Grow your CSS skills. Land your dream job.

PHP Response Form

  • # July 17, 2009 at 3:19 am

    Hi,

    I wonder if anyone can help me with this.
    I am a novice when it comes to PHP and I’m currently finding that the response form I’m using sends responses to my spam box instead of my inbox.
    I would really appreciate any advice on how to correct this problem. The PHP code is pasted below.
    Thanks very much in advance…
    Ian.

    Code:
    < ?php

    // User settings
    $to = "ian1618@googlemail.com";
    $subject = "SimpleModal Contact Form";

    // Include extra form fields and/or submitter data?
    // false = do not include
    $extra = array(
    "form_subject" => true,
    “form_cc” => true,
    “ip” => true,
    “user_agent” => true
    );

    // Process
    $action = isset($_POST[“action”]) ? $_POST[“action”] : “”;
    if (empty($action)) {
    // Send back the contact form HTML
    $output = “

    Send us a message:




    “;

    if ($extra[“form_subject”]) {
    $output .= ”

    “;
    }

    $output .= ”



    “;

    if ($extra[“form_cc”]) {
    $output .= ”

    Send me a copy

    “;
    }

    $output .= ”





    “;

    echo $output;
    }
    else if ($action == “send”) {
    // Send the email
    $name = isset($_POST[“name”]) ? $_POST[“name”] : “”;
    $email = isset($_POST[“email”]) ? $_POST[“email”] : “”;
    $subject = isset($_POST[“subject”]) ? $_POST[“subject”] : $subject;
    $message = isset($_POST[“message”]) ? $_POST[“message”] : “”;
    $cc = isset($_POST[“cc”]) ? $_POST[“cc”] : “”;
    $token = isset($_POST[“token”]) ? $_POST[“token”] : “”;

    // make sure the token matches
    if ($token === smcf_token($to)) {
    smcf_send($name, $email, $subject, $message, $cc);
    echo “Your message was successfully sent.”;
    }
    else {
    echo “Unfortunately, your message could not be verified.”;
    }
    }

    function smcf_token($s) {
    return md5(“smcf-” . $s . date(“WY”));
    }

    // Validate and send email
    function smcf_send($name, $email, $subject, $message, $cc) {
    global $to, $extra;

    // Filter and validate fields
    $name = smcf_filter($name);
    $subject = smcf_filter($subject);
    $email = smcf_filter($email);
    if (!smcf_validate_email($email)) {
    $subject .= ” – invalid email”;
    $message .= “nnBad email: $email”;
    $email = $to;
    $cc = 0; // do not CC “sender”
    }

    // Add additional info to the message
    if ($extra[“ip”]) {
    $message .= “nnIP: ” . $_SERVER[“REMOTE_ADDR”];
    }
    if ($extra[“user_agent”]) {
    $message .= “nnUSER AGENT: ” . $_SERVER[“HTTP_USER_AGENT”];
    }

    // Set and wordwrap message body
    $body = “From: $namenn”;
    $body .= “Message: $message”;
    $body = wordwrap($body, 70);

    // Build header
    $headers = “From: $emailn”;
    if ($cc == 1) {
    $headers .= “Cc: $emailn”;
    }
    $headers .= “X-Mailer: PHP/SimpleModalContactForm”;

    // UTF-8
    if (function_exists(‘mb_encode_mimeheader’)) {
    $subject = mb_encode_mimeheader($subject, “UTF-8″, “B”, “n”);
    }
    else {
    // you need to enable mb_encode_mimeheader or risk
    // getting emails that are not UTF-8 encoded
    }
    $headers .= “MIME-Version: 1.0n”;
    $headers .= “Content-type: text/plain; charset=utf-8n”;
    $headers .= “Content-Transfer-Encoding: quoted-printablen”;

    // Send email
    @mail($to, $subject, $body, $headers) or
    die(“Unfortunately, a server issue prevented delivery of your message.”);
    }

    // Remove any un-safe values to prevent email injection
    function smcf_filter($value) {
    $pattern = array(“/n/”,”/r/”,”/content-type:/i”,”/to:/i”, “/from:/i”, “/cc:/i”);
    $value = preg_replace($pattern, “”, $value);
    return $value;
    }

    // Validate email address format in case client-side validation “fails”
    function smcf_validate_email($email) {
    $at = strrpos($email, “@”);

    // Make sure the at (@) sybmol exists and
    // it is not the first or last character
    if ($at && ($at < 1 || ($at + 1) == strlen($email)))
    return false;

    // Make sure there aren't multiple periods together
    if (preg_match("/(.{2,})/", $email))
    return false;

    // Break up the local and domain portions
    $local = substr($email, 0, $at);
    $domain = substr($email, $at + 1);

    // Check lengths
    $locLen = strlen($local);
    $domLen = strlen($domain);
    if ($locLen < 1 || $locLen > 64 || $domLen < 4 || $domLen > 255)
    return false;

    // Make sure local and domain don’t start with or end with a period
    if (preg_match(“/(^.|.$)/”, $local) || preg_match(“/(^.|.$)/”, $domain))
    return false;

    // Check for quoted-string addresses
    // Since almost anything is allowed in a quoted-string address,
    // we’re just going to let them go through
    if (!preg_match(‘/^”(.+)”$/’, $local)) {
    // It’s a dot-string address…check for valid characters
    if (!preg_match(‘/^[-a-zA-Z0-9!#$%*/?|^{}`~&’+=_.]*$/’, $local))
    return false;
    }

    // Make sure domain contains only valid characters and at least one period
    if (!preg_match(“/^[-a-zA-Z0-9.]*$/”, $domain) || !strpos($domain, “.”))
    return false;

    return true;
    }

    exit;

    ?>

    Rob
    # July 17, 2009 at 6:02 am

    hit the "this is not spam" button? lol

    # July 17, 2009 at 8:42 am

    Not sure that my client would appreciate having to constantly go to their spam box to check for messages from their web form and always have to mark them as "not spam".

    # July 17, 2009 at 9:01 am

    You only have to do it once.

    # July 23, 2009 at 4:48 pm

    As these guys said, if your email client is marking it as spam you can configure not to do that. Usually this is by clicking on "This is not spam" or similar. Alternatively you can add the sending email address to your address book.

    For a list of client specific suggestions you might find http://www.catster.com/faq_email.php helpful.

    Best regards
    Dave

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

*May or may not contain any actual "CSS" or "Tricks".