Home › Forums › Back End › Ajax contact form › Reply To: Ajax contact form
Well, one possibility is that the message is being flagged as spam during delivery and discarded. You’re using the submitted email address in the From
and Reply-To
headers: it’s a big “red flag” if the domain name on that email doesn’t match the domain the message was sent from.
Try adding a Sender
header, using an email address from your domain (it doesn’t have to be a “real” address; it could be a “no reply” address).
Also,
$email = $_POST['email'];
…
$mailheaders = “From: $email\r\n
…
This is very dangerous. This code allows a kind of attack called Header Injection. You need to validate user input — in this case, that $_POST['email']
really is a single email address (and not a list of email addresses and/or other email headers). This is a very common way of using website contact forms as spam servers. It can cause problems for you, as well: it can get your email server blacklisted, get your hosting account flagged, cancelled, or overcharged.
The simplest way to validate an email address is using the filter_var
function:
$email = filter_var( $_POST['email'], FILTER_VALIDATE_EMAIL );
if( ! $email ){
/* $_POST['email'] was *not* a valid email address.
Stop processing; do not send your email message. */
}