Get PHP form to deliver a subject instead of email as subject

Hi everyone,
Frankly, I don’t know PHP. This came with my template but it’s delivery the email as the subject of the mail. How do I make the subject something like “New message from contact form” or the subject variable if subject is in the HTML contact form.

<?php

$mailTo     = 'myemail@myemail.com';

/**

 * Set the message that will be shown on success

 */

$successMsg = 'Thank you, mail sent successfully!';



/**

 * Set the message that will be shown if not all fields are filled

 */

$fillMsg    = 'Please fill all fields!';



/**

 * Set the message that will be shown on error

 */

$errorMsg   = 'Hm.. seems there is a problem, sorry!';

?>

<?php

if(

    !isset($_POST['name']) ||

    !isset($_POST['email']) ||  

    empty($_POST['name']) ||

    empty($_POST['email']) 

) {
	if( empty($_POST['name']) && empty($_POST['email']) ) {

		$json_arr = array( "type" => "error", "msg" => $fillMsg );

		echo json_encode( $json_arr );		

	} else {
		$fields = "";

		if( !isset( $_POST['name'] ) || empty( $_POST['name'] ) ) {

			$fields .= "Name";

		}
		if( !isset( $_POST['email'] ) || empty( $_POST['email'] ) ) {

			if( $fields == "" ) {

				$fields .= "Email";

			} else {

				$fields .= ", Email";
			}
		}	

		$json_arr = array( "type" => "error", "msg" => "Please fill ".$fields." fields!" );

		echo json_encode( $json_arr );		

	}


} else {
	// Validate e-mail

	if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {

		$msg = "Name: ".$_POST['name']."\r\n";

		$msg .= "Email: ".$_POST['email']."\r\n";

		if( isset( $_POST['message'] ) && $_POST['message'] != '' ) { $msg .= "Message: ".$_POST['message']."\r\n"; }		

		$success = @mail($mailTo, $_POST['email'], $msg, 'From: ' . $_POST['name'] . '<' . $_POST['email'] . '>');

		if ($success) {

			$json_arr = array( "type" => "success", "msg" => $successMsg );

			echo json_encode( $json_arr );

		} else {

			$json_arr = array( "type" => "error", "msg" => $errorMsg );

			echo json_encode( $json_arr );

		}		

	} else {

 		$json_arr = array( "type" => "error", "msg" => "Please enter valid email address!" );

		echo json_encode( $json_arr );	
	}
}

Welcome to the forums

This is the statement that is sending the email

@mail($mailTo, $_POST[‘email’], $msg, 'From: ’ . $_POST[‘name’] . ‘<’ . $_POST[‘email’] . ‘>’);

The order of the parameters is

mail(to, subject, message, headers)

so it’s just a question of changing the 2nd parameter.

Sorry to Grinch, but isn’t that script vulnerable to header injection?

1 Like

It most defiantly is.

@jiteomare As Mittineague mention, the code can be hijacked to mass send spam from your server (among other things). I would strongly recommend looking into securing up the code before using it.

Thanks @TheRedDevil and @Mittineague, I’ll look into it.

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.