PHP Mailto contact form

DJMK4

DJMK4

DJMK4

Soldato
Joined
1 Dec 2004
Posts
23,076
Location
S.Wales
Hi,

I did a script a while ago which was secure enough for the web but I lost it. Now looking on the web all I can find is half hearted tutorials which are not much use to me :(

I have the HTML form sorted on my contact page, and I have the beginning of the PHP mail to script sorted but am abit stuck.

This is what I have so far..

Code: 
<?php

//Variable declarations
$name = strip_tags($_POST['name']);
$email = strip_tags($_POST['email']);
$comments = strip_tags($_POST['comments']);

$errors  = array(); // array of errors

// basic validation (if empty)
if ($name == '') {
  $errors[] = "\n\n - Please enter your name. ";
}

if ($email == '') {
  $errors[] = "\n\n - Please enter your e-mail. ";
}

if ($comments == '') {
  $errors[] = "\n\n - Please enter your comments. ";
}


//Script to send e-mail

For some reason I cant for the love of life think how to do all the error checking, spam protection and actually "Sending" the mail.

Would like some links to some good tutotrials if possible as google is failing me :(

I dont want nothing which sticks fort knocks infront of my script, but something secure.

Thanks all :)
 
OK, here is my revised script, it pretty much works (so far) I need to make it more secure, but at the momen im getting the field validations working.

I have 4 fields

Name*
Email
Tel*
Comments*

* Required fields

As you can see it all pretty much works as it should, but at the moment if i fill all in exept for e-mail, I get the following (e-mail address not valid), is there a way I can put in the script:

if $email = "" then skip the e-mail format check?? Where would this go?

Code: 
//-------------------------------------------

					//If e-mail is filled in, send e-mail
					if (isset($_REQUEST['email']))


					//Variable declarations
						$site_email = "[email protected]" ; 
						$name = strip_tags($_POST['name']);
						$email = strip_tags($_POST['email']);
						$tel = strip_tags($_POST['tel']);
						$comments = strip_tags($_POST['comments']);
						
						
					//Error Checking (if fields are empty)
						if(!empty( $name ) && !empty( $tel ) && !empty( $comments )) 
						{
						$subject = "dmoranda.co.uk website message" ;
						$headers = 'From: ' . $email . "" ;
						$comments = wordwrap ( $_POST [ 'comments' ], 65 );


							$email = htmlspecialchars($_POST['email']);
							if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
							{
								die("E-mail address not valid");
							}


					//Send the message using mail() function

						$mail = mail ( $site_email , $subject , $tel ,  $comments , $headers );
						if( $mail == true )
						{
						echo "Mail Successful!" ;
						}
						else
						{
						echo "Mail Failed" ;
						}
						}
						else
						{
						echo "Please fill in all the fields" ;
						} 


					?>

EDIT - Sorry for the weird formatting, for some reason when I pasted it, it came out like that
 
You must log in or register to reply here.
Back
Top Bottom