.com\r\nReply-To: webmaster#example.com";
What I currently have:
<?
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$security = $_POST['security'];
$to = "myemailaddress#gmail.com";
$subject = "Contact Message from Website";
$mailheaders = "From: webmaster#example.com\r\nReply-To: webmaster#example.com";
$message = "A visitor of exampledomain.com has submitted the following message.\n\nName: $name\n\nEmail: $email\n\nPhone: $phone\n\nMessage: $message";
if ($security=="10") {
mail($to,$subject,$message,$mailheaders);
header("Location:contact.php?s=1");
}
else {
header("Location:contact.php?s=2");
}
?>
Followed the suggestion. Last attempt still didn't work...
<?
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$security = $_POST['security'];
$to = "mail#example.com";
$subject = "Contact Message from Website";
$message = "A visitor of exampledomain.com has submitted the following message.\n\nName: $name\n\nEmail: $email\n\nPhone: $phone\n\nMessage: $message";
$mailheaders = "From: webmaster#example.com\r\nReply-To: website#example.com";
if ($security=="10") {
mail($to,$subject,$message,$mailheaders);
header("Location:contact.php?s=1");
}
else {
header("Location:contact.php?s=2");
}
?>
Alastair's correction should work.
When you were calling the mail function, you weren't passing in the variables in the proper order.
How you were calling it: mail($to, $subject, $mailheaders, $message)
But the actual order is: mail($to, $subject, $message, $mailheaders)
Notice how I switch $message and $mailheaders
It's a thing you can check on PHP's documentation, such as:
http://us3.php.net/manual/en/function.mail.php
bool mail ( string $to , string $subject , string $message [, string $additional_headers [, string $additional_parameters ]] )
I cannot get this form to send if I use anything other than $from = 'From: . $email';. If I change it to anything else, it will not send. When it does send with this information, it comes in from .$email#mbox.freehostia.com.
What I would prefer is have the from email address be the email that was submitted in the form, so the receiver can respond without having to create a new email. I've searched everything and can't find an answer to this specific issue.
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$from = 'From: . $email';
$to = 'info#resourcedmichigan.com';
$subject = 'ResourcED Career Submission';
$body = "From: $name\nEmail: $email\nPhone Number: $phone\nMessage: $message";
if ($_POST['submit']) {
if (mail ($to, $subject, $body, $from)) {
include("inc/header.php");
echo '<div class="container"><div class="spacer-top"><h3>Thank you for your interest in ResourcED! We will be in contact with you soon!</h3></div></div>';
include("inc/footer.php");
} else {
echo '<div class="container"><h3>Something went wrong. Go back and try again!</h3></div>';
}
}
?>
Variables will not be interpolated inside of single quotes and the concatenation operator is unnecessary.
$from = 'From: . $email';
should be
$from = "From: $email";
or
$from = 'From: ' . $email;
I have the below PHP contact form that has a CAPTCHA code to ensure is correct. However, when I reply to the email from the website it puts a random email which i believe is the server admin, however, I want it to be the persons email who sent the form in. below is the code, could you possibly be able to help me?
<?php session_start();
if(isset($_POST['Submit'])) { if( $_SESSION['chapcha_code'] == $_POST['chapcha_code'] && !empty ($_SESSION['chapcha_code'] ) ) {
$youremail = 'info#example.com';
$fromsubject = 'www.example.co.uk';
$title = $_POST['title'];
$fname = $_POST['fname'];
$mail = $_POST['mail'];
$phone = $_POST['phone'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$to = $youremail;
$mailsubject = 'Message from Website'.$fromsubject.' Contact Page';
$body = $fromsubject.'
The person that contacted you is: '.$fname.'
Phone Number: '.$phone.'
E-mail: '.$mail.'
Subject: '.$subject.'
Message:
'.$message.'
|---------END MESSAGE----------|';
echo "Thank you for your message. I will contact you shortly if needed.<br/>Go to <a href='/index.html'>Home Page</a>";
mail($to, $subject, $body);
unset($_SESSION['chapcha_code']);
} else {
echo 'Sorry, you have provided an invalid security code';
}
} else {
echo "You must write a message. </br> Please go to <a href='/contact.html'>Contact Page</a>";
}
?>
You'll need some headers so the from address is the users mail.
Also refer to the mail docs
try this
$headers = "From: $mail\r\n";
$headers .= "Reply-To: $mail\r\n";
mail($to, $subject,$body,$headers);