I have a contact form that will only submit if all the fields are completed. I don't want this as many fields are optional. I believe it has to do with this part of my code, but I am unsure how to change it and removing it will post the form automatically when the page opens.
if (isset($_POST['first_name'], $_POST['last_name'], $_POST['address'], $_POST['address_line_2'], $_POST['city_state_zip'], $_POST['phone_number'], $_POST['email_address'], $_POST['bedrooms'], $_POST['baths'], $_POST['square_feet'], $_POST['basement'], $_POST['garage'], $_POST['house_style'], $_POST['price_range'], $_POST['construction'], $_POST['heat'], $_POST['features'], $_POST['comments']))
For context here is the rest of the code.
<?php
ini_set('display_errors', 'On');
error_reporting(E_ALL | E_STRICT);
include_once "/usr/share/pear/Swift/swift_required.php";
// Check if the form has been posted
if (isset($_POST['first_name'], $_POST['last_name'], $_POST['address'], $_POST['address_line_2'], $_POST['city_state_zip'], $_POST['phone_number'], $_POST['email_address'], $_POST['bedrooms'], $_POST['baths'], $_POST['square_feet'], $_POST['basement'], $_POST['garage'], $_POST['house_style'], $_POST['price_range'], $_POST['construction'], $_POST['heat'], $_POST['features'], $_POST['comments'])) {
// The email address the email will be sent to
$to = 'emailaccount#website.com';
// Set the from address for the email
$from = 'emailaccount#website.com';
$headers = "Reply-To: ".$_POST["email"]."\r\n";
// The email subject
$subject = 'Contact Form Submission';
// Build the body of the email
$mailbody = "The contact form has been filled out.\n\n"
. "first_name: " . $_POST['first_name'] . "\n"
. "last_name: " . $_POST['last_name'] . "\n"
. "address: " . $_POST['address'] . "\n"
. "address_line_2: " . $_POST['address_line_2'] . "\n"
. "city_state_zip: " . $_POST['city_state_zip'] . "\n"
. "phone_number: " . $_POST['phone_number'] . "\n"
. "email_address: " . $_POST['email_address'] . "\n"
. "bedrooms: " . $_POST['bedrooms'] . "\n"
. "baths: " . $_POST['baths'] . "\n"
. "square_feet: " . $_POST['square_feet'] . "\n"
. "basement: " . $_POST['basement'] . "\n"
. "garage: " . $_POST['garage'] . "\n"
. "house_style: " . $_POST['house_style'] . "\n"
. "price_range: " . $_POST['price_range'] . "\n"
. "construction: " . $_POST['construction'] . "\n"
. "heat: " . $_POST['heat'] . "\n"
. "features: " . $_POST['features'] . "\n"
. "comments:\n" . $_POST['comments'];
// Create the mail transport
$transport = Swift_SmtpTransport::newInstance('smtp.domainhere.com', 587);
$transport->setUsername('emailaccount#website.com');
$transport->setPassword('123456');
$swift = Swift_Mailer::newInstance($transport);
// Create the mail
$message = new Swift_Message($subject);
$message->setFrom($from);
$message->setTo($to);
$message->setBody($mailbody);
// Send the mail
$result = $swift->send($message);
}
if ($result)
{
header('Location: http://www.domainhere.com/thankyou.html'); }
?>
Your thoughts would be greatly appreciated.
This line:
if (isset($_POST['first_name'], $_POST['last_name'], $_POST['address'], $_POST['address_line_2'], $_POST['city_state_zip'], $_POST['phone_number'], $_POST['email_address'], $_POST['bedrooms'], $_POST['baths'], $_POST['square_feet'], $_POST['basement'], $_POST['garage'], $_POST['house_style'], $_POST['price_range'], $_POST['construction'], $_POST['heat'], $_POST['features'], $_POST['comments']))
requires everything there to be filled in.
Related
I'm trying to use a PHP email form I found online that supports attachments, with a bit of extra code, but it's not working, I get a message saying "Sent", but no emails (I checked spam already).
Here is the php file:
function multi_attach_mail($to, $subject, $message, $senderMail, $senderName, $files){
$from = $senderName." <".$senderMail.">";
$headers = "From: $from";
// boundary
$semi_rand = md5(time());
$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
// headers for attachment
$headers .= "\nMIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"{$mime_boundary}\"";
// multipart boundary
$message = "--{$mime_boundary}\n" . "Content-Type: text/html; charset=\"UTF-8\"\n" .
"Content-Transfer-Encoding: 7bit\n\n" . $message . "\n\n";
// preparing attachments
if(count($files) > 0){
for($i=0;$i<count($files);$i++){
if(is_file($files[$i])){
$message .= "--{$mime_boundary}\n";
$fp = #fopen($files[$i],"rb");
$data = #fread($fp,filesize($files[$i]));
#fclose($fp);
$data = chunk_split(base64_encode($data));
$message .= "Content-Type: application/octet-stream; name=\"".basename($files[$i])."\"\n" .
"Content-Description: ".basename($files[$i])."\n" .
"Content-Disposition: attachment;\n" . " filename=\"".basename($files[$i])."\"; size=".filesize($files[$i]).";\n" .
"Content-Transfer-Encoding: base64\n\n" . $data . "\n\n";
}
}
}
$message .= "--{$mime_boundary}--";
$returnpath = "-f" . $senderMail;
//send email
$mail = #mail($to, $subject, $message, $headers, $returnpath);
//function return true, if email sent, otherwise return fasle
if($mail){ return TRUE; } else { return FALSE; }
}
$message = "Customer Contact"
. "\n" . "Name: " . $_POST['fullName']
. "\n" . "Email: " . $_POST['email']
. "\n" . "Phone: " . $_POST['phone']
. "\n" . "Current Phone: " . $_POST['currentPhone']
. "\n" . "Address: " . $_POST['address']
. "\n" . "Retailer: " . $_POST['retailer']
. "\n" . "Product Type: " . $_POST['productType']
. "\n" . "Specific Item: " . $_POST['item']
. "\n" . "Purchase Date: " . $_POST['purchaseDate']
. "\n" . "Invoice Number: " . $_POST['invoiceNumber']
. "\n" . "Issue: " . $_POST['issue']
. "\n" . "How did the issue happen?: " . $_POST['how']
. "\n" . "When did the issue occur?: " . $_POST['when']
. "\n" . "Have you done anything to try correcting the issue?: " . $_POST['customerTry'];
$to = 'someEmail#gmail.com';
$from = $_POST['email'];
$from_name = $_POST['fullName'];
//attachment files path array
$files = $_FILES['files'];
$subject = 'Customer Contact From Service Form';
$html_content = $message;
//call multi_attach_mail() function and pass the required arguments
$send_email = multi_attach_mail($to,$subject,$html_content,$from,$from_name,$files);
//print message after email sent
echo $send_email?"<h1> Mail Sent</h1><br>".$message:"<h1> Mail not SEND</h1>";
My form looks like this:
<form NOVALIDATE action="processContact.php" enctype="multipart/form-data" id="claimsForm" method="post" name="claimsForm">
..lots of fields...
<div class="form-group">
<label class="control-label claimsForm-field-header" for="customerTry">Photos:</label>
<input type="file" id="files[]" name="files[]" multiple="multiple" />
</div>
<input class="green-btn" id="ss-submit" name="submit" type="submit" value="Submit">
</form>
The function came with the form I downloaded, so I don't think there is a problem with it. I've been playing around with the code and trying different things, but no luck (I'm not a PHP guy).
EDIT:
Based on the suggestion below, I tried using phpMailer, following the example they have, here is my php file now:
/**
* PHPMailer simple file upload and send example
*/
$msg = '';
$message = "Customer Contact"
. "\n" . "Name: " . $_POST['fullName']
. "\n" . "Email: " . $_POST['email']
. "\n" . "Phone: " . $_POST['phone']
. "\n" . "Current Phone: " . $_POST['currentPhone']
. "\n" . "Address: " . $_POST['address']
. "\n" . "Retailer: " . $_POST['retailer']
. "\n" . "Product Type: " . $_POST['productType']
. "\n" . "Specific Item: " . $_POST['item']
. "\n" . "Purchase Date: " . $_POST['purchaseDate']
. "\n" . "Invoice Number: " . $_POST['invoiceNumber']
. "\n" . "Issue: " . $_POST['issue']
. "\n" . "How did the issue happen?: " . $_POST['how']
. "\n" . "When did the issue occur?: " . $_POST['when']
. "\n" . "Have you done anything to try correcting the issue?: " . $_POST['customerTry'];
$to = 'murtorius#gmail.com';
$from = $_POST['email'];
$from_name = $_POST['fullName'];
//attachment files path array
$files = $_FILES['userfile'];
$subject = 'Customer Contact From Service Form';
if (array_key_exists('userfile', $_FILES)) {
// First handle the upload
// Don't trust provided filename - same goes for MIME types
// See http://php.net/manual/en/features.file-upload.php#114004 for more thorough upload validation
$uploadfile = tempnam(sys_get_temp_dir(), sha1($_FILES['userfile']['name']));
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
// Upload handled successfully
// Now create a message
// This should be somewhere in your include_path
require 'php-mailer/PHPMailerAutoload.php';
$mail = new PHPMailer;
$mail->setFrom($from, $from_name);
$mail->addAddress($to, 'TEST');
$mail->Subject = $subject;
$mail->msgHTML($message);
// Attach the uploaded file
$mail->addAttachment($uploadfile, 'Photos');
if (!$mail->send()) {
$msg .= "Mailer Error: " . $mail->ErrorInfo;
} else {
$msg .= "Message sent!";
}
} else {
$msg .= 'Failed to move file to ' . $uploadfile;
}
}
I changed the input file field name to 'userfile[]', but I get this:
Warning: sha1() expects parameter 1 to be string, array given in /home/zucora/service.zucora.com/processContact.php on line 35
Warning: move_uploaded_file() expects parameter 1 to be string, array given in /home/zucora/service.zucora.com/processContact.php on line 36
If I change the name to 'userfile' (without []) I get a blank screen and no email.
I'm having trouble making my e-mail look better, such as with CSS because it looks like plain text:
Is there anyway to bold or something with html? I've tried concat with <b> tags but I don't think it works because I'm assigning a variable. How can I make it look better? I'm using WordPress.
Also how can I make it File Upload compatible? Thanks
Here's (part) of my code:
<?php
$message = "You have received a message from " . $fullname . ", See information below:" . "\n" .
"\n\n" . "General:" . "\n" .
"\nFull Name: " . $fullname . "\n" .
"\nEmail Address: " . $email . "\n" .
"\nSubject: " . $Subject . "\n" .
"\nIssue Type: " . $issuetype . "\n" .
"\n\n" . "Hardware:" . "\n" .
"\nOrder Number: " . $ordernumber . "\n" .
"\nOrder Date: " . $orderdate . "\n" .
"\nPhoto: " . $photo;
//php mailer variables
$to = get_option('admin_email');
$subject = "Customer Support Form Subject: " . $Subject . " By " . $fullname;
$headers = 'From: '. $email
?>
<?php
if($_POST["submit"]){
$sent = wp_mail($to, $subject, $message, $headers);
}
?>
It seems you're using wordpress and using wp_mail to send the email. The default content-type based on the wordpress codex page
is text/plain. with that said you won't be able to add styling to it unless you change the content type to text/html using wp_mail_content_type filter or add it to your $headers variable.
Notice that I changed the \n to <br /> and added additional header ($headers = 'Content-type: text/html;charset=utf-8' . '\r\n';) to set the content type.
<?php
$message = "You have received a message from " . $fullname . ", See information below:" . "<br />" .
"<br /><br /><strong>" . "General:" . "<strong><br />" .
"<br /><strong>Full Name:</strong> " . $fullname . "<br />" .
"<br /><strong>Email Address: </strong> " . $email . "<br />" .
"<br /><strong>Subject: </strong>" . $Subject . "<br />" .
"<br /><strong>Issue Type:</strong> " . $issuetype . "<br />" .
"<br /><br />" . "Hardware:" . "<br />" .
"<br /><strong>Order Number: </strong>" . $ordernumber . "<br />" .
"<br /><strong>Order Date:</strong> " . $orderdate . "<br />" .
"<br />Photo: " . $photo;
//php mailer variables
$to = get_option('admin_email');
$subject = "Customer Support Form Subject: " . $Subject . " By " . $fullname;
$headers = 'Content-type: text/html;charset=utf-8' . '\r\n';
$headers .= 'From: '. $email . '\r\n';
?>
<?php
if($_POST["submit"]){
$sent = wp_mail($to, $subject, $message, $headers);
}
?>
Regarding adding attachments please check this post.
https://wordpress.stackexchange.com/questions/50264/using-wp-mail-with-attachments-but-no-attachments-received
So I tried searching but couldn't find an answer that I was able to apply to my code. I have had a developer updating a page for me and these emails come through on my mobile device, but the body is always blank on my computer email, Thunderbird. The code in question looks like this:
$mailBody = "Dog Registration Form Data" . PHP_EOL . $strDogCName . ";" . $strDogFName . ";" . $strBreed . ";" . $strGender . ";" . $strHt . ";" . $strBdmm . "/" . $strBddd . "/" . $strBdyy . ";" . $strFName . ";" . $strLName . ";" . $strAddr1 . ";" . $strCity . ";" . $strState . ";" . $strZip . ";" . $strCountry . ";" . $strPhone . ";" . $strEMail . ";" . $member_num. ";" . $dog_num;
// injection test before setting message headers
$sender_name = $strFName . " " . $strLName;
$sender_name = injection_test($sender_name);
$sender_email = injection_test($strEMail);
// Set headers and send. This should be moved to a reusable function
$mime_boundary = md5(time());
$headers = '';
$msg = '';
$headers .= 'From: ' . $sender_name . ' <' . $sender_email . '>' . PHP_EOL;
$headers .= 'Reply-To: ' . $sender_name . ' <' . $sender_email . '>' . PHP_EOL;
$headers .= 'Return-Path: ' . $sender_name . ' <' . $sender_email . '>' . PHP_EOL;
$headers .= "Message-ID: <" . time() . "cform#" . $_SERVER['SERVER_NAME'] . ">" . PHP_EOL;
$headers .= 'X-Sender-IP: ' . $_SERVER["REMOTE_ADDR"] . PHP_EOL;
$headers .= "X-Mailer: PHP v" . phpversion() . PHP_EOL;
$headers .= 'MIME-Version: 1.0' . PHP_EOL;
$headers .= 'Content-Type: multipart/related; boundary="' . $mime_boundary . '"';
$msg .= '--' . $mime_boundary . PHP_EOL;
$msg .= 'Content-Type: text/plain; charset="UTF-8"' . PHP_EOL;
$msg .= 'Content-Transfer-Encoding: 8bit' . PHP_EOL . PHP_EOL;
$msg .= $mailBody . PHP_EOL . PHP_EOL;
$msg .= '--' . $mime_boundary . '--' . PHP_EOL . PHP_EOL;
ini_set('sendmail_from', $sender_email);
$msg = "Thank you for registering with NADAC.". PHP_EOL. " Here is the info you provided." . PHP_EOL ."Callname: ". $strDogCName . PHP_EOL. "Registered Name: " . $strDogFName . PHP_EOL . "Breed: " . $strBreed .PHP_EOL . "Gender: " . $strGender .PHP_EOL . "Height: " . $strHt .PHP_EOL . "Birthday: " . $strBdmm . "/" . $strBddd . "/" . $strBdyy .PHP_EOL . "Owner First Name: " . $strFName .PHP_EOL . "Owner Last Name: " . $strLName .PHP_EOL . "Address: " . $strAddr1 .PHP_EOL . "City: " . $strCity .PHP_EOL . "State: " . $strState .PHP_EOL . "Zip Code: " . $strZip .PHP_EOL . "Country: " . $strCountry .PHP_EOL . "Phone: " . $strPhone . PHP_EOL . "Email: " . $strEMail .PHP_EOL . "Associate number: " . $member_num. PHP_EOL . "Dog Number: " . $dog_num;
$mailSubject = "Thank you for registering.";
$send_status = mail($mailTo, $mailSubject, $msg, $headers);
$mailTo = $strEMail;
mail($mailTo, $mailSubject, $msg, $headers);
ini_restore('sendmail_from');
// should check send_status here and do something - TODO
unset($_POST['submitted']);
// Done with the mail, display confirmation
I'm sure it's something simple that I'm just missing. But I can't find it, and the programmer working on it doesn't seem to believe the issue. I don't believe it's a local issue with my email provider.
Have you tried with Content-Type: multipart/alternative instead of 'multipart/related'?
The weird thing if the double mail() calling and $send_status to unknown $mailTo var
I am trying to include the current date, senders IP and Host in my contact form submission.
This is the code:
<?php
if( isset($_POST['name']) )
{
$to = 'info#mydomain.com'; // Replace with your email
$subject = 'Contact Form Submission'; // Replace with your $subject
$headers = 'From: ' . $_POST['email'] . "\r\n" . 'Reply-To: ' . $_POST['email'];
$date = date('M jS, Y # h:i a');
$IP = $_SERVER['REMOTE_ADDR'];
$Host = $_SERVER['HTTP_HOST'];
$message = 'Name: ' . $_POST['name'] . "\n" .
'E-mail: ' . $_POST['email'] . "\n" .
'Subject: ' . $_POST['subject'] . "\n" .
'Department: ' . $_POST['department'] . "\n" .
'Message: ' . $_POST['message'] . "\n" .
'Date: ' . $_POST['$date'] . "\n" .
'IP: ' . $_POST['$IP'] . "\n" .
'Host: ' . $_POST['$Host'];
mail($to, $subject, $message, $headers);
if( $_POST['copy'] == 'on' )
{
mail($_POST['email'], $subject, $message, $headers);
}
}
?>
The Email is received, but without Date, IP and Host. Any help would be greatly appreciated.
You have already stored(ip, date etc.) in variables so use these variables for mail. also these values are not exists in POST data so try to replace
'Date: ' . $_POST['$date'] . "\n" .
'IP: ' . $_POST['$IP'] . "\n" .
'Host: ' . $_POST['$Host'];
to
'Date: ' . $date . "\n" .
'IP: ' . $IP . "\n" .
'Host: ' . $Host;
You should attach like this(bellow) because $date, $IP and $Host are not transmitted in a post request:
$createdDate = new DateTime();
$date= $createdDate->format('d.m.Y H:m');
$message = 'Name: ' . $_POST['name'] . "\n" .
'E-mail: ' . $_POST['email'] . "\n" .
'Subject: ' . $_POST['subject'] . "\n" .
'Department: ' . $_POST['department'] . "\n" .
'Message: ' . $_POST['message'] . "\n" .
'Date: ' . $date. "\n" .
'IP: ' . $IP. "\n" .
'Host: ' . $Host;
I am creating an HTML form that references a PHP file to send an email. However, people keep hitting the form's action page, which then sends me an email with no information filled in. I would like to solve this by somehow protecting that action page from outside hits.
Here is my code:
HTML form:
<form name="homecontact" action="/admin/formactions/writequick.php" method="POST">
<input name="name" placeholder="Name"></input>
<input name="email" placeholder="Email"></input>
<input name="phone" placeholder="Phone"></input>
<textarea name="message" placeholder="Message"></textarea>
<input type="submit" style="background:MidnightBlue; color:white;">
</form>
PHP Script:
<?php
$to = 'myemailaddress#example.com';
$subjectadmin = 'CONTACT FORM from My Website';
$subjectuser = 'Contact Confirmation from My Website';
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$comments = $_POST['message'];
$messageadmin = 'A customer just submitted a form on Your Website. Here is their message:' . "\n" . "\n" . 'Name:' . ' ' . $name . "\n" . 'Email:' . ' ' . $email . "\n" . 'Phone:' . ' ' . $phone . "\n" . 'Comments:' . ' ' . $comments . "\n";
$messageuser = 'Hello,' . ' ' . $name . '!' . "\n" . "\n" . 'Thank you for contacting My Website! We have received your contact form and we will get back to you as soon as we can.' . "\n" . "\n" . 'Just for your records, here is what you submitted to us:' . "\n" . 'Name:' . ' ' . $name . "\n" . 'Email:' . ' ' . $email . "\n" . 'Phone:' . ' ' . $phone . "\n" . 'Comments:' . ' ' . $comments . "\n" . "\n" . 'Thank you for choosing My Website!';
$headers = 'From: myotheraddress#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subjectadmin, $messageadmin, $headers);
mail($email, $subjectuser, $messageuser, $headers);
?>
The form works perfectly, but I just do not know how to keep people from hitting that action page, unless they go through the form.
"I like that, but will it still send it if only one field is blank? I don't want people to HAVE to put their contact info if they do not want to."
Quickest fix then: name your submit button
<input type="submit" style="background:MidnightBlue; color:white;" name="submit">
and wrap your code inside a conditional statement.
if(isset($_POST['submit'])){
// rest of your PHP/mail code
}
then just use a header to redirect on mail success
...
mail($email, $subjectuser, $messageuser, $headers);
header("Location: http://www.example.com/");
exit;
Use this in your form: (replace it with the one you have now)
<input type="submit" style="background:MidnightBlue; color:white;" name="submit">
Rewrite:
<?php
if(isset($_POST['submit'])) {
$to = 'myemailaddress#example.com';
$subjectadmin = 'CONTACT FORM from My Website';
$subjectuser = 'Contact Confirmation from My Website';
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$comments = $_POST['message'];
$messageadmin = 'A customer just submitted a form on Your Website. Here is their message:' . "\n" . "\n" . 'Name:' . ' ' . $name . "\n" . 'Email:' . ' ' . $email . "\n" . 'Phone:' . ' ' . $phone . "\n" . 'Comments:' . ' ' . $comments . "\n";
$messageuser = 'Hello,' . ' ' . $name . '!' . "\n" . "\n" . 'Thank you for contacting My Website! We have received your contact form and we will get back to you as soon as we can.' . "\n" . "\n" . 'Just for your records, here is what you submitted to us:' . "\n" . 'Name:' . ' ' . $name . "\n" . 'Email:' . ' ' . $email . "\n" . 'Phone:' . ' ' . $phone . "\n" . 'Comments:' . ' ' . $comments . "\n" . "\n" . 'Thank you for choosing My Website!';
$headers = 'From: myotheraddress#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subjectadmin, $messageadmin, $headers);
mail($email, $subjectuser, $messageuser, $headers);
// redirect after mail sent
header("Location: http://www.example.com/"); // modify it to your site
exit;
}
else{ echo "You can't do that from here."; }
?>
Wrap the code in
if($_SERVER['REQUEST_METHOD']=='POST'){
//Do stuff here
}
This will make sure the user is making a post request before doing anything. Also you will want to verify the variables have values before mailing. Use
if(!empty($_POST['variable_key_here'])){
//Do stuff here
}
you can check $_POST super global array
<?php
if(isset($_POST['name'])) {
$to = 'myemailaddress#example.com';
$subjectadmin = 'CONTACT FORM from My Website';
$subjectuser = 'Contact Confirmation from My Website';
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$comments = $_POST['message'];
$messageadmin = 'A customer just submitted a form on Your Website. Here is their message:' . "\n" . "\n" . 'Name:' . ' ' . $name . "\n" . 'Email:' . ' ' . $email . "\n" . 'Phone:' . ' ' . $phone . "\n" . 'Comments:' . ' ' . $comments . "\n";
$messageuser = 'Hello,' . ' ' . $name . '!' . "\n" . "\n" . 'Thank you for contacting My Website! We have received your contact form and we will get back to you as soon as we can.' . "\n" . "\n" . 'Just for your records, here is what you submitted to us:' . "\n" . 'Name:' . ' ' . $name . "\n" . 'Email:' . ' ' . $email . "\n" . 'Phone:' . ' ' . $phone . "\n" . 'Comments:' . ' ' . $comments . "\n" . "\n" . 'Thank you for choosing My Website!';
$headers = 'From: myotheraddress#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subjectadmin, $messageadmin, $headers);
mail($email, $subjectuser, $messageuser, $headers);
} else {
die("Access denied");
}
?>
Your code to submit contact details on your mail is correct, but
there is no validation in it.
We have many methods to validate forms :
1.You can use CAPTCHA in your form.
2.Client Side Java Script Validations as well as server side PHP validations to check for correct email pattern , empty field , html special characters and all.
Check this link :
http://www.w3schools.com/php/php_form_url_email.asp
http://www.w3schools.com/js/js_form_validation.asp
There are many methods for validations , just google as per your requirement and your problem will be solved.
You can try this:
<?php
if($_SERVER['REQUEST_METHOD']=='POST' && !empty($_POST)) {
// you should also validate your _POST data (email syntaxis, etc)
$to = 'myemailaddress#example.com';
$subjectadmin = 'CONTACT FORM from My Website';
$subjectuser = 'Contact Confirmation from My Website';
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$comments = $_POST['message'];
$messageadmin = 'A customer just submitted a form on Your Website. Here is their message:' . "\n" . "\n" . 'Name:' . ' ' . $name . "\n" . 'Email:' . ' ' . $email . "\n" . 'Phone:' . ' ' . $phone . "\n" . 'Comments:' . ' ' . $comments . "\n";
$messageuser = 'Hello,' . ' ' . $name . '!' . "\n" . "\n" . 'Thank you for contacting My Website! We have received your contact form and we will get back to you as soon as we can.' . "\n" . "\n" . 'Just for your records, here is what you submitted to us:' . "\n" . 'Name:' . ' ' . $name . "\n" . 'Email:' . ' ' . $email . "\n" . 'Phone:' . ' ' . $phone . "\n" . 'Comments:' . ' ' . $comments . "\n" . "\n" . 'Thank you for choosing My Website!';
$headers = 'From: myotheraddress#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subjectadmin, $messageadmin, $headers);
mail($email, $subjectuser, $messageuser, $headers);
}
?>
That way, it doesn't matter if a user goes directly to that page (in GET mode). It will have to go through a post form to actually invoke the mail() function. You could also add a simple additional security layer (to avoid posts requests from other sites) by adding a hidden input in the form:
<input type="hidden" name="hash" value="<?=md5(date("Y-m-d H"))?>">
And then just apply this validation at the start of the writequick.php file:
if($_POST['hash'] == md5(date("Y-m-d H"))) {
I hope that helps!
Try this
<form name="homecontact" action="/admin/formactions/writequick.php?action=mail" method="POST">
</form>
in your writequick.php page
if(isset($_GET['action'])){
//place your mail code
}