Error with simple contact form

Elementax · August 19, 2011, 5:02pm

Hello,

Recently, I’ve been trying to get a contact form setup on the website (I found and have been using code I found online since I’m not great with php :()

Anyway, It’s a simple enough form that basically has a dropdown to choose subject, inputs to wite email, name and the message itself. I’ve tested it and it doesn’t send to my emails (I’ve tried more than one).

Anyway, here is the code, maybe it’s a rookie mistake I am just missing?

Html


<form action="contact.php" method="post">
Subject*: <br />
<select id="contactsubject" name="cf_subject">
<option>Site Suggestion</option>
<option>Site Bug or Issue</option>
<option>Other</option>
</select><br />
Your Name*:<br />
<input type="text" name="cf_name" id="namebar" /> <br />
Your E-Mail*:<br />
<input type="text" name="cf_email" id="mailbar" /> <br />
Message (Please be descriptive):<br />
<textarea name="cf_detail" rows="5" cols="70" id="textspace"></textarea><br />
<input type="submit" value="Send" />
<input type="reset" value="Clear" id="clearinput" />
</form>

And the contact.php file


<?php
$field_name = $_POST['cf_name'];
$field_email = $_POST['cf_email'];
$field_message = $_POST['cf_detail'];

$mail_to = 'syntax1231@hotmail.com';
$subject = 'cf_subject'.$field_name;

$body_message = 'From: '.$field_name."\
";
$body_message .= 'E-mail: '.$field_email."\
";
$body_message .= 'Message: '.$field_message;

$headers = 'From: '.$cf_email."\\r\
";
$headers .= 'Reply-To: '.$cf_email."\\r\
";

$mail_status = mail($mail_to, $subject, $body_message, $headers);

if ($mail_status) { ?>
	<script language="javascript" type="text/javascript">
		alert('Thank you for the message. Please give us some time to review the message and you will be contacted shortly.');
		window.location = 'index.html';
	</script>
<?php
}
else { ?>
	<script language="javascript" type="text/javascript">
		alert('Message failed. Please post issue on the forums for correction!);
		window.location = 'index.html';
	</script>
<?php
}
?>

Please let me know if it is simply a small mistake, or anything you can think of because I’ve tried multiple stuff and it simply doesn’t work.

Elementax

tamilsuresh · August 19, 2011, 5:08pm

Can you please comment below line in contact.php and check it out.

$body_message = 'From: '.$field_name."
";

Elementax · August 19, 2011, 6:19pm

Not really sure what you’re asking / saying

Elementax

rguy84 · August 19, 2011, 6:39pm

Element you are setting the mail function to a variable but do not do anything with it. Try


if ($mail_status) { ?>
	<script language="javascript" type="text/javascript">
		alert('Thank you for the message. Please give us some time to review the message and you will be contacted shortly.');
		window.location = 'index.html';
	</script>
<?php
[B]  echo $mail_status;[/B]
}
else { ?>

Hammer65 · August 19, 2011, 7:06pm

Look up mail injection as well because this code is vulnerable to it.

Elementax · August 19, 2011, 7:23pm

Ah thanks for the heads up, that was one of my worries, as well as spam. Do you happen to know of any resources online that provide a contact form (preferably free) that stops spam and mail injection? I’ll continue to look for one, however.

Element

P.S I believe I could just use recaptcha or something similar to prevent spam, is this correct?

rguy84 · August 19, 2011, 7:43pm

The best way and most accessible way to stop spam is two fold, ask a logic question and/or provide hidden fields.

A good sample of a question is How does snow feel?

As for the hidden fields, only spam bots see these, so before you process the values, see if the hidden field is empty or not.

Elementax · August 19, 2011, 7:48pm

Thanks for the response, but I’m not so sure how I would go about coding that, as I am fairly new to PHP, any tips? In addition, would reCAPTCHA work instead of a logic question?

Thanks again

Element

rguy84 · August 19, 2011, 7:56pm

Know how you do regular input fields?


<label for="logic"><strong>Logic Question:</strong> How does snow feel?</label> <input id="logic" name="logic">


<?php
 $logic = strtolower($_POST['logic']);
if($logic === "cold"){
// process the form
}else{
 echo "try again"; //then link to the form
}?>

Elementax · August 19, 2011, 8:18pm

rguy84:

Know how you do regular input fields?


<label for="logic"><strong>Logic Question:</strong> How does snow feel?</label> <input id="logic" name="logic">


<?php
 $logic = strtolower($_POST['logic']);
if($logic === "cold"){
// process the form
}else{
 echo "try again"; //then link to the form
}?>

Ah thanks a ton, so provided I use a logic question, it should reduce / eliminate the possibility of mail injection seeing as most of them are bots? Correct?

Element

rguy84 · August 19, 2011, 8:29pm

It should reduce spam. Not neccessiarly for injections. There has been tons of threads about injection here - do a search

Topic		Replies	Views
Website Contact Form not working, clueless about any error PHP	4	478	June 19, 2010
Simple php for contact form, a couple of simple q's PHP	5	750	March 13, 2011
Contact Form Not Working PHP	5	618	August 24, 2011
Trouble contact email form for a website PHP	16	1874	September 27, 2017
PHP to send message from a form PHP	13	1867	May 14, 2016

Error with simple contact form

Related topics