top notch standard form to email?

SooTyLaD

SooTyLaD

SooTyLaD

Soldato
Joined
19 Oct 2002
Posts
3,480
hi guys,

just wondering, there are a lot of form 2 email scripts out there but is there a de facto standard one that everyone uses? i.e. one that employs validation checks and preventative measures for spammers and the like?

i started forming my own using the eregi checks and the like in php but kinda thought it must have been done by someone a lot better than me at php, so, is there basically a mint one that really does the job and is nice and concise that everyone uses?

if theres not could someone just recommend me a good'n? :)
 
Code: 
<?php

// CONFIG
$mail_to = '[email protected]';
// END CONFIG

session_start();

function strip_mail_headers_single( $string ) {
    return preg_replace('/(%0A|%0D|\\n+|\\r+)/i', '', $string);
}

function strip_mail_headers_multi( $string ) {
    return preg_replace('/(%0A|%0D|\\n+|\\r+)(content-type:|to:|cc:|bcc:)/i', '', $string);
}

function is_valid_email( $string ) {
    return preg_match('^[\_]*([a-z0-9]+(\.|\_*)?)+@([a-z][a-z0-9\-]+(\.|\-*\.))+[a-z]{2,6}$', $string);
}

function send_mail($to, $from, $from_mail, $subject, $message) {
    if ( empty($from) || empty($from_mail) || empty($subject) || empty($message) ) {
        return -1;
    }

    if ( $_SESSION['last_mailed'] + 180 < time() )
        return -2;

    if ( !is_valid_email($from_mail) )
        return -3;

    $from = strip_mail_headers_single($from);
    $from_mail = strip_mail_headers_single($from_mail);
    $subject = strip_mail_headers_single($subject);
    $message = strip_mail_headers_multi($message);

    $_SESSION['last_mailed'] = time();

    return mail($to, $subject, $message, "From: $from <$from_mail>\r\n");
}

if ( !empty($_POST) ) {
    $result = send_mail($mail_to, $_POST['from'], $_POST['from_mail'], $_POST['subject'], $_POST['message']);

    if ( $result == -1 ) {
        echo "<p>Whoops! You need to complete all the fields.</p>";
    } elseif ( $result == -2 ) {
        echo "<p>Whoah, slow down there cowboy! You can only send one mail every three minutes.</p>";
    } elseif ( $result == -3 ) {
        echo "<p>Please enter a valid email address.</p>";
    } else {
        echo "<p>Mail sent successfully!</p>";
    }
}

?>

<form method="post" action="">

    <p><label for="from">Your name:</label></p>
    <p><input type="text" name="from" id="from" /></p>

    <p><label for="from_mail">Your email address:</label></p>
    <p><input type="text" name="from_mail" id="from_mail" /></p>

    <p><label for="subject">Subject:</label></p>
    <p><input type="text" name="subject" id="subject" /></p>

    <p><label for="message">Message:</label></p>
    <p><textarea name="message" id="message"></textarea></p>

    <p><input type="submit" value="Send Message" /></p>

</form>

Input validation + input sanitation + time limit is about the most secure you can get, I should think.
 
yeah this has defiently been done before many times so ther is no point in you spending the time to make your own, unless you want to learn how to do that stuff.

i can't reccomend any sorry but i can reccomend a good place to look...here

also google it might get a few but then tbh random internet info isn't to be trusted

robmiller said:
.
Click to expand...
thought you left this forum because of the whole visage thing?
 
Last edited:
so to get the above script to work, i have to use some some of get command (REQUEST?) and it'll do the rest? i'd like it in a seperate script cuz the form will be on every page...

exacly as above but with a command to pass data between the two... is that what you meant/intended robmiller?
 
could someone give me a hand implementing the above script?

i have put the form in my html, and the php in formmail.php

as it is, it flags up the time limit error ("hold it there cowboy"), and I can't seem to get it working :(

thought i might need $_REQUEST; at the top but didn't make a difference...

Cheers :)
 
PHP: 
if ( $_SESSION['last_mailed'] + 180 < time() )
        return -2;

shouldn't that be

PHP: 
if ( $_SESSION['last_mailed'] + 180 > time() )
        return -2;

? :)
 
cheers marc...

still aint working tho :(

things i've done:

• changed the target address at the top (obviously)
• changed the time thing to "> 180"
• added { } around the if statements (never been sure about the rules to not using them)

now, i dont get any feedback at all, just kindof refreshes the page, and no mail arrives :(

looking at it with my limited knowledge of PHP it all looks ok... am i doin summat daft?
 
well i just uploaded it to my webspace and there appears to be an error with the preg_match statement. i'm guessing you have error reprting turned off? unfortunately i have no idea how to fix it. i wouldn't know where to begin..... :o
 
I don't use very much of the functionality but it's incredibly quick at what I do use it for. It's very customisable and has loads of features such as being able to use [custom] HTML templates for emails.
 
well i was going to suggest removing the check for a valid email address. that's the only part that uses the preg_match. it's kind of a pointless feature anyway. what's to say you can't just enter any old email address.... :p

but i've run into new problems. i can't get this to run properly. i don't know if my host is the problem or me (more than likely), but no matter what i do, it always displays the error about fields not being filled (when they are) - but the mail does actually get sent. i'm stumped. :confused:
 
i've been playing around but basically i keep ending up where you are, i've currently switched off all the checks (this HAS to be just a temporary thing) and the mail now gets sent but like you said i get the fields not filled in error message...

it makes no sense, it should only be returning "-1" if one of the empty($xxx) flags up right?

jeez could we get a php guru in here just to put us straight? i dont even want to go and find another script now this has sucked up two much time to let it win :P

i reckon its a great little script if we can get it going... does what it says on the tin and all that...

help please guys...
 
i've re-written it php noob style.... :D

PHP: 
<?php

// CONFIG
$to = 'marc2003 at home';
// END CONFIG

session_start();

function strip_mail_headers_single( $string ) {
    return preg_replace('/(%0A|%0D|\\n+|\\r+)/i', '', $string);
}

function strip_mail_headers_multi( $string ) {
    return preg_replace('/(%0A|%0D|\\n+|\\r+)(content-type:|to:|cc:|bcc:)/i', '', $string);
}

if($_POST['submit']) {
	if(empty($_POST['from']) || empty($_POST['from_mail']) || empty($_POST['subject']) || empty($_POST['message'])) {
		echo "<p>Whoops! You need to complete all the fields.</p>";
	} else {
		$from = strip_mail_headers_single($_POST['from']);
		$from_mail = strip_mail_headers_single($_POST['from_mail']);
		$subject = strip_mail_headers_single($_POST['subject']);
		$message = strip_mail_headers_multi($_POST['message']);
		if($_SESSION['last_mailed'] + 180 < time()) {
			mail($to, $subject, $message, "From: $from <$from_mail>\r\n");
			$_SESSION['last_mailed'] = time();
			echo "<p>Mail sent successfully!</p>";
		} else {
			echo "<p>Whoah, slow down there cowboy! You can only send one mail every three minutes.</p>";
		}
	}
}
?>

<form method="post" action="">

    <p><label for="from">Your name:</label></p>
    <p><input type="text" name="from" /></p>

    <p><label for="from_mail">Your email address:</label></p>
    <p><input type="text" name="from_mail" /></p>

    <p><label for="subject">Subject:</label></p>
    <p><input type="text" name="subject" /></p>

    <p><label for="message">Message:</label></p>
    <p><textarea name="message"></textarea></p>

    <p><input type="submit" name="submit" value="Send Message" /></p>

</form>
 
Last edited:
does that one work for you boss?

for me it goes to a blank white page and doesnt send the mail :(

i bet this is summat really simple you know, we just ain clocking it...
 
QuiKsiLVeR said:
does that one work for you boss?
Click to expand...

of course. i wouldn't have posted without testing it first. note the small change i've made to the form as well (added a name to the submit button). :)
 
QuiKsiLVeR said:
does that one work for you boss?

for me it goes to a blank white page and doesnt send the mail :(

i bet this is summat really simple you know, we just ain clocking it...
Click to expand...

What environment are you using it on? Do you have the phpmail extension installed?
 
of course it would be helpful if you had error reporting turned on whilst your creating pages. if you have .htaccess support on your site, add this to an .htaccess file in your document root.....

Code: 
php_flag display_errors "1"
 
You must log in or register to reply here.
Back
Top Bottom