Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End Ajax contact form Reply To: Ajax contact form

#175945
__
Participant

Well, one possibility is that the message is being flagged as spam during delivery and discarded. You’re using the submitted email address in the From and Reply-To headers: it’s a big “red flag” if the domain name on that email doesn’t match the domain the message was sent from.

Try adding a Sender header, using an email address from your domain (it doesn’t have to be a “real” address; it could be a “no reply” address).

Also,

$email = $_POST['email'];

$mailheaders = “From: $email\r\n

This is very dangerous. This code allows a kind of attack called Header Injection. You need to validate user input — in this case, that $_POST['email'] really is a single email address (and not a list of email addresses and/or other email headers). This is a very common way of using website contact forms as spam servers. It can cause problems for you, as well: it can get your email server blacklisted, get your hosting account flagged, cancelled, or overcharged.

The simplest way to validate an email address is using the filter_var function:

$email = filter_var( $_POST['email'], FILTER_VALIDATE_EMAIL );
if( ! $email ){
    /*  $_POST['email'] was *not* a valid email address.
        Stop processing; do not send your email message.  */
}