Closed chris-pearce closed 6 years ago
@kllevin a past PHP implementation (5 years ago) of submitting a form via PHP and the contents being emailed to the recipient:
The form in the view:
<h2>Make An Enquiry</h2>
<div class="message">
<div id="alert"></div>
</div>
<form action="sendmail.php" method="post" id="enquiry-form">
<fieldset>
<p><em>All fields are required</em></p>
<div>
<label for="name">Name</label>
<input type="text" name="name" id="name" maxlength="100" class="txt-input" />
</div>
<div>
<label for="email">Email Address</label>
<input type="text" name="email" id="email" maxlength="100" class="txt-input" />
</div>
<div>
<label for="phone">Phone Number</label>
<input type="text" name="phone" id="phone" maxlength="100" class="txt-input" />
</div>
<div class="hide-fully">
<label for="last">Don't fill this in</label>
<input type="text" name="last" id="last" class="txt-input" />
</div>
<div>
<label for="message">Your Enquiry</label>
<textarea name="message" id="message" rows="5" cols="20"></textarea>
</div>
<input type="image" src="images/template/btn-submit.png" alt="Send" />
</fieldset>
</form>
The PHP:
<?php
// Who you want to recieve the emails from the form. (Hint: generally you.)
$sendto = 'queenofheartsfuncasino@bigpond.com';
// The subject you'll see in your inbox
$subject = 'Queen of Hearts Enquiry form submission';
// Message for the user when he/she doesn't fill in the form correctly.
$errormessage = 'Oops! There seems to have been a problem. May we suggest...';
// Message for the user when he/she fills in the form correctly.
$thanks = "<p>Thanks for your enquiry. We will endeavour to reply to all enquiries within 72 hours. Should you require a response before this time, please contact our office during business hours.</p>";
// Message for the bot when it fills in in at all.
$honeypot = "You filled in the honeypot! If you're human, try again!";
// Various messages displayed when the fields are empty.
$emptyname = 'Entering your name';
$emptyemail = 'Entering your email address';
$emptyphone = 'Entering your phone number';
$emptymessage = 'Entering your enquiry';
// Various messages displayed when the fields are incorrectly formatted.
$alertname = 'Entering your name using only the standard alphabet?';
$alertemail = 'Entering your email in this format: <i>name@example.com</i>';
$alertmessage = "Making sure you aren't using any parenthesis or other escaping characters in the message? Most URLS are fine though!";
// --------------------------- Thats it! don't mess with below unless you are really smart! ---------------------------------
//Setting used variables.
$alert = '';
$pass = 0;
// Sanitizing the data, kind of done via error messages first. Twice is better!
function clean_var($variable) {
$variable = strip_tags(stripslashes(trim(rtrim($variable))));
return $variable;
}
//The first if for honeypot.
if ( empty($_REQUEST['last']) ) {
// A bunch of if's for all the fields and the error messages.
if ( empty($_REQUEST['name']) ) {
$pass = 1;
$alert .= "<li>" . $emptyname . "</li>";
} elseif ( ereg( "[][{}()*+?.\\^$|]", $_REQUEST['name'] ) ) {
$pass = 1;
$alert .= "<li>" . $alertname . "</li>";
}
if ( empty($_REQUEST['email']) ) {
$pass = 1;
$alert .= "<li>" . $emptyemail . "</li>";
} elseif ( !eregi("^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,3})$", $_REQUEST['email']) ) {
$pass = 1;
$alert .= "<li>" . $alertemail . "</li>";
}
if ( empty($_REQUEST['phone']) ) {
$pass = 1;
$alert .= "<li>" . $emptyphone . "</li>";
}
if ( empty($_REQUEST['message']) ) {
$pass = 1;
$alert .= "<li>" . $emptymessage . "</li>";
} elseif ( ereg( "[][{}()*+?\\^$|]", $_REQUEST['message'] ) ) {
$pass = 1;
$alert .= "<li>" . $alertmessage . "</li>";
}
//If the user err'd, print the error messages.
if ( $pass==1 ) {
//This first line is for ajax/javascript, comment it or delete it if this isn't your cup o' tea.
echo "<script>$(\".message\").hide().show();</script>";
echo "<p>" . $errormessage . "</p>";
echo "<ul>";
echo $alert;
echo "</ul>";
// If the user didn't err and there is in fact a message, time to email it.
} elseif (isset($_REQUEST['message'])) {
//Construct the message.
$message = "From: " . clean_var($_REQUEST['name']) . "\n";
$message .= "Email: " . clean_var($_REQUEST['email']) . "\n";
$message .= "Phone: " . clean_var($_REQUEST['phone']) . "\n";
$message .= "Message: \n" . clean_var($_REQUEST['message']);
$header = 'From:'. clean_var($_REQUEST['email']);
//Mail the message - for production
mail($sendto, $subject, $message, $header);
//This is for javascript,
echo "<script>$(\".message\").hide().show(); $(':input').clearForm()</script>";
echo $thanks;
die();
}
//If honeypot is filled, trigger the message that bot likely won't see.
} else {
echo "<script>$(\".message\").hide().show();</script>";
echo $honeypot;
}
?>
From Dreamhost: