Also, does this code come from two separate files? If not, your form HTML should be before the closing </body> tag. Also, you might want to wrap your php code in an IF statement so it doesn’t get run when you first open the page… something like:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// send your email here
}
I think the headers have to be in english to work - according to wikipedia they are translated by the email client (http://en.wikipedia.org/wiki/MIME). When I tested using ‘FRON’ instead of ‘From’ the email doesn’t send.
Another thing that might also prevent your email from being sent though is that your email server might require the FROM header to be set to a particular email address, in which case you can set the Reply-To header with the user’s submitted email address, to allow you to reply to the emails.
The
inserts a line break… it’s what you’d want to do if you’re sending a plain text email, rather than a HTML one.
I’m not aware of GoogleBots triggering email forms… I always thought they didn’t touch forms. In any case, you really should be checking for valid form fields before sending the email.
Well, checking that fields like name, email and message aren’t empty, making it impossible to be sent an empty email. Also you probably want to check that the email address is a valid one (i.e. name@domain, and not just random text or something).
Good robots will not touch your contact page. For added security you can include a robot meta tag:
<meta name="robot" content="noindex, nofollow">
Bad and evil robots will try to spam your email form and if you don’t take precautions they will. They could cause empty emails.
I have an email script that has never sent an email from a bad or evil crawler in ten years. It does not send the email directly. Instead of a Submit button it has a Review button which displays the email for preview and editing using Sessions. Bad and evil robots have not yet mastered the fine art of reviewing their SPAM. Since I also record all the accesses to the email form I have their IP addresses and if they are persistent I exclude them from the server altogether.
Please don’t blame good old Googlebot for the harm created by Evilbots.
The code seems OK… although I’d put a check around the PHP code so that it only runs once the form has been submitted, not when you first load the page:
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// your emailing code here
}
As far as validating the email goes, as a start you could use a simple regex pattern - here’s an example function which will return true for valid addresses: