Feedback form with predetermined email sender?

General PHP Help
#1

Hey, so I recently installed a neat little feedback form for the purpose of users being able to submit data directly to my email, and it works wonderfully!

Having little knowledge in PHP, what I was wondering is, is it possible instead of having the user type their own email address in the form, is it possible to have a ‘predetermined’ email? As in, all the user has to do is type their message and hit submit, and this predetermined email will send to webmaster email address.

Here’s the code I got for it:
[php]<?php

$webmaster_email = "[email protected]";

$feedback_page = “feedback_form.html”;
$error_page = “error_message.html”;
$thankyou_page = “thank_you.html”;

$email_address = $_REQUEST[‘email_address’] ;
$comments = $_REQUEST[‘comments’] ;

function isInjected($str) {
$injections = array(’(\n+)’,
‘(\r+)’,
‘(\t+)’,
‘(%0A+)’,
‘(%0D+)’,
‘(%08+)’,
‘(%09+)’
);
$inject = join(’|’, $injections);
$inject = “/$inject/i”;
if(preg_match($inject,$str)) {
return true;
}
else {
return false;
}
}

if (!isset($_REQUEST[‘email_address’])) {
header( “Location: $feedback_page” );
}

elseif (empty($email_address) || empty($comments)) {
header( “Location: $error_page” );
}

elseif ( isInjected($email_address) ) {
header( “Location: $error_page” );
}

else {
mail( “$webmaster_email”, “Feedback Form Results”,
$comments, “From: $email_address” );
header( “Location: $thankyou_page” );
}
?>[/php]

#2

Looks to me that it already sends to the webmaster email based on the email coded on this line.
[php]$webmaster_email = "[email protected]";[/php]
If you wanted to remove the html input for the client to enter an email, then you’ll need to remove some things in the processing script too. Since you didn’t provide the html form code I can’t say what to remove there, but this would be the updated processing script code.
[php]
$webmaster_email = "[email protected]";

$feedback_page = “feedback_form.html”;
$error_page = “error_message.html”;
$thankyou_page = “thank_you.html”;

$comments = $_REQUEST[‘comments’] ;

if (empty($comments)) {
header( “Location: $error_page” );
}

else {
mail( $webmaster_email, “Feedback Form Results”,
$comments, "From: ".$webmaster_email );
header( “Location: $thankyou_page” );
}
[/php]
Honestly I am a little surprised that you are even receiving the emails, they are missing a bunch of crucial email header info. I’d give you a link to an informative article but if you’re having a hard time editing this little script, you won’t be able to really tackle the info given, sorry.

#3

I’ve seem to have found my own way to mend it, thanks though!

#4

Well with the code you provided, there isn’t really much other ways to accomplish it, so be careful. Also, you need to stop using $_REQUEST and use either $_GET or $_POST depending on the form action. $_REQUEST is outdated and can be a difficult var to deal with cause it includes all get and post vars within it. So someone could provide a $_GET in the same name as your $_POST and totally spoof your system. You need to use the proper var based on what you are doing.

Sponsor our Newsletter | Privacy Policy | Terms of Service