PDA

View Full Version : Formmail


blimp
08-26-2009, 12:34 AM
I've attached the below PHP code to my email form but for some reason when I receive emails it doesn't show a subject.

Any reason why?

<?php

$emailSubject = 'EMAIL_FORM_SUBJECT';
$webMaster = 'my_email_address.com';

$nameField = $_POST['name'];
$emailField = $_POST['email'];
$phoneField = $_POST['phone'];
$howField = $_POST['how'];
$dateField = $_POST['date'];
$serviceField = $_POST['service'];
$methodField = $_POST['method'];
$messageField = $_POST['message'];

$body = <<<EOD
<br><hr><br>
Name: $nameField <br><br>
Email: $emailField <br><br>
Phone: $phoneField <br><br>
How did you hear about us: $howField <br><br>
Wedding Date: $dateField <br><br>
Service Type: $serviceField <br><br>
Preferred Contact Method: $methodField <br><br>
Message: $messageField <br><br>
EOD;

$headers = "From: $emailField\r\n";
$headers .= "Content-type: text/html\r\n";
$success = mail($webMaster, $emailsubject, $body, $headers);

$theResults = <<<EOD


<!--ADD THANK YOU PAGE HERE -->


EOD;
echo "$theResults";

?>


Below is the layout I receive from the above code:


From:
Date:
To:

_______________________________________

Name:
Email:
Phone:
How did you hear about us:
Wedding Date:
Service Type:
Preferred Contact Method:
Message:

edbr
08-27-2009, 01:34 AM
try $emailSubject = "EMAIL_FORM_SUBJECT";

blimp
08-28-2009, 02:23 AM
Thanks edbr....

I've been told the PHP code I'm using is not secure and that I shouldn't be using it for commercial use.

I've been digging around the net and found this free open source formmail script from tectite.com

I'm not sure if you can help me on this one, but I'm experiencing an error message when I try testing it.

Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING, expecting ')' in /home/myDomain/public_html/formtest/formmail.php on line 253

Any idea why?


The instructions on the formmail say:

1. Edit this file and set TARGET_EMAIL for your requirements (near
* line 246 in this file - replace "yourhost\.com" with your mail server's
* name). We also strongly recommend you set DEF_ALERT (the next
* configuration below TARGET_EMAIL).

2. Install this file as formmail.php (or other name ending in .php)
* on your web server.
* Test alerts by using your browser to open a URL to the script:
* http://www.yourhost.com/formmail.php?testalert=1
* Alerts are the only way FormMail can tell you the details of
* errors or faults.

3. Create an HTML form and:
* - specify a hidden field called "recipients" with the email address
* of the person to receive the form's results.
* - in the your form tag set the action attribute to
* the formmail.php you uploaded to your web server


Point 1:
What I've done is the following:

$TARGET_EMAIL = array(EMAIL_NAME."^myName@myDomainName\.com\.au$"" );

/* Help: http://www.tectite.com/fmdoc/def_alert.php */
define("DEF_ALERT","myName@myDomainName.com.au");

Point 2:
I uploaded the PHP file on my website server in a folder: /formtest/formmail.php

Point 3:
As suggested I added the hidden field in my form code:

<form method="post" action="http://myDomainName.com.au/formtest/formmail.php" name="SampleForm">
<input type="hidden" name="env_report" value="REMOTE_HOST,REMOTE_ADDR,HTTP_USER_AGENT,AUT H_TYPE,REMOTE_USER" />
<!-- STEP 2: Put your email address in the 'recipients' value. Note that you also have to allow this email address in the $TARGET_EMAIL setting within formmail.php! -->
<input type="hidden" name="recipients" value="myName@myDomainName.com.au" />
<!-- STEP 3: Specify required fields in the 'required' value -->
<input type="hidden" name="required" value="email: myName@myDomainName.com.au,realname:myName" />
<!-- STEP 4: Put your subject line in the 'subject' value. -->
<input type="hidden" name="subject" value="Sample FormMail Testing" />

edbr
08-28-2009, 02:52 AM
i seem to remember , though im not certain that there is s a frequent problem with tectite mail form , or at least difficulty in applying it.
there is a site that evaluates and reports insecure mial scrpts but i forget the URL. I believe franks mailform is regarded safe, though best to yahoogle. Actually i dont like the hidden fields showing your email address in this one as im sure that can be harvested and result in a lot of spam.