PHP Programming > Beginners - Learning PHP
Basic Contact Form Help
Emmaline:
Hi
I'm a beginner with PHP and using the code below from a basic tutorial to use on a website. I'm wondering if it is secure enough and should work ok?
Many thanks for any advice,
Emma
CONTACT PAGE HTML:
--- Code: ---<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"><title>What are you thinking?</title>
<meta content="php, contact, form, thinking" name="keywords">
<meta content="Contact us and let us know if we can help you out further." name="description">
<style>
input, textarea {
padding: 5px;
margin: 10px;
font-family: Cambria, Cochin, serif;
font-size: medium;
font-weight: bold;
outline: none;
}
p {
font-family: Cambria, Cochin, serif;
font-size: large;
margin-bottom: -5px;
}
input[type=text], textarea {
width: 350px;
background-color: #DDEDFF;
border: 1px solid #97C9FF;
}
input[type=submit] {
width: 100px;
background-color: #669900;
border: 1px solid #336600;
font-size: large;
color: #FFFFFF;
}
input[type=submit]:hover {
background-color: #78B300;
cursor: pointer;
}
input[type=submit]:active {
background-color: #4A6F00;
}
h1 {
font-family: "Trebuchet MS", Arial, sans-serif;
font-size: 2.1em;
color: #3399FF;
}
body {
padding: 10px;
background-color: #F4F4F4;
}
</style>
</head>
<body>
<h1>What are you thinking?</h1>
<form action="mailer.php" method="POST">
<div>
<p>Name</p>
<input name="name" type="text"> <br> </div>
<div>
<p>E-Mail (Optional)</p>
<input name="email" type="text">
<br>
</div>
<div>
<p>Comment</p>
<textarea cols="30" name="comment" rows="9"></textarea>
<br> </div>
<div>
<input name="submit" type="submit" value="Send!"> </div>
</form>
</body>
</html>
--- End code ---
PHP PAGE:
--- PHP Code: ---<?php
if(isset($_POST['submit'])) {
$to = "you@email.com";
$subject = "What are you thinking submission!";
// data the visitor provided
$name_field = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$email_field = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
$comment = filter_var($_POST['comment'], FILTER_SANITIZE_STRING);
//constructing the message
$body = " From: $name_field\n\n E-Mail: $email_field\n\n Message:\n\n $comment";
// ...and away we go!
mail($to, $subject, $body);
// redirect to confirmation
header('Location: confirmation.htm');
} else {
// handle the error somehow
}
?>
--- End code ---
CONFIRMATION PAGE:
--- Code: ---<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Great Success!</title>
<meta content="php, contact, form, thinking" name="keywords">
<meta content="Great success!" name="description">
<style>
p {
font-family: Cambria, Cochin, serif;
font-size: large;
margin-bottom: -5px;
}
h1 {
font-family: "Trebuchet MS", Arial, sans-serif;
font-size: xx-large;
color: #3399FF;
}
body {
padding: 10px;
background-color: #F4F4F4;
}
</style>
</head>
<body>
<h1> </h1>
<h1>Thank You!</h1>
<p>We've received your feedback, and we will get back to you soon.</p>
</body>
</html>
--- End code ---
MiniCoder110:
Quick question. Are you getting errors in this script? I only so far checked out the HTML page. It looks nice, but when i do my <input> tags I do it like you, but instead of doing <input words="words" words="words"> I do <input words="words" words="words" /> With the /> at the end. Does this affect you at all? I've never tried it without the />, just wondering
RaythXC:
--- Quote from: MiniCoder110 on June 18, 2012, 03:36:46 PM ---Quick question. Are you getting errors in this script? I only so far checked out the HTML page. It looks nice, but when i do my <input> tags I do it like you, but instead of doing <input words="words" words="words"> I do <input words="words" words="words" /> With the /> at the end. Does this affect you at all? I've never tried it without the />, just wondering
--- End quote ---
There is no direct affect by not including the /. All it does is tell the html code there won't be a closing </tag> but isn't overly important.
If you were to run the page through a html verify thingy to check quality, having the / makes it's results better since you wouldn't be missing tags.
Emma: The email code looks as secure as possible for using php mail.
Emmaline:
Minicoder 110 - I think it depends on what version of html you are using if you need the /> or not. I'll need to check it is the right one.
RaythXC - thanks for viewing and validating the security aspect. Now I've tested it and I am getting an error - "Warning: Cannot modify header information - headers already sent by... "
thanks
emma
Emmaline:
OK I took out empty spaces after the php tags at the end and saved as ANSI instead of UTF-8 and it now works!
I checked the HTML, In HTML, the <input> tag has no end tag.
In XHTML, the <input> tag must be properly closed, like this <input />.
All should be ok now,
thanks
Emma
Navigation
[0] Message Index
[#] Next page
Go to full version