Hi,

I have recently seen some attempts at Form Hijaking I sure most are familiar with this as it is pretty rampant at the moment (some info here)

I have a standard form that I use and would like to stop these attempts for obvious reasons - however my PHP skills aren't up to the task. If somebody could look at the code of my form and offer the best solution I would much appreciate this -

Code:
<?php
if ($_POST) {
if (get_magic_quotes_gpc()) {
foreach ($_POST as $key => $value) {
$temp = stripslashes($value);
$_POST[$key] = $temp;
}
}

if(($_POST['fullname'] == '') || ($_POST['tel'] == '')) {
$error = '<strong>Sorry</strong>, You seem to have missed out some required fields:';
if($_POST['fullname'] == '') {
$error_fullname = ' <br /><strong>Full Name</strong> is a required Field';
}
if($_POST['tel'] == ''){
$error_tel = ' <br /><strong>Telephone</strong> is a required Field';
}

}
else{

$to = 'info@mydomian.co.uk';
$subject = 'Website form';
// message goes here
$message = "Full Name: " . $_POST['fullname'] . "\n";
$message .= "Telephone: " . $_POST['tel'] . "\n";
$message .= "Email: " . $_POST['email'] . "\n";
$message .= "Message: " . $_POST['message'] . "\n";

// headers go here
$headers = "From: " . $_POST['email'] . "\n";
$headers .= "Content-type: text/plain; charset=UTF-8";
$sent = mail($to, $subject, $message, $headers);
$autorespond = mail($_POST['email'], "Form Auto Response.", "Thank you for contacting Me, your message has been received and we will contact you shortly.", "From: info@mydomian.co.ukk<info@mydomian.co.ukk>");
}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">

<head>
<title></title>
</head>
<body>

<?php
if (isset($sent)) {
echo '<p><span class="thanks"><strong>Thank you</strong> for contacting Tablets of Stone.</span></p>';
}
else{
echo '<p class="sorry"><!-- -->';
echo $error;
echo $error_fullname;
echo $error_tel;
echo '</p>';
}
?>

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset>
<legend>Feedback Form</legend>
<div class="row">
<span class="formLabel"><label for="fullname">Full Name*</label><br /></span>
<input class="inputfield" type="text" id="fullname" name="fullname" size="30" />
</div>
<div class="row">
<span class="formLabel"><label for="tel">Telephone*</label><br /></span>
<input class="inputfield" type="text" id="tel" name="tel" size="30" />
</div>
<div class="row">
<span class="formLabel"><label for="email">Email Address</label><br /></span>
<input class="inputfield" type="text" id="email" name="email" size="30" />
</div>
<div class="row">
<span class="formMessage">Message<br /></span>
<textarea class="inputarea" name="message" rows="5" cols="30"></textarea>
</div>
</fieldset>
<p><input type="submit" class="inputsend" name="SUBMIT" value="Send Form" /></p>
</form>

</body>
</html>
Thank You