treehouse : what would you like to learn today?
Web Design Web Development iOS Development

Forums

Illustration by Nick Sirotich

Nice Simple Contact Form

  • JennW
    Permalink to comment #
    Hi. I've downloaded the "Nice Simple Contact Form" and made all the needed adjustments. It is working properly (what a great form! :D ) but when I tested it, the email states that it's from chriscoyier@gmail.com.

    I see where it states this in the .php :
    $EmailFrom = "chriscoyier@gmail.com";

    but what do I change it to make the email say who actually sent it?

    Thanks!
    JennW
  • falkencreative
    Permalink to comment #
    I believe this is the code you started with in "contactengine.php":

    // CHANGE THE VARIABLES BELOW

    $EmailFrom = \"junk@junk.com\";
    $EmailTo = \"junk@junk.com\";
    $Subject = \"Contact Form Submission\";

    $Name = Trim(stripslashes($_POST['Name'])); 
    $Tel = Trim(stripslashes($_POST['Tel'])); 
    $Email = Trim(stripslashes($_POST['Email'])); 
    $Message = Trim(stripslashes($_POST['Message']));


    You could move the "emailFrom" line down below the lines where PHP gets the form values, and use the visitors email address:

    // CHANGE THE VARIABLES BELOW

    $EmailFrom = \"junk@junk.com\";
    $Subject = \"Contact Form Submission\";

    $Name = Trim(stripslashes($_POST['Name'])); 
    $Tel = Trim(stripslashes($_POST['Tel'])); 
    $Email = Trim(stripslashes($_POST['Email'])); 
    $Message = Trim(stripslashes($_POST['Message'])); 

    $EmailTo = $Email;
  • ikthius
    Permalink to comment #
    "JennW" said:
    Hi. I've downloaded the "Nice Simple Contact Form" and made all the needed adjustments. It is working properly (what a great form! :D ) but when I tested it, the email states that it's from chriscoyier@gmail.com.

    I see where it states this in the .php :
    $EmailFrom = "chriscoyier@gmail.com";

    but what do I change it to make the email say who actually sent it?

    Thanks!
    JennW


    as falken said, take the email from the the form, that script has been set to a particular address.

    my forms elements have names="element" but my script populates the email by finding that elements name= and adds what was put in to php variables ( ['*'] is the form element ):

    $EmailTo = \"something @ something\"; //where you want the script to send the email to
    $Subject = \"The subject\"; //the subject of the email
    $name = $_REQUEST['name'];  //the name element of the form
    $tel = $_REQUEST['tel'];  //the tel element of the form
    $email = $_REQUEST['email'];  //the email element of the form
    $message = $_REQUEST['message']; //the message element of the form
  • JennW
    Permalink to comment #
    That worked!

    Changed :
    $EmailFrom = "junk@junk.com";
    to :
    $EmailFrom = $Email;

    - and moved it under the $Message line (but I'm not sure that matters with the above change in place)

    I also changed :
    $Subject = "Online Contact";
    to :
    $Subject = $Subject;

    and added the following :
    $Body .= "Subject: ";
    $Body .= $Subject;

    Now the subject states the users Email Subject instead of my default.
    Many, many thanks!
  • falkencreative
    Permalink to comment #
    - and moved it under the $Message line (but I'm not sure that matters with the above change in place)


    Basically, this line:

    $EmailFrom = $Email;


    has to be below the line where the $Email variable is set (see below), otherwise you'll run into errors.

    $Email = Trim(stripslashes($_POST['Email']));
  • seba
    Permalink to comment #
    Does this form have any spam protection? if not how can it be added, cheers.
  • davesgonebananas
    Permalink to comment #
    I use reCaptcha for spam prevention. Simply sign up for an API key at http://recaptcha.net/ and download the reCaptcha PHP library from http://recaptcha.net/plugins/php/

    To add the reCaptcha to the contact form you simply add the following code (must be a .php file):
    <?php
    require_once('recaptchalib.php');  // file you downloaded earlier
    $publickey = \"...\"; // you got this from the signup page
    echo recaptcha_get_html($publickey);
    ?>


    Then to verify the captcha you add the following before the email is processed:

    require_once('recaptchalib.php');
    $privatekey = \"...\"; // you got this from the signup page as well
    $resp = recaptcha_check_answer ($privatekey,
                                    $_SERVER[\"REMOTE_ADDR\"],
                                    $_POST[\"recaptcha_challenge_field\"],
                                    $_POST[\"recaptcha_response_field\"]);

    if (!$resp->is_valid) {
      die (\"The reCAPTCHA wasn't entered correctly. Go back and try it again.\" .
           \"(reCAPTCHA said: \" . $resp->error . \")\");
    }
  • TheDoc
    Permalink to comment #
    I removed captcha from a particular site due to complaints from users needing to fill it out multiple times to get it right.

    I subbed it with a simple math question like this:
    <p>Are you Human? What is 2 + 2?<br />
    <input name=\"human\" type=\"text\" id=\"human\" /></p>

    Then in your PHP you can add something like:
    if ($human != \"4\") {
    	$build_message = false;
    	$result = header(\"Location: ../contact-error.php\");
    }
  • davesgonebananas
    Permalink to comment #
    Yes I must say I hate filling out Captcha's - we all do. That said I do put them on sites. I think it depends on the amount of traffic you get. Once you start to get above a certain the threshold you seem to get more and more spam. These spammers have even managed to get passed the captcha on these forums - but if you are a small site then a Matcha (math capture?) might be good enough.

    The nice thing about reCaptcha is they use words from scanned in books that their OCR software couldn't detect. Every time someone feels out a reCaptcha they are (apparently) helping to digitize copies of old books and newspapers. So at least those few seconds went to some good use :-)
  • ikthius
    Permalink to comment #
    after getting lots of spam, I added a captcha to the sites I am in charge of, and I added the simple math one, as I did not want to deal with a whole load of images that sometimes I can't read.

    this has greatly decreased the spam to virtually nill, but then I added other parts to my PHP script:


    /*
    *******************  checking the script is filled in by humans  *******************
    */
    //if email contains nothing, refresh to google and exit the script
    if($email == \"\") 
    {
    	print \"<meta http-equiv=\\"refresh\\" content=\\"0;URL=http://www.google.com\\">\";
    	exit;
    }
    //if hidden contains anything, refresh to google and exit the script
    if ($hidden > \"\")
    {
    	print \"<meta http-equiv=\\"refresh\\" content=\\"0;URL=http://www.google.com\\">\";
    	exit;
    }
    //if body contains nothing, refresh to google and exit the script
    if($Body == \"\") 
    {
    	print \"<meta http-equiv=\\"refresh\\" content=\\"0;URL=http://www.google.com\\">\";
    	exit;
    }
    //if the HTML captcha answer is not the same as PHP captcha value, refresh to google and exit the script
    if ($captchaHTML != $captchaPHP) 
    {
    	print \"<meta http-equiv=\\"refresh\\" content=\\"0;URL=http://www.google.com\\">\";
    	exit;
    }


    /*
    *******************  checking the body for generated urls if so send to google  *******************
    */
    if(preg_match(\"/http/i\", \"$Body\"))
    {
    	print \"<meta http-equiv=\\"refresh\\" content=\\"0;URL=http://www.google.com\\">\";
    	exit;
    }
    if(preg_match(\"/a href/i\", \"$Body\"))
    {
    	print \"<meta http-equiv=\\"refresh\\" content=\\"0;URL=http://www.google.com\\">\";
    	exit;
    }
    if(preg_match(\"/link=/i\", \"$Body\"))
    {
    	print \"<meta http-equiv=\\"refresh\\" content=\\"0;URL=http://www.google.com\\">\";
    	exit;
    }


    you could also use an .htaccess to deny access to a directory that the script is working from, and deny from all the bot servers/ip address, this should eliminate all spam
Add a Comment