Web Hosting Talk : Web Hosting Main Forums : Programming Discussion : Programming Tutorials : Simple PHP Contact Form

[YouHostMe[Julie]]

This is a simple script to put a contact form on your website

Add this code to your site (This is the form)

Code:

<form method="POST" action="send.php">
Fields marked (*) are required

<p>Email From:* <br>
<input type="text" name="EmailFrom">
<p>Full Name:* <br>
<input type="text" name="Name">
<p>Comments:* <br>
<input type="text" name="Comments">
<p><input type="submit" name="submit" value="Submit">
</form>
<p>

Then create a file called send.php with the following

Code:

<?php 
$EmailFrom = Trim(stripslashes($_POST['EmailFrom'])); 
$EmailTo = "yourname@youraddress.com";
$Subject = "Contact Form Results";
$Name = Trim(stripslashes($_POST['Name'])); 
$Comments = Trim(stripslashes($_POST['Comments'])); 

// validation
$validationOK=true;
if (Trim($EmailFrom)=="") $validationOK=false;
if (Trim($Name)=="") $validationOK=false;
if (Trim($Comments)=="") $validationOK=false;
if (!$validationOK) {
  print "<meta http-equiv=\"refresh\" content=\"0;URL=error.htm\">";
  exit;
}

// prepare email body text
$Body = "";
$Body .= "Name: ";
$Body .= $Name;
$Body .= "\n";
$Body .= "Email: ";
$Body .= $EmailFrom;
$Body .= "\n";
$Body .= "Comments: ";
$Body .= $Comments;
$Body .= "\n";

// send email 
$success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>");

// redirect to success page 
if ($success){
  print "<meta http-equiv=\"refresh\" content=\"0;URL=ok.html\">";
}
else{
  print "<meta http-equiv=\"refresh\" content=\"0;URL=error.html\">";
}
?>

Create 2 pages for your error and success pages, and name them error.html and ok.html

Hope that helps a few people

[Eversuns]

Hi,

Thanks for that, a nice little tutorial that can help for basic contact forms

Thanks

[WillyGee]

Great tutorial! it's running fine but there doesn't seem to be any validation on the email. I've set up the code as above but it doesn't seem to matter what I put in the email field - it'll send regardless.

Also, should "0;URL=error.htm\"

be

"0;URL=error.html\"

?

Thanks again for a great tut!

WG

[amchost]

Quote:

<?php

// First check to see if the for has been submitted
if (isset($_POST['submitted'])) {

$errors = array(); // Initialize error array.

// Check for a name
if (empty($_POST['name'])) {
$errors[] = 'You forgot to enter your name.';
}

// Check for a valid email address
if (!preg_match("/^([a-zA-Z0-9])+([\.a-zA-Z0-9_-])*@([a-zA-Z0-9_-])+(\.[a-zA-Z0-9_-]+)*\.([a-zA-Z]{2,6})$/", $_POST['email'])) {
$errors[] = 'You need to enter a valid email address.';
}

// Check for a message
if (empty($_POST['message'])) {
$errors[] = 'You forgot to enter a message.';
}

if (empty($errors)) { // If everything is OK.

// Let's send an email
// Let's first send some email to the admin
$mailTo = "PUT THE EMAIL HERE ADDRESS HERE WHERE YOU WANT TO RECIEVE THE EMAIL TO";
$senderName = $_POST['name'];
$senderMail = $_POST['email'];
$break .= "<br/>";
$eol .= "\r\n";
$sol .= "\n";
$headers .= 'To: '.$mailTo.' <'.$mailTo.'>'.$eol;
$headers .= 'From: '.$senderName.' <'.$senderMail.'>'.$eol;
$headers .= 'Date: '.date("r").$eol;
$headers .= 'Sender-IP: '.$_SERVER["REMOTE_ADDR"].$eol;
$headers .= 'X-Mailser: MCT Adv.PHP Mailer 1.0'.$eol;
$headers .= 'MIME-Version: 1.0'.$eol;
//$headers .= 'Content-Type: text/html; charset="windows-1251"\r\n';
$headers .= 'Content-Type: text/html; charset="iso-8859-1"'.$eol;
$subject = 'New Mail from MCT-Hosting.com';

$msg .= '<font face=arial size=2>';
$msg .= 'You have recieved a message from MCT-Hosting.com.'.$break.$break;
$msg .= 'Please review the information below.'.$break.$break;
$msg .= '<strong>Name:</strong> '.$_POST['name'].$break;
$msg .= '<strong>E-Mail:</strong> '.$_POST['email'].$break;
$msg .= '<strong>Phone Number:</strong> '.$_POST['phone'].$break;
$msg .= '<strong>Message:</strong> '.$_POST['message'].$break;
$msg .= $break;
$msg .= '_______________________________________________________________________'.$break;
$msg .= 'Contact form made by Justin St. Germain - Method Computer Technologies.'.$break;
$msg .= '</font>';

// Mail it
mail($mailTo, $subject, $msg, $headers);

echo '<h1 if="mainhead">Thank you!</h1>
<p class="main_txt">Thanks for contacting us. Someone will get back to you as soon as possible.</p>';

} else {
echo '<h1 id="mainhead">Error!</h1>
<p class="main_txt">The following error(s) occured.<br/>';
foreach ($errors as $errorMSG) { // Print each error.
echo " - $errorMSG<br/>\n";
} // End of Errors

echo 'Please go <a href="Javascript:history.go(-1)">back</a> and try again.</p>';

} // End of if (empty($errors)) IF Statement

} else { // Display the form.

echo'<p class="main_txt">Please take a moment to fill out the form below to contact us.<br>
<form action="formMail.php" method="post">
Name: &nbsp; *<br>
<input name="name" type="text" value="'.$_POST['name'].'" tabindex="1" size="50" />
<br>
E-Mail Address: &nbsp; *<br>
<input name="email" type="text" id="email" value="'.$_POST['email'].'" tabindex="2" size="50" />
<br>
Phone Number:<br>
<input name="phone" type="text" id="phone" value="'.$_POST['phone'].'" tabindex="3" size="50" />
<br>
Message: &nbsp; *<br>
<textarea name="message" cols="38" rows="8" id="msg" tabindex="4" />'.$_POST['$message'].'</textarea>
<br><br>
<input name="submit" type="submit" value="Submit" tabindex="5" /><input type="hidden" name="submitted" value="TRUE" /> &nbsp; <input name="reset" type="reset" value="Reset" tabindex="6" /> &nbsp; <em>* = required</em>
</form>
</p>';

} // End of submitted IF-ELSE statement

?>

I find this to be a great - and stable - mail script if that helps anybody.

In case anyone was wondering, I did not write this script, so full credit goes to the original creator

[smartsoft]

if you want to add an attachment feature how do you do this like an attachement of 8. and send it to email

[linux-tech]

Never add a "contact form" without capcha. That's just asking for bot trouble any more.

[ZackN]

Quote:

Originally Posted by YouHostMe[Julie]

Code:

if ($success){
  print "<meta http-equiv=\"refresh\" content=\"0;URL=ok.html\">";
}
else{
  print "<meta http-equiv=\"refresh\" content=\"0;URL=error.html\">";
}
?>

Why not use php's header function. Should be just a bit faster/cleaner.

PHP Code:

if ($success){
  header("Location: ok.html");
}
else{
  header("Location: error.html");
} 


[adrevol]

Really it is helpful but still u can optimize the code ..

1. why each and every time server validation -- Instead of it go for client validation and reduce the server requests .. Now a days Most of the browsers are javascript enabled .. so with out worries u can go for javascript validation ..

[linux-tech]

Quote:

Originally Posted by adrevol

Now a days Most of the browsers are javascript enabled .. so with out worries u can go for javascript validation ..

Browsers can be manipulated to do whatever they want. By relying on "javascript" for validation, you're making 2 critical assumptions:

A> The user has javascript enabled (which many don't for security)
B> The user hasn't modified how things are handled there

By using JAVASCRIPT validation instead of SERVER validation (which takes less than 1s to do properly), you just took the risk of passing improper information to the server.

Forms should always be verified on the server end

[Steve_Arm]

Great, a spam-ready form.

[Harzem]

And a hack ready form. Extremely insecure (ever heard of http response splitting?)

[adrevol]

Quote:

Originally Posted by linux-tech

Browsers can be manipulated to do whatever they want. By relying on "javascript" for validation, you're making 2 critical assumptions:

A> The user has javascript enabled (which many don't for security)
B> The user hasn't modified how things are handled there

By using JAVASCRIPT validation instead of SERVER validation (which takes less than 1s to do properly), you just took the risk of passing improper information to the server.

Forms should always be verified on the server end

Exactly said, But what i was telling is different lets consider the following scenario

there are 5 fields in the contact form

1. user has entered only 1st field and tried submitting

>> it goes to server and request will come back to user saying please fill the remaining 4 fields

2. again user typed in 2 more fields
>> the same situation

Instead of this .. Have Basic validation in the client end itself and at the server end Have validation

with is the server load will come down , where in worst case u can even reduce n-2 server requests

Thats what i was trying to explain ..

[adrevol]

if it is case of 4 to 5 fields It is always fine .. What if it is Lead Generating Form .. where the form may consist of min 15+ fields ... at least u can reduce 2 server requests

[Steve_Arm]

Well if you are not bored enough to write the same validation in 2 languages do it. I'd rather go with the load

[Harzem]

Load? For a contact form? Are you getting 100.000+ contact emails per day?

Javascript can be useful only for user-friendliness. A contact form hardly creates a load on the server (unless gets hacked/attacked).