/    Sign up×
Community /Pin to ProfileBookmark

a complete mailform script

Copy linkTweet thisAlerts:
Jul 22.2006

Hello

I wanted some time now to update my old mailform scrip so I find this better one instead. My old form was a bit annoying when someone sends a mail to me. It says it is from “me” and I cannot just simply reply to it… anyways

on this page [URL=http://www.xentrik.net/php/mailform.php]xentrik[/URL], there is a fine scrip. but it doesn´t want to send any mail. It just displays an Error “missing”. All the three fields are correctly filled.

The demo page on their site is working, just not the downloadable script

There must be some problem laid between the lines 67-70

Could someone have a check? I bet someone on here may reply faster than their support…. or? ?

to post a comment
PHP

11 Comments(s)

Copy linkTweet thisAlerts:
@SiddanauthorJul 24.2006 — can anyone have a quick glance at it?, cus I sure don´t know what is wrong...
Copy linkTweet thisAlerts:
@Vectorman211Jul 24.2006 — Try this:

[code=php]
$name=trim($_POST['name']);
$email=trim($_POST['email']);
$subject=trim($_POST['subject']);
$body=trim($_POST['body');

send_email("Sender <[email protected]>","$name <$email>",$subject,$body);

function send_email($from,$to,$subject,$body,$html=FALSE)
{
$header="MIME-Version: 1.0rn";
if($html){
$header.="Content-type: text/html; charset=iso-8859-1rn";
}else{
$header.="Content-type: text/plain; charset=iso-8859-1rn";
}
$header.="From: $fromrn";
$header.="Reply-To: $fromrn";
$header.="X-Mailer: PHP/".phpversion()."/r/n";
mail($to,$subject,$body,$header);
}
[/code]
Copy linkTweet thisAlerts:
@SiddanauthorJul 24.2006 — hey and thanks for replying. but is this a new complete mailform script?
Copy linkTweet thisAlerts:
@Vectorman211Jul 24.2006 — Yes all you'd have to do is create the HTML form to submit to this script using the field names name,email,subject,body.

EDIT:

I wrote this up quickly, note that there is no error checking, so could be possibly exploitable. I assume you have some moderate PHP knowledge. If you need something more robust I can add to it for you.
Copy linkTweet thisAlerts:
@SiddanauthorJul 24.2006 — thanks.. alltho that mailform found on that site I mentioned has a very good system.. 3 pages in one.

The only problem is that I get error when trying to send a mail. As if it thinks a field has been wrongly filled. and it must be somewhere between those lines that is wrong (around #check required fields").. or at least have something to do with...

I can might aswell post the entire script here

[code=php]
// MODIFY THE FOLLOWING SECTION

// your name
$recipientname = "YOUR NAME";

// your email
$recipientemail = "[email protected]";

// subject of the email sent to you
$subject = "Online-Form Response for $recipientname";

// send an autoresponse to the user?
$autoresponse = "no";

// subject of autoresponse
$autosubject = "Thank you for your mail!";

// autoresponse message
$automessage = "This is an auto response to let you know that we've successfully received your email sent through our email form. Thanks! We'll get back to you shortly.";

// thankyou displayed after the user clicks "submit"
$thanks = "Thank you for contacting us.<br>We will get back to you as soon as possible.<br>";

// END OF NECESSARY MODIFICATIONS

?>

<style type="text/css"><!--
td,body,input,textarea {
font-size:12px;
font-family:Verdana,Arial,Helvetica,sans-serif;
color:#000000}
--></style>
</head>
<body>

<table width="100%" height="100%"><tr>
<td valign="top"><font face="Verdana,Arial,Helvetica" size="2">

<?php
if($_POST['submitform']) {

$Name = $HTTP_POST_VARS['Name'];
$Email = $HTTP_POST_VARS['Email'];
$Comments = $HTTP_POST_VARS['Comments'];

// check required fields
$dcheck = explode(",",$require);
while(list($check) = each($dcheck)) {
if(!$$dcheck[$check]) {
$error .= "Missing $dcheck[$check]<br>";
}
}

// check email address
if ((!ereg(".+@.+..+", $Email)) || (!ereg("^[[email protected]]+$", $Email))){
$error .= "Invalid email address<br>";}

// display errors
if($error) {
?>

<b>Error</b><br>
<?php echo $error; ?><br>
<a href="#" onClick="history.go(-1)">try again</a>


<?php
}
else
{

$browser = $HTTP_USER_AGENT;
$ip = $REMOTE_ADDR;

// format message
$message = "Online-Form Response for $recipientname:

Name: $Name
Email: $Email

Comments: $Comments

-----------------------------

Browser: $browser
User IP: $ip";

// send mail and print success message
mail($recipientemail,"$subject","$message","From: $Name <$Email>");

if($autoresponse == "yes") {
$autosubject = stripslashes($autosubject);
$automessage = stripslashes($automessage);
mail($Email,"$autosubject","$automessage","From: $recipientname <$recipientemail>");
}

echo "$thanks";
}
}
else {
?>

<form name="contactform" action="<?php echo $PHP_SELF; ?>" method="post">
<input type="hidden" name="require" value="Name,Email,Comments">
<table><tr>
<td colspan="2" align="center"><b>Contact Me!</b><p></td>
</tr><tr>
<td valign="top" align="right">Name:</td>
<td valign="top"><input name="Name" size="25"></td>
</tr><tr>
<td valign="top" align="right">E-mail:</td>
<td valign="top"><input name="Email" size="25"></td>
</tr><tr>
<td valign="top" align="right">Comments:</td>
<td valign="top"><textarea name="Comments" rows="5" cols="35"></textarea></td>
</tr><tr>
<td colspan="2" align="center"><input type="submit" value="Submit" name="submitform">
<input type="reset" value="Reset" name="reset"></td>
</tr></table>
<br>

</form>
<?php } ?>
</font><p></td>
</tr><tr>
<td valign="bottom"><font face="Verdana" size="1">Mailform Copyright © 2002 <a href="http://www.xentrik.net/">Kali's Web Shoppe</a>.</font></td>
</tr></table>

</body>
</html>
[/code]
Copy linkTweet thisAlerts:
@Vectorman211Jul 24.2006 — This script was obviously never tested on other PHP installs, he assumed register globals was on. The problem was also that he left out where you declare required fields in the configuration. But he did have them in the form code which is a bad idea. Here is the corrected version:

[code=php]
<?
// MODIFY THE FOLLOWING SECTION

// your name
$recipientname = "NAME";

// your email
$recipientemail = "email";

// subject of the email sent to you
$subject = "Online-Form Response for $recipientname";

// send an autoresponse to the user?
$autoresponse = "no";

// subject of autoresponse
$autosubject = "Thank you for your mail!";

// autoresponse message
$automessage = "This is an auto response to let you know that we've successfully received your email sent through our email form. Thanks! We'll get back to you shortly.";

// thankyou displayed after the user clicks "submit"
$thanks = "Thank you for contacting us.<br>We will get back to you as soon as possible.<br>";

//Required fields
$require = "Name,Email,Comments";

// END OF NECESSARY MODIFICATIONS

?>

<style type="text/css"><!--
td,body,input,textarea {
font-size:12px;
font-family:Verdana,Arial,Helvetica,sans-serif;
color:#000000}
--></style>
</head>
<body>

<table width="100%" height="100%"><tr>
<td valign="top"><font face="Verdana,Arial,Helvetica" size="2">

<?php
if($_POST['submitform']) {

$Name = $HTTP_POST_VARS['Name'];
$Email = $HTTP_POST_VARS['Email'];
$Comments = $HTTP_POST_VARS['Comments'];

// check required fields
$dcheck = explode(",",$require);
while(list($check) = each($dcheck)) {
if(!$$dcheck[$check]) {
$error .= "Missing $dcheck[$check]<br>";
}
}

// check email address
if ((!ereg(".+@.+..+", $Email)) || (!ereg("^[[email protected]]+$", $Email))){
$error .= "Invalid email address<br>";}

// display errors
if($error) {
?>

<b>Error</b><br>
<?php echo $error; ?><br>
<a href="#" onClick="history.go(-1)">try again</a>


<?php
}
else
{

$browser = $_SERVER['HTTP_USER_AGENT'];
$ip = $_SERVER['REMOTE_ADDR'];

// format message
$message = "Online-Form Response for $recipientname:

Name: $Name
Email: $Email

Comments: $Comments

-----------------------------

Browser: $browser
User IP: $ip";

// send mail and print success message
mail($recipientemail,"$subject","$message","From: $Name <$Email>");

if($autoresponse == "yes") {
$autosubject = stripslashes($autosubject);
$automessage = stripslashes($automessage);
mail($Email,"$autosubject","$automessage","From: $recipientname <$recipientemail>");
}

echo "$thanks";
}
}
else {
?>

<form name="contactform" action="<?php echo $PHP_SELF; ?>" method="post">
<table><tr>
<td colspan="2" align="center"><b>Contact Me!</b><p></td>
</tr><tr>
<td valign="top" align="right">Name:</td>
<td valign="top"><input name="Name" size="25"></td>
</tr><tr>
<td valign="top" align="right">E-mail:</td>
<td valign="top"><input name="Email" size="25"></td>
</tr><tr>
<td valign="top" align="right">Comments:</td>
<td valign="top"><textarea name="Comments" rows="5" cols="35"></textarea></td>
</tr><tr>
<td colspan="2" align="center"><input type="submit" value="Submit" name="submitform">
<input type="reset" value="Reset" name="reset"></td>
</tr></table>
<br>

</form>
<?php } ?>
</font><p></td>
</tr><tr>
<td valign="bottom"><font face="Verdana" size="1">Mailform Copyright © 2002 <a href="http://www.xentrik.net/">Kali's Web Shoppe</a>.</font></td>
</tr></table>

</body>
</html>
[/code]
Copy linkTweet thisAlerts:
@SiddanauthorJul 24.2006 — o....m....g ! ! ! !

that´s what was been missing lol

Was it only the Required fields in the config?

The IP and browser info doesn´t show, but that´s minor. At least it works. Super great

thanks alot Vector
Copy linkTweet thisAlerts:
@SiddanauthorJul 27.2006 — ok.. I am bringing this post back again:

Now I have a problem when I check the mail that has been sent to me through this mailform.

When I view the detailed information it doesn´t tell me the real origin. It just tells me it was sent from my webhost. The last script I had did at least tell me the real origin IP number and other useful stuff how to trace it.

I have compared them both but am unsure which code does this.

I have got 3 spams lately and don´t know who is sending them

they look like this:

--------------------

Name: [email][email protected][/email]

Email: [email][email protected][/email]

Comments: [email][email protected][/email]

-----------------------------

Browser:

User IP:
Copy linkTweet thisAlerts:
@SiddanauthorJul 31.2006 — ok, So I have found another mailscript in two parts which I had to settle with and it looks very secure and well done. Now it tells me at least where the mail has been sent from

Now I have a big wondering.

Whenever I get a spam mail and I have the autoresponse turned on. Will the spammer be able to store my email address for further more spams?

... or is it safer to disable the autoresponse?
Copy linkTweet thisAlerts:
@chubbymouseAug 01.2006 — I'm not sure if this will work but try adding this in at the top, is sort of a bodge job mixing PHP with HTML form input but it may do ithe trick.

<input type=hidden name="env_report" value="REMOTE_HOST, HTTP_USER_AGENT, REMOTE_ADDR">

Keep in mind you do now need <form> tags though
Copy linkTweet thisAlerts:
@SiddanauthorAug 01.2006 — hmm ok, I am not sure what this will do. I cannot notice any difference
×

Success!

Help @Siddan spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.19,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...