Contact form

(Sorry if I’m asking this in the wrong place, or asking something that’s on a sticky, but I’ve looked and can’t find it…)

How can I set up a contact form?

I mean … I can do all the <form> and <input> stuff, no problem. I’ve got the form, it’s great, it works a treat. But I’ve inherited this website from someone else, and we’re using a free service that seems, well, a little flaky. We’ve had several people say they’ve sent us forms that we’ve never received.

So … I thought I’d have a go at writing the clever stuff myself. But now I’m stuck. I’ve asked the googlegod, and I’ve found lots of services offering form-to-mail for a fee … but this site is for a non-profit charitable organisation and we just don’t have a budget for it. And I’m wondering why it is so difficult, whether there’s really any need to pay someone to do it. Is there any way that a non-programmer like me could ever get my head round form-to-mail? Can anyone recommend a free script that will do the job?

Thanks for your help … eventually got it working! Turns out the server needs a fifth “-f” parameter on the mail() function, and only recognises parameters set using _POST[‘whatever’].

widgetbox.com - free and paid forms. I use the paid $4 a month version for my form, feed box, and etc. It’s nice, but you can also use the free one. Just worth an idea.

http://site.fithope.com/Submit_It_.html - what my box looks like. There’s 100s of ways of doing it so it doesn’t have to be glossy, black, or complex like this. Can just be very simple.

If you search for “formmail” you should find a lot of “ready-to-go” (or almost ready) scripts in any number of languages.

One of the main things to look for is a secure app that can’t be used to send SPAM from your server (i.e. header injection). So look to see that it at least has adequate server-side input validation before it sends an email. If it also has CAPTCHA, flood control, DNS blacklisting, open-proxy blocking etc. that’s an added security plus.

If you want lots of stuff in the body, it’s pretty simple…

$mail_Body = $email_msg;
$email_msg = "Hello,";
$email_msg .= "\
\
" . "Thanks for contacting my technical support. Your e-mail is important to us and we will try to respond to it as quickly as possible. This is an automatically generated response to let you know that we have recieved your e-mail.";
$email_msg .= "\
" . "Item 1: " . $item1;
$email_msg .= "\
" . "Item 2: " . $item2;
$email_msg .= "\
" . "Item 3: " . $item3;
$email_msg .= "\
" . "Item 4: " . $item4;
$email_msg .= "\
" . $message
$email_msg .= "\
\
" . "Jack Sparrow";
$email_msg .= "\
" . "Captain of the Black Pearl";

In the above, I’ve added lot’s of details to $email_msg (which equals the $mail_Body that gets sent), the "
" = one new line, the "

" = two new lines, and the full stops act as separators between the items and their values (as per the form inputs), you can play around with it and tweak the message (and once they hit send it’ll gather all that up in the message and send it!) As for security issues, apart from spam, there are none, the processing is done server-side and therefore they can’t change who it’s being sent too - though form validation may help you if you just want to make sure they don’t leave any fields blank.

Oh and the header simply tells it to redirect the user back to where they came from when the script has sent the email (so their not stuck on a blank page) :slight_smile:

Thanks for that, Alex. Now I’ve got a couple more questions…

It’s a more complicated form that that, with 16 inputs (Ok, perhaps describing it as a “contact form” was a bit of an oversimplification), including three checkboxes. How do I get all 16 of them in the body of the email? The checkboxes will need to be named but the rest of the text doesn’t need a lot of labelling, just some kind of clear delineation between fields.

Second, are there any security issues that I need to be aware of?

Third (OK, three questions), what does the “header” bit do? Does that tell the script what page to serve next?

Thanks!

The simplest mail method I know uses PHP and it just requires you to POST the form to the PHP file which processes everything:

<?php
$mail_From = $email;
$mail_To = "support@yoursite.com";
$mail_Subject = $subject;
$mail_Body = $message;
mail($mail_To, $mail_Subject, $mail_Body, $mail_From);
header("Location: http://www.yoursite.com/where-you-came-from");
exit;
?>

I’ve used it in the past and it works for me, just make sure the input names match the $names :slight_smile: