I have some issues regarding my contact form. I have tried several solutions and been reading Stack Overflow a lot... but as every code differs, I would need something unique for my solution. It should be quite simple though.
This is my "form page":
<form class="contact_form" action="send_form_email.php" method="post" name="contact_form">
<ul>
<li>
<label for="name">Namn:</label>
<input type="text" name="name" required />
</li>
<li>
<label for="email">E-post:</label>
<input type="text" name="email" required />
</li>
<li>
<label for="phone">Tfn:</label>
<input type="text" name="phone" required />
</li>
<li>
<label for="message">Meddelande:</label>
<textarea name="message" cols="40" rows="6" required ></textarea>
</li>
<li>
<button class="submit" type="submit">Skicka</button>
</li>
</ul>
</form>
Today I am using a post function to post a "success message" on the same page. But I can not make it work with any solution tried. Validation is already built in CSS3. What I need is to send an email with the form (which have worked, but then the message and validation pops up on a new page) and a message to appear on the same page (This is not working, no matter what I try).
Help?
The Windows implementation of mail() differs in many ways from the Unix implementation. First, it doesn't use a local binary for composing messages but only operates on direct sockets which means a MTA is needed listening on a network socket (which can either on the localhost or a remote machine).
Second, the custom headers like From:, Cc:, Bcc: and Date: are not interpreted by the MTA in the first place, but are parsed by PHP.
As such, the to parameter should not be an address in the form of "Something ". The mail command may not parse this properly while talking with the MTA.
Note:
It is worth noting that the mail() function is not suitable for larger volumes of email in a loop. This function opens and closes an SMTP socket for each email, which is not very efficient.
For the sending of large amounts of email, see the » PEAR::Mail, and » PEAR::Mail_Queue packages.
Note:
The following RFCs may be useful: » RFC 1896, » RFC 2045, » RFC 2046, » RFC 2047, » RFC 2048, » RFC 2049, and » RFC 2822.
You can write clean PHP code while creating the headers correctly. First, build a list of all headers in an array. Then, glue them with "\r\n" character.
This code now looks clean and straight forward.
(Just compare it with your code )
<?php
$headers = array();
$headers[] = "MIME-Version: 1.0";
$headers[] = "Content-type: text/plain; charset=iso-8859-1";
$headers[] = "From: Sender Name <sender#domain.com>";
$headers[] = "Bcc: JJ Chong <bcc#domain2.com>";
$headers[] = "Reply-To: Recipient Name <receiver#domain3.com>";
$headers[] = "Subject: {$subject}";
$headers[] = "X-Mailer: PHP/".phpversion();
mail($to, $subject, $email, implode("\r\n", $headers));
?>
As noted in other, well, notes; the "additional headers" parameter can be easily exploited, when doing things like:
<?php
mail( $_POST['to'], $_POST['subject'], $_POST['message'], 'Reply-to: '.$_POST['from']."\r\n" );
?>
An easy way of fixing this, is removing CRLFs from the header-strings, like so:
<?php
$_POST['from'] = str_replace( "\r\n", '', $_POST['from'] );
?>
This way, the extra data will be part of the previous header.
There is also imap_mail used to send an email message.
This link will be much useful: http://php.net/manual/en/function.imap-mail.php
There's multiple solution for your problem depending on how you handle your post in PHP.
For pure PHP/HTML my solution would be,
In send_form_email.php set the message you want to display in session
Then, do a header location to the PHP page where you want to display the message
In this PHP check if the session variable is set and if it does, display it in HTML
It would look like that
send_form_email.php
if ( some_error )
$_SESSION['msg'] = 'Some error message';
else
$_SESSION['msg'] = 'Success !!';
header('Location: http://www.example.com/');
some_other_file.php
if (isset($_SESSION['msg']))
echo $_SESSION['msg']; // or add it to a variable for late use in your HTML
Another solution would be to sent the form using Ajax to your php file, then display the response from your file (the message) into a block in your HTLM page.
Related
I'm trying to send email from my domain. Mail is delivering properly. But it showing some message mentioning that the delivered message is spam. Please help me to overcome that problem. This is the message I got Be careful with this message
This may be a spoofed message. The message claims to have been sent
from your account, but Gmail couldn’t verify the actual source. Avoid
clicking links or replying with sensitive information, unless you are
sure you actually sent this message. (No need to reset your password,
the real sender does not actually have access to your account!)
<?php
if(isset($_POST['submit'])) {
$email_to = "info#maxwell.com";
$email_subject = "Your email subject line";
$name = $_POST['name'];
$message = $_POST['message'];
$email_from = $_POST['mail'];
$email_message = "Form details below.\n\n";
$email_message .= "Name: ".$name."\n";
$email_message .= "Email: ".$email_from."\n";
$email_message .= "message: ".$message."\n";
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
if(mail($email_to, $email_subject, $email_message, $headers)){
?>
<script>
window.location.href="contact.php?success";
</script>
<?php
// print("Thank you for contacting us. We will be in touch with you very soon.");
}
else{
?>
<script>
window.location.href="contact.php?fail";
</script>
<?php
}
// print("fail");
}
?>
<form method="post" >
<div class="form">
<div class="col-md-6 col-sm-12 col-xs-12 form-group">
<input type="text" class="form-control" name="name" placeholder="Your Name">
</div>
<div class="col-md-6 col-sm-12 col-xs-12 form-group">
<input type="email" class="form-control" name="mail" placeholder="E-mail Address">
</div>
<div class="col-xs-12 col-md-12 form-group">
<textarea name="message" placeholder="Message..."></textarea>
<!-- <input type="submit" value="SEND MESSAGE" class="btn-black bounce-top"> -->
</div>
<div class="col-xs-12 col-md-12 form-group">
<input type="submit" class="btn-black bounce-top" name="submit" value="SEND MESSAGE">
</div>
</div>
</form>
In order to avoid such situation. You can follow the following suggestions:
A Simple Implementation Example
<?php
mail("recipient#recipient.com", "Message", "A simple message.", "From: The Sender <sender#sender.com>");
?>
4 Ways To Make Your PHP mail() Emails Less Spammy
Use Headers
The Message Sender Domain and Server Domain Should Match
Be Sure to Properly Use the Content-type Attribute
Verify That Your Server Is Not Blacklisted
Detailed Explanation:
1. Use Headers
<?php
$headers .= "Reply-To: The Sender <sender#sender.com>\r\n";
$headers .= "Return-Path: The Sender <sender#sender.com>\r\n";
$headers .= "From: The Sender <senter#sender.com>\r\n";
?>
Be sure to replace the fourth parameter with the $headers variable as shown below.
<?php
mail("recipient#recipient.com", "Message", "A simple message.", $headers);
?>
2. The Message Sender Domain and Server Domain Should Match
Spammers are notorious for sending emails from one server and trying to make the recipient believe that it came from somewhere else. So if you are sending an email from example#example.com, it is a good idea the the script reside on example.com.
3. Be Sure to Properly Use the Content-type Attribute
The Content-type attribute enables a message sender to say whether or not an email is plain text or html, or whether it has attachments. Obviously, the easiest to use content type is text/plain. You just add your text as shown in the simple example, and you are done. But when you use the other content types, additional pieces might be expected. For example, with the text/html content type, an html body tag is expected. Not having this tag could result in your email being marked as spam.
4. Verify That Your Server Is Not Blacklisted
When a server is blacklisted, it means that that server has identified as one that has been sending a lot of spam. This results in recipient mail servers rejecting or filtering any mail that is received from that server.
So if your mail is not being received it is a good idea to verify that your server has not been blacklisted. This goes for both shared and dedicated servers. In a shared environment, it is common for other users on the server to be sending out spam. And in a dedicated environment, spammers may have found a way to exploit a vulnerability in a server or contact form to send out spam. So it is easy for either type of server to be blacklisted.
If you want a solution sure to not get marked as spam, look into Amazon's SES service. You will likely never exceed free tier pricing, and with a bit of configuration, you'll hit inboxes at much higher rates.
I have a contact form that I wrote in the html document and this then is executed by an external php file. How do I validate it? All tutorials that I've looked at have shown the validation and the html form in the actual php file and so how can my validation be accomplished?
HTML5:
<form id="form-area" action="email-processor.php" method="POST">
<div id="name-area"><p>Name (required)</p><input class="form-input" type="text" name="name"></div>
<div id="email-area"><p>Email (required)</p> <input class="form-input" type="text" name="email"></div>
<div id="phone-area"><p>Telephone</p> <input class="form-input" type="text" name="phone"></div>
<div id="msg-area"><p>Message</p><textarea id="msg-input" name="message" rows="6" cols="25"></textarea><br /></div>
<input id="sendbtn" type="submit" value="Send">
</form>
PHP:
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$formcontent="From: $name \n Phone Number: $phone \n \n Message: \n \n$message";
$recipient = "sampleemail#hotmail.com"
$subject = "Contact Form";
$mailheader = "From: $email \r\n";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
echo "Thank You!";
?>
You need to put required behind the input fields. If you want to make an email required as the standard format xxx#xxx.xxx instead simple text use type="email". For the telephone number you can use type="number" to allow numbers only, otherwise simply use text.
NEW HTML
<form id="form-area" action="email-processor.php" method="POST">
<div id="name-area"><p>Name (required)</p><input type="text" class="form-input" type="text" name="name" required></div>
<div id="email-area"><p>Email (required)</p> <input class="form-input" type="email" name="email" required></div>
<div id="phone-area"><p>Telephone</p> <input class="form-input" type="number" name="phone" required></div>
<div id="msg-area"><p>Message</p><textarea id="msg-input" name="message" rows="6" cols="25" required></textarea><br /></div>
<input id="sendbtn" type="submit" value="Send">
</form>
As has already been pointed out, for client-side validation, you can use the required attribute, which will trigger appearance changes in most web browsers.
However, you MUST do server-side validation as well. Failure to do so will result in vulnerabilities in your application code. For example, your mail() call currently allows unsanitized input for the additional_headers parameter. That means that malicious actors can easily inject whatever headers they want to - e.g. injecting an additional To: or CC: header can turn your server into an open mail relay (i.e. that's bad). Attackers are ALWAYS looking for incorrect usage of the PHP mail() function such as demonstrated by your code.
Because of the poor design of the PHP mail() function, my view is that no one should directly call it. The function is actually much more complicated to use correctly since it is only a basic layer over sendmail and, without significant effort, ignores all sorts of IETF RFCs that govern e-mail. You should use a library such as Ultimate E-mail Toolkit, PHP Mailer, etc. that offer a nicer layer over mail() and/or SMTP to do the actual sending of the e-mail and avoid turning your server into an open relay.
The server is the final authority on what is and is not allowed. For this reason, I use CubicleSoft FlexForms, which aids me in generating HTML forms and processing user input server-side. How you handle things server-side is far more critical than client-side validation, which can and will be ignored by malicious users. You can't control what a client will send and there are plenty of malicious actors out there. So you have to make the unfortunate assumption that all users will attack your software. You should always start with server-side validation and then add client-side validation afterwards.
In addition, your code won't work as you expect. Most mail servers are configured to deny spoofing attempts. You can't assume that you can send e-mail From: someone whose e-mail servers you don't control. The messaging will bounce back and if you send enough spoofed mail messages your server will eventually be added to a global blacklist (via DNSRBL) and denied sending e-mail to anyone else. You can only send "From" an address that you have control over AND have set up things such as a SPF record or DMARC for. Sending e-mail is hard thanks to spammers and the lack of direction by the Internet Engineering Task Force (IETF) to solve the problem.
You can, however, use the Reply-To: header with any sanitized e-mail address that you want to use. Most e-mail clients respect the Reply-To header and will use it instead of the From header when it exists.
My website is HTML5. Consequently, my files are .html. I have a contact.html file that I would like to use to send a message from, using PHP. I don't have much experience with PHP (so if anyone could recommend a better alternative, non-.NET way of sending email, please let me know).
My initial thought was to include my PHP code inside my HTML file (whether or not this is possible or even recommended, I don't know). I've done this once before, and I believe I remember having a form tag that somewhere in its attributes specified the .php file that I used to send the email.
Something like <form someattribute="sendmail.php"> ... </form>.
QUESTION: Given what I THINK I should do (above), is this the best approach (specifying the PHP file inside my form tag), or do you recommend a better way to send email from a raw .html file?
You cannot do that only with HTML. If you stick to PHP solution, try
<?php
if(isset($_POST['send'])) //check the submit button was pressed
{
//get variables from POST array. Remember we specified POST method
$to = $_POST['to'];
$subject = $_POST['subject'];
$message = $_POST['message'];
//set up headers
$headers = 'From: webmaster#example.com' . "\r\n" .
'Reply-To: webmaster#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
//send the email and save the result
$result = mail($to, $subject, $message, $headers);
//was it sent?
if($result)
{
echo "Successfuly sent the email";
}
else
{
echo "An error has occured";
}
}
?>
<hr>
<form method="POST">
To: <input type="text" name="to"> <br>
Subject: <input type="text" name="subject"> <br>
Text: <textarea name="message"></textarea><br>
<input type="submit" value="Send" name="send">
</form>
You do not need to specify where the form points to because it is the same file. Otherwise it would be
<form action="somefile.php" method="POST">
Altough you have to specify the method POST, otherwise all the data will be sent through GET by default
PHP has a mail function that is used to send the email http://php.net/manual/en/function.mail.php
Returns TRUE if the mail was successfully accepted for delivery, FALSE
otherwise.
We check if the email is sent or not and print a corresponding message. Then, regardless of the result, we print out the message form.
You can easily send the mail by posting the data into a php file. Just need to write some codein that php file and in form user action='phpfilename.php'. Thats it.
If you're just trying to send the form info via e-mail it's fairly simple.
<form action="sendmail.php">
just need to make sure you're coding your php file correctly.
http://php.net/manual/en/function.mail.php
mail.html
<form action="mail.php" method="post">
To <input type="text" name="to"/><br/>
Subject <input type="text" name="subject"/><br/>
Message <textarea name="message"></textarea><br/>
<input type="submit" value="Send"/>
</form>
mail.php
<?php
mail($_POST["to"] , $_POST["subject"], $_POST["message"]);
header("Location: mail.html"); //redirect the user
?>
HTML is only client side, and is just markup so it cannot send an email. You should have a form that posts to a PHP page, as you suggest, and that PHP page sends the email.
http://www.w3schools.com/php/php_forms.asp
http://www.w3schools.com/php/php_mail.asp
I am trying to get a custom contact form using PHP mail to have a user attach a photo, that then gets sent to the recipient outlined in the PHP mail code
<input type="file" id="file" name="file">
The form code is as follows;
<form action="register-mail.php" method="POST" enctype="multipart/form-data">
<input type="file" id="file" name="file">
<input type="submit" value="Submit">
</form>
The PHP mail code is as follows;
<?php $file = $_FILES['file'];
$formcontent="Email Text Content";
$recipient = "fake#email.com";
$subject = "Here is a Photo";
$mailheader = 'From: Basic Sign-up <fake#email.com>' . "\r\n";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
die();
?>
I can't seem to get it to attach the file to the email being sent. What am I doing wrong?
That is not how attachment works. Using the mail() for attachments is a little more complex than that. You got to tell mail() which part should handle the file attachment and which part is responsible to display the email body by setting up a MIME Boundary. In other words, the code should be divided into 2 parts:
A section to handle the message being sent in body
A section to handle file uploading
A detailed tutorial is here
PHP EMAIL WITH ATTACHMENT
However, I would suggest you to use a very handy tool called PHPMailer to do the same task. It simplifies the process and lets the class handle all the legwork.
PHPMailer
I've got a WordPress site with a contact form that works fine on my MAMP environment, but when I publish to my clients WIMP server I get a failure.
I am not at all familiar with WIMP environments- how does one go about checking PHP error logs
Offhand, are there issues with PHP emailing on WIMP that would be causing this?
Code:
<?php
if ($_POST["contact_name"]<>'') {
$ToEmail = 'me#domain.com';
$EmailSubject = 'New contact message';
$mailheader = "From: ".$_POST["contact_email"]."\r\n";
$mailheader .= "Reply-To: ".$_POST["contact_email"]."\r\n";
$mailheader .= "Content-type: text/html; charset=iso-8859-1\r\n";
$MESSAGE_BODY = "<b>Name:</b> ".$_POST["contact_name"]."<br>";
$MESSAGE_BODY .= "<b>Email:</b> ".$_POST["contact_email"]."<br>";
mail($ToEmail, $EmailSubject, $MESSAGE_BODY, $mailheader) or die ("Failure");
?>
<h4>Your message was sent. We will be in touch with you shortly.</h4>
<?php
} else {
<form id="contact-form" name="contact" method="post" action="#">
<label for="contact-name">Name *</label>
<input type="text" id="contact-name" name="contact_name" tabindex="1" class="required"/>
<label for="contact-email">Email</label>
<input type="text" id="contact-email" name="contact_email" tabindex="2" class="email" />
<input type="submit" id="contact-submit" name="contact_submit" value="" tabindex="8" />
</form>
<?php
};
?>
Windows does not have a built in email server like unix type OSs tend to have. You need to configure php.ini to add SMTP server information through which to relay email.
The PHP manual page for the `mail()' function details a number of Windows-specific points. However, the main points which could affect you are in this section: (to quote)
The Windows implementation of mail() differs in many ways from the Unix implementation. First, it doesn't use a local binary for composing messages but only operates on direct sockets which means a MTA is needed listening on a network socket (which can either on the localhost or a remote machine).
Second, the custom headers like From:, Cc:, Bcc: and Date: are not interpreted by the MTA in the first place, but are parsed by PHP.
As such, the to parameter should not be an address in the form of "Something <someone#example.com>". The mail command may not parse this properly while talking with the MTA.
There are a few other things to consider as well; please read the manual page for more.
Hope that helps.