I am trying to move my contact forms away from FormMail and Javascript and onto something which resists automated submission by spammers and is more flexible.

I've created a form using PEAR HTML_QuickForm based on Site Points The PHP Anthology, Chapter 5. I'm using PEAR Mail and Mail_Mime to send the email. I hope you agree this helps with the above.

I could do with a file which processes the form data and that resists injection attack. It also needs to be fairly easy to put into place (ie with my effort below all the various form fields need to be 'combined' into one variable '$body' which I imagine will be very time consuming forms with lots of fields.)

Here is my current effort....

PHP Code:
// to remove the E_STRICT errors created by the PHP4 code in Mail

// include Mail class
require 'Mail.php'

// choose which backend type we want
$mail Mail::factory('mail', array('host'=>'mail.MYDOMAIN'));

// some headers we want to send

$hdrs = array(
'From'    =>  $name .  '<' $email '>',
'Subject' => 'MYDOMAIN Web Enquiry'
// the body of the message
$body =  '$enquiry';

// send the email
$succ $mail->send('sales@MYDOMAIN'$hdrs$body);

// end first if