Empty email from contact form ?!

ingenting · May 25, 2013, 11:18am

I have a problem i get empty emails from my contact form. Should there have been something in these emails ? What could be wrong.

Here is the code.

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="viewport" content="initial-scale=1, maximum-scale=1" />
<meta name="viewport" content="width=device-width" />
<title>EMAIL</title>
</head>
</head>
<body>
<?php
	$email_to = "mail@mymail.com";/* YOUR EMAIL HERE! */
	$name = $_POST["name"];
	$email = $_POST["email"];
	$url = $_POST["url"];
	$message = $_POST["message"];
	$text = "USERS NAME: $name<br>
			 USERS EMAIL: $email<br>
			 USERES TLF: $url<br>		 
			 USERES MESSAGE: $message";
	$headers = "MIME-Version: 1.0" . "\\r\
"; 
	$headers .= "Content-type:text/html; charset=utf-8" . "\\r\
"; 
	$headers .= "FRON: <$email>" . "\\r\
";
	mail($email_to, "Message", $text, $headers);
?>

</body>
</html>
				
                
                
                
                
                <form action="send.php" id="contact-form" class="simple-form " method="post">
					<div class="one-fourth">
						<fieldset>
							<label><span>* </span>YOUR NAME </label>
							<input type="text" class="text requiredField" name="name"/>
						</fieldset>
					</div>
					<div class="one-fourth">
						<fieldset>
							<label><span>* </span>YOUR Email </label>
							<input type="text" class="requiredField email" name="email"/>
						</fieldset>
					</div>
					<div class="one-fourth last">
						<fieldset>
							<label>Telephone</label>
							<input type="text" class="url" name="url"/>
						</fieldset>
					</div>
					<div class="three-fourth last">
						<fieldset>
							<label><span>* </span>Your MESSAGE </label>
							<textarea cols="30" rows="6" class="text requiredField" name="message"></textarea>
						</fieldset>
						<fieldset>
							<input type="submit" value="Send message" class="button small black"/>
						</fieldset>
					</div>
				</form>

fretburner · May 25, 2013, 1:01pm

Hi ingenting,

You’ve got a typo in your mail headers:

$headers .= "FRON: <$email>" . "\\r\
";

Also, does this code come from two separate files? If not, your form HTML should be before the closing </body> tag. Also, you might want to wrap your php code in an IF statement so it doesn’t get run when you first open the page… something like:


if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // send your email here
}

ingenting · May 25, 2013, 2:00pm

fretburner:

Hi ingenting,

You’ve got a typo in your mail headers:
$headers .= "FRON: <$email>" . "\\r\
";
Also, does this code come from two separate files? If not, your form HTML should be before the closing </body> tag. Also, you might want to wrap your php code in an IF statement so it doesn’t get run when you first open the page… something like:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // send your email here
}

I dont think that is the mistake - also i just changed it quick to english from my language.

It is in to seperate files - send.php and contact.html

If there is no coding mistake, could it then be spam ? or something with my email ?

fretburner · May 25, 2013, 2:09pm

I think the headers have to be in english to work - according to wikipedia they are translated by the email client (http://en.wikipedia.org/wiki/MIME). When I tested using ‘FRON’ instead of ‘From’ the email doesn’t send.

Another thing that might also prevent your email from being sent though is that your email server might require the FROM header to be set to a particular email address, in which case you can set the Reply-To header with the user’s submitted email address, to allow you to reply to the emails.

ingenting · May 25, 2013, 2:15pm

Okay i will try to change it to FROM: What about USERS EMAIL, USERS TLF, USERS MESSAGE then:


$text = "USERS NAME: $name
USERS EMAIL: $email
USERES TLF: $url		
USERES MESSAGE: $message";

Should it also be in english ?

fretburner · May 25, 2013, 2:17pm

No, only the header names… the subject line and the text of your message can be in any language.

captainccs · May 25, 2013, 2:36pm

I don’t know if the headers are case specific but it’s best to use the standard usage:

From:
To:
Cc:
Bcc:
Return-path:
Reply-To:
Subject:

followed by a space. You can use additional custom headers if you wish:

X-FRON: Joe
X-My-other-custom-header: hi there

ralphm · May 25, 2013, 3:53pm

Rather than this:


$text = "USERS NAME: $name<br>
    USERS EMAIL: $email<br>
    USERES TLF: $url<br>		 
    USERES MESSAGE: $message";

try this


$text = "User's Name: $name\
" .
    "User's Email: $email\
" .
    "User's TLF: $url\
" .
    "User's Message:\
\
" .
    "$message";

ingenting · May 29, 2013, 4:38pm

Thanks, for reply

$text = "User's Name: $name\
" .
    "User's Email: $email\
" .
    "User's TLF: $url\
" .
    "User's Message:\
\
" .
    "$message";

Why should i use this ? And what does the /n do ?

ingenting · May 29, 2013, 9:54pm

I have read on other forums that empty emails good come from google crawlers - true ?

fretburner · May 29, 2013, 10:05pm

ingenting:

$text = "User's Name: $name\
" .
    "User's Email: $email\
" .
    "User's TLF: $url\
" .
    "User's Message:\
\
" .
    "$message";

Why should i use this ? And what does the /n do ?

The
inserts a line break… it’s what you’d want to do if you’re sending a plain text email, rather than a HTML one.

I’m not aware of GoogleBots triggering email forms… I always thought they didn’t touch forms. In any case, you really should be checking for valid form fields before sending the email.

ingenting · May 31, 2013, 10:35am

“In any case, you really should be checking for valid form fields before sending the email.”

What do you mean by valid form fields ?

ingenting · May 31, 2013, 10:50am

Okay is this then correct ? I have changed “ulr” to “telephone (Tlf)” as i dont need a url from user. Is this also okay ?

<?php
	$email_to = "my@email.com";
	$name = $_POST["name"];
	$email = $_POST["email"];
	$url = $_POST["url"];
	$message = $_POST["message"];
	$text = "User's Name: $name\
" .
    "User's Email: $email\
" .
    "User's TLF: $url\
" .
    "User's Message:\
\
" .
    "$message";
	$headers = "MIME-Version: 1.0" . "\\r\
";
	$headers .= "Content-type:text/html; charset=utf-8" . "\\r\
";
	$headers .= "FROM: <$email>" . "\\r\
";
	mail($email_to, "Message", $text, $headers);
?>

<form action="send.php" id="contact-form" class="simple-form " method="post">
					<div class="one-fourth">
						<fieldset>
							<label><span>* </span>Your name </label>
							<input type="text" class="text requiredField" name="name"/>
						</fieldset>
					</div>
					<div class="one-fourth">
						<fieldset>
							<label><span>* </span>Email </label>
							<input type="text" class="requiredField email" name="email"/>
						</fieldset>
					</div>
					<div class="one-fourth last">
						<fieldset>
							<label>Telephone</label>
							<input type="text" class="url" name="url"/>
						</fieldset>
					</div>
					<div class="three-fourth last">
						<fieldset>
							<label><span>* </span>Your message </label>
							<textarea cols="30" rows="6" class="text requiredField" name="message"></textarea>
						</fieldset>
						<fieldset>
							<input type="submit" value="Send message" class="button small black"/>
						</fieldset>
					</div>
				</form>

fretburner · May 31, 2013, 11:03am

Well, checking that fields like name, email and message aren’t empty, making it impossible to be sent an empty email. Also you probably want to check that the email address is a valid one (i.e. name@domain, and not just random text or something).

ingenting · May 31, 2013, 11:05am

Can you check if the above code is correct ? I would like to check that the email is valid, what could i add to do that ?

captainccs · May 31, 2013, 11:07am

False, provided the email form is properly done. I say this based on ten year’s evidence.

First you must exclude bots with a robots.txt file in your document root, for example:

User-agent: *
Disallow: /cgi-bin/
Disallow: /errors/
Disallow: /images/
Disallow: /contact.php

http://www.robotstxt.org/

Good robots will not touch your contact page. For added security you can include a robot meta tag:

<meta name="robot" content="noindex, nofollow">

Bad and evil robots will try to spam your email form and if you don’t take precautions they will. They could cause empty emails.

I have an email script that has never sent an email from a bad or evil crawler in ten years. It does not send the email directly. Instead of a Submit button it has a Review button which displays the email for preview and editing using Sessions. Bad and evil robots have not yet mastered the fine art of reviewing their SPAM. Since I also record all the accesses to the email form I have their IP addresses and if they are persistent I exclude them from the server altogether.

Please don’t blame good old Googlebot for the harm created by Evilbots.

ingenting · May 31, 2013, 11:11am

captainccs:

False, provided the email form is properly done. I say this based on ten year’s evidence.

First you must exclude bots with a robots.txt file in your document root, for example:
User-agent: *
Disallow: /cgi-bin/
Disallow: /errors/
Disallow: /images/
Disallow: /contact.php
http://www.robotstxt.org/

Good robots will not touch your contact page. For added security you can include a robot meta tag:
<meta name="robot" content="noindex, nofollow">
Bad and evil robots will try to spam your email form and if you don’t take precautions they will. They could cause empty emails.

I have an email script that has never sent an email from a bad or evil crawler in ten years. It does not send the email directly. Instead of a Submit button it has a Review button which displays the email for preview and editing using Sessions. Bad and evil robots have not yet mastered the fine art of reviewing their SPAM. Since I also record all the accesses to the email form I have their IP addresses and if they are persistent I exclude them from the server altogether.

Please don’t blame good old Googlebot for the harm created by Evilbots.

Thanks, so i add this to my robots.txt

User-agent: *
Disallow: send.php

send.php is in root. Should it be :

Disallow: /send.php or Disallow: send.php ?

Could you check if my send.php above is okay ?

fretburner · May 31, 2013, 11:22am

The code seems OK… although I’d put a check around the PHP code so that it only runs once the form has been submitted, not when you first load the page:


if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // your emailing code here
}

As far as validating the email goes, as a start you could use a simple regex pattern - here’s an example function which will return true for valid addresses:


function valid_email($email) {
    regex = "/^[\\S]+@[\\S]+\\.[\\S]+$/"
    return (bool) preg_match($regex, (string) $email);
}

This is just a basic check, it won’t screen out all invalid addresses, but it gets you about 90% of the way there.

fretburner · May 31, 2013, 11:23am

Disallow: /send.php

captainccs · May 31, 2013, 11:24am

Don’t “disallow” the send.php page but the one with the html form. If it is in the document root it would be:

User-agent: *
Disallow: /form.php