A simple Contact form with PHP
A simple secure PHP form-to-email script, which web browsers and bots can't get to! You can use it for multiple fields, without making any changes to the script.
Requirements:
- A source code editor
- PHP installed on your server.
Example:
Step 1:
Copy and paste the PHP code below in a source code editor and save it as FormToEmail.php. Please don't remove the Copyright notice!
<?php
/*COPYRIGHT FormToEmail.com 2003 - 2006
You are not permitted to sell this script, but you can use it, copy it or distribute it, providing that you do not delete this copyright notice, and you do not remove any reference to FormToEmail.com*/
$my_email = "YourName@YourSiteName.com";
$continue = "/";
// Initialise variables
$errors = array();
if($_SERVER['REQUEST_METHOD'] == "POST"){$form_input = $_POST;}elseif($_SERVER['REQUEST_METHOD'] == "GET"){$form_input = $_GET;}else{exit;}
// Remove leading whitespace from all values.
function recursive_array_check(&$element_value)
{
if(!is_array($element_value)){$element_value = ltrim($element_value);}
else
{
foreach($element_value as $key => $value){$element_value[$key] = recursive_array_check($value);}
}
return $element_value;
}
recursive_array_check($form_input);
// Check referrer is from same site.
if(!(isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER']) && stristr($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST']))){$errors[] = "You must enable referrer logging to use the form";}
// Check for a blank form.
function recursive_array_check_blank($element_value)
{
global $set;
if(!is_array($element_value)){if(!empty($element_value)){$set = 1;}}
else
{
foreach($element_value as $value){if($set){break;} recursive_array_check_blank($value);}
}
}
recursive_array_check_blank($form_input);
if(!$set){$errors[] = "You cannot send a blank form";}
// Strip HTML tags from all fields.
function recursive_array_check2(&$element_value)
{
if(!is_array($element_value)){$element_value = strip_tags($element_value);}
else
{
foreach($element_value as $key => $value){$element_value[$key] = recursive_array_check2($value);}
}
return $element_value;
}
recursive_array_check2($form_input);
// Validate name field.
if(isset($form_input['name']) && !empty($form_input['name']))
{
if(preg_match("`[\r\n]`",$form_input['name'])){$errors[] = "You have submitted an invalid new line character";}
if(preg_match("/[^a-z' -]/i",stripslashes($form_input['name']))){$errors[] = "You have submitted an invalid character in the name field";}
}
// Validate email field.
if(isset($form_input['email']) && !empty($form_input['email']))
{
if(preg_match("`[\r\n]`",$form_input['email'])){$errors[] = "You have submitted an invalid new line character";}
if(!preg_match('/^([a-z][a-z0-9_.-\/\%]*@[^\s\"\)\?<>]+\.[a-z]{2,6})$/i',$form_input['email'])){$errors[] = "Email address is invalid";}
}
// Display any errors and exit if errors exist.
if(count($errors)){foreach($errors as $value){print "$value<br>";} exit;}
// Build message.
function build_message($request_input){if(!isset($message_output)){$message_output = "";}if(!is_array($request_input)){$message_output = $request_input;}else{foreach($request_input as $key => $value){if(!is_numeric($key)){$message_output .= "\n\n".$key.": ".build_message($value);}else{$message_output .= "\n\n".build_message($value);}}}return $message_output;}
$message = build_message($form_input);
$message = $message . "\n\n-- \nThank you for using FormToEmail from http://FormToEmail.com";
$message = stripslashes($message);
$subject = "FormToEmail Comments";
$headers = "From: " . $form_input['email'] . "\n" . "Return-Path: " . $form_input['email'] . "\n" . "Reply-To: " . $form_input['email'] . "\n";
mail($my_email,$subject,$message,$headers);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Form To Email PHP script from FormToEmail.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#ffffff" text="#000000">
<div>
<center>
<b>Thank you <?php print stripslashes($form_input['name']); ?></b> <br>
Your message has been sent
<p><a href="<?php print $continue; ?>">Click here to continue</a></p>
<p><b>FormToEmail</b> by <a href="http://FormToEmail.com">FormToEmail.com</a></p>
</center>
</div>
</body>
</html>
Step 2:
Change line $my_email = "YourName@YourSiteName.com"; and fill in your E-mail address.
Upload the files to you're server and you're done!