PDA

View Full Version : send a mail from your website


edbr
05-11-2015, 04:03 AM
here is a simple form that will send a mail to you from a page on your web site.
First a form using some html5 validation that will show errors when you submit.
I have made some fields required, email and url will be validated
the action is set to send.php where the mail sending script will reside.

<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Contact</title>
<style>
#form{
position:relative;
width: 500px;
margin:0 auto;
}
label {
float:left;
clear:left;
}
input[type="text"], [type="url"], [type="email"]{
float:left;
color: #555 ;
width: 70%;
border: 1px solid #e5e5e5;
background: #fbfbfb;
height: 25px;
}
.textarea{
float:left;
height:100px;
width: 70%;
}

</style>
</head>
<body>
<div id="form">
<form action="send.php" method="post">
<fieldset>
<label for="name">Name:</label>
<input id="name" name="name" type="text" required
placeholder=" Your name" >
</fieldset>
<fieldset>
<label >Email:</label>
<input type="email" id="email" name="email" placeholder="me@mymail.com" required >
</fieldset>
<fieldset>

<label>Website:</label>
<input type="url" id="website" name="website" placeholder=" http://mysite.com" required >
</fieldset>
<fieldset>
<label>Message</label>
<textarea class="textarea" name="Message" id="Message" ></textarea>
</fieldset>
<fieldset>
<input type="submit" name="Submit" value="Submit"> <input name="reset" type="reset">
</fieldset>
</form>
</div>
</body>
</html>

now to send this php is required. the below script will firstly check that included in the $_POST array is $_POST[' Submit '] this has been named as the submit button in your form.
there is a var named $th_url that is the url redirect that the visitor will be directed to after a successful submission, with no errors.
send.php
<?php

if (isset($_POST['Submit']) && $_POST['name'] != "") {
$th_url= "thankyou.html"; // modify to page redirect after mail succsessfully sent

if ($_POST['name'] != "") {
$_POST['name'] = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
if ($_POST['name'] == "") {
$errors .= 'Please enter a valid name.<br/><br/>';
}
} else {
$errors .= 'Please enter your name.<br/>';
}

if ($_POST['email'] != "") {
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors .= "$email is <strong>NOT</strong> a valid email address.<br/><br/>";
}
} else {
$errors .= 'Please enter your email address.<br/>';
}

/* Validating web address in form field ********************************************** */

if ($_POST['website'] != "") {
$website = filter_var($_POST['website'], FILTER_SANITIZE_URL);
if (!filter_var($website, FILTER_VALIDATE_URL)) {
$errors .= "$website is <strong>NOT</strong> a valid URL.<br/><br/>";
}
} else {
$errors .= 'Please enter your home page.<br/>';
}
/* end Validating web address in form field ********************************************** */


if ($_POST['Message'] != "") {
$_POST['Message'] = filter_var($_POST['Message'], FILTER_SANITIZE_STRING);
if ($_POST['Message'] == "") {
$errors .= 'Please enter a message to send.<br/>';
}
} else {
$errors .= 'Please enter a message to send.<br/>';
}

if (!$errors) {
$to = 'me@somewhere.com';
$subject = 'New Mail from ' . $_POST['email'];
$message = 'From: ' . $_POST['name'] . "\n";
$message .= 'Email from: ' . $_POST['email'] . "\n";
$message .= "Message:\n" . $_POST['Message'] . "\n\n";
mail($to, $subject, $message);


header("Location: $th_url");

} else {
echo '<div style="color: red">' . $errors . '<br/></div>';
}
}
?>


as you can see the data is validated server side . this is the true validation as html5 or java script is only 'helper' validation not secure validation.

i intend to extend this with some more examples as anti spam , time permitting

d a v e
05-11-2015, 07:11 AM
Ed - just trying this out but feel i'm missing something really obvious...
tried it locally in mamp and it allegedly sent, got to the thank you page but it simply doesn't arrive at my email. uploaded it to http://gekkoweb.com/hl2015/form.html and still no joy.

i removed the web site field from the form and the send.php
i used my email address and plugged it in here:

if (!$errors) {
$mail_to = 'gekkoweb@gmail.com';
$subject = 'New Mail from ' . $_POST['email'];
$message = 'From: ' . $_POST['name'] . "\n";
$message .= 'Email from: ' . $_POST['email'] . "\n";
$message .= "Message:\n" . $_POST['Message'] . "\n\n";
mail($to, $subject, $message);


I suspect that this is where i'm going wrong
"the action is set to send.php where the mail sending script will reside" - so my cgi bin or ???

this is really useful because for a while now i've been looking for a simple form like this but there's so much crud on the net finding something decent and made in the last 10 years :) also i was a bit embarassed to ask before... ;)

edbr
05-11-2015, 07:28 AM
id better test it, ime prone to rushinhg :) usingh a local setup you need a real stmp server . i use a tool called test sender from http://www.toolheap.com/test-mail-server-tool/. it saves the email a s a file . not sure of a apple or linux version though.
As for path the setup is for the form p[age and mailsending form to be in the same directory, another opyion is toset the action to itself action=" " and paste the php code at the page starht before the html

edbr
05-11-2015, 07:36 AM
yup its me

$mail_to = 'me@somewhere.com';
should read
$to = 'me@somewhere.com';

edbr
05-11-2015, 07:43 AM
I just edited it and tested live and all is ok. Sorry about that :).and Dave feel free to emaiol me if you are embarassed though there is no need to be :)

d a v e
05-11-2015, 07:58 AM
yep all works now, thanks.

embarassed because i've been doing this a long time and i should know how to do it by now, though i've never learnt php...

one more quick qestion for my benefit and anyone else using this thread: where you have

// modify to page redirect after mail succsessfully sent

after taking the user to the thankyou page, could you detail the redirect bit for us? or is it a better to just provide the user with a normal link back to the homepage?

look froward to the antispam ;)

edbr
05-11-2015, 08:02 AM
i would say that depends. f'rinstance, on a job site i redirect back to the new jobs on others a thank you page with various link options, or sometimes the index page

edbr
05-11-2015, 08:05 AM
i will post a version with html and an anti spam 'honey trap' tomorrow

edbr
05-11-2015, 08:35 AM
ok this adds a couple of things to include a honey-pot or honey trap.
in essence, it is a form that should not get filled in. if your site is being spammed by a bot it will with luck fill in the field. the receiving php script will not allow the mail then to be sent. it is pretty effective , although not foolproof but then i have not found any way that is 100% effective, even captchas which can be used as well as a honey trap.

ok the form adds a field, in this case i have called it myrealname .
I have also added a css class that will not allow the input to be shown. This can be removed or commented out while testing if you want
.robotic { display: none; }

so the code


<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Contact</title>
<style>
#form{
position:relative;
width: 500px;
margin:0 auto;
}
label {
float:left;
clear:left;
}
input[type="text"], [type="url"], [type="email"]{
float:left;
color: #555 ;
width: 70%;
border: 1px solid #e5e5e5;
background: #fbfbfb;
height: 25px;
}
.textarea{
float:left;
height:100px;
width: 70%;
}
.robotic { display: none; }
</style>
</head>
<body>
<div id="form">
<form action="" method="post">
<fieldset>
<label for="name">Name:</label>
<input id="name" name="name" type="text" required
placeholder=" Your name" >
</fieldset>
<fieldset>
<label >Email:</label>
<input type="email" id="email" name="email" placeholder="me@mymail.com" required >
</fieldset>
<fieldset>

<label>Website:</label>
<input type="url" id="website" name="website" placeholder=" http://mysite.com" required >
</fieldset>
<fieldset>
<label>Message</label>
<textarea class="textarea" name="Message" id="Message" ></textarea>
</fieldset>
<fieldset>
<input class="robotic" type="text" name="myrealname" id="myrealname">
<input type="submit" name="Submit" value="Submit"> <input name="reset" type="reset">
</fieldset>

</form>
</div>
</body>
</html>

now the php will be modified to include the part that exits the script after telling the spammer to naff off!

<?php
$machine = $_POST['myrealname'];
if ($machine != "")
{ echo 'naff off spammer';
exit(); //if a spambot filled out the "machine"
//field, we don't proceed
}
else{


if (isset($_POST['Submit']) && $_POST['name'] != "") {

$th_url= "thankyou.html"; // modify to page redirect after mail succsessfully sent

if ($_POST['name'] != "") {
$_POST['name'] = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
if ($_POST['name'] == "") {
$errors .= 'Please enter a valid name.<br/><br/>';
}
} else {
$errors .= 'Please enter your name.<br/>';
}

if ($_POST['email'] != "") {
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors .= "$email is <strong>NOT</strong> a valid email address.<br/><br/>";
}
} else {
$errors .= 'Please enter your email address.<br/>';
}

/* Validating web address in form field ********************************************** */

if ($_POST['website'] != "") {
$website = filter_var($_POST['website'], FILTER_SANITIZE_URL);
if (!filter_var($website, FILTER_VALIDATE_URL)) {
$errors .= "$website is <strong>NOT</strong> a valid URL.<br/><br/>";
}
} else {
$errors .= 'Please enter your home page.<br/>';
}
/* end Validating web address in form field ********************************************** */


if ($_POST['Message'] != "") {
$_POST['Message'] = filter_var($_POST['Message'], FILTER_SANITIZE_STRING);
if ($_POST['Message'] == "") {
$errors .= 'Please enter a message to send.<br/>';
}
} else {
$errors .= 'Please enter a message to send.<br/>';
}

if (!$errors) {
$to = 'me@gmail.com';
$subject = 'New Mail from ' . $_POST['email'];
$message = 'From: ' . $_POST['name'] . "\n";
$message .= 'Email from: ' . $_POST['email'] . "\n";
$message .= "Message:\n" . $_POST['Message'] . "\n\n";
mail($to, $subject, $message);


header("Location: $th_url");

} else {
echo '<div style="color: red">' . $errors . '<br/></div>';
}
}
}
?>

d a v e
05-11-2015, 09:54 AM
that's great ed, thanks loads. will have a look at that later today ;)

d a v e
05-12-2015, 12:44 PM
hmm - put in the new html and php and used my email address http://gekkoweb.com/hl2015/form.html but now when i fill it in and press submit it simply refreshes the form or empties it. no email arrives, it isn't redirected to the thank you page. no error message

edbr
05-12-2015, 02:03 PM
Thats odd.ill check in the morning when i get in the office. I did test it live this time so im not sure at the moment

d a v e
05-12-2015, 02:11 PM
probably me then ;) i'll try it again when i get time and let you know ;)

d a v e
05-12-2015, 02:15 PM
tried again - copy and pasted you code and only modifed the email (to mine) same thing. form just resets

edbr
05-13-2015, 01:15 AM
sorry Dave the error is at the form i suspect, when i tested this i used as a one page, ie the php block above the html code. i then just split it and posted separately.
I retested it today and it is working. BTW to debug change in the form
<input class="robotic" type="text" name="myrealname" id="myrealname">

to <input class="robotic" type="text" name="myrealname" id="myrealname" value="anything">


that should kill the script as if a spambot filled the form

d a v e
05-13-2015, 04:32 AM
not sure i understand - changed that line and it still doesn't work - did you mean something else?

edbr
05-13-2015, 04:47 AM
ok im rambling again. on your form you have send.php as the action so are you changing the php in send.php?
in any case here it is again but as one page, so it calls itself once submitted. this definitely works this time it sends an html mail. give it a whirl

<?php
$machine = $_POST['myrealname'];
if ($machine != "")
{ echo 'naff off spammer';
exit(); //if a spambot filled out the "machine"
//field, we don't proceed
}
else{


if (isset($_POST['Submit']) && $_POST['name'] != "") {

$th_url= "thankyou.html"; // modify to page redirect after mail succsessfully sent

if ($_POST['name'] != "") {
$_POST['name'] = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
if ($_POST['name'] == "") {
$errors .= 'Please enter a valid name.<br/><br/>';
}
} else {
$errors .= 'Please enter your name.<br/>';
}

if ($_POST['email'] != "") {
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors .= "$email is <strong>NOT</strong> a valid email address.<br/><br/>";
}
} else {
$errors .= 'Please enter your email address.<br/>';
}

/* Validating web address in form field ********************************************** */

if ($_POST['website'] != "") {
$website = filter_var($_POST['website'], FILTER_SANITIZE_URL);
if (!filter_var($website, FILTER_VALIDATE_URL)) {
$errors .= "$website is <strong>NOT</strong> a valid URL.<br/><br/>";
}
} else {
$errors .= 'Please enter your home page.<br/>';
}
/* end Validating web address in form field ********************************************** */


if ($_POST['Message'] != "") {
$_POST['Message'] = filter_var($_POST['Message'], FILTER_SANITIZE_STRING);
if ($_POST['Message'] == "") {
$errors .= 'Please enter a message to send.<br/>';
}
} else {
$errors .= 'Please enter a message to send.<br/>';
}

if (!$errors) {
$to = 'myemail@gmail.com';
$subject = 'New Mail from ' . $_POST['email'];

$headers = "From: " . strip_tags($to) . "\r\n";
$headers .= "Reply-To: ". strip_tags($to) . "\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

$message = '<html><body>';

$message .= '<table width="100%"; style="border:1px solid #3A5896;" cellpadding="10">';
$message .='<tr><td>'. 'From: ' . $_POST['name']. '</td></tr>';
$message .= '<tr><td >'.'Email from: ' . $_POST['email'] . ' </td></tr>';
$message .= '<tr><td >'."Message:\n" . $_POST['Message'] . ' </td></tr>';
$message .= "</table>";

$message .= "</body></html>";

mail($to, $subject, $message, $headers );


header("Location: $th_url");

} else {
echo '<div style="color: red">' . $errors . '<br/></div>';
}
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Contact</title>
<style>
#form{
position:relative;
width: 500px;
margin:0 auto;
}
label {
float:left;
clear:left;
}
input[type="text"], [type="url"], [type="email"]{
float:left;
color: #555 ;
width: 70%;
border: 1px solid #e5e5e5;
background: #fbfbfb;
height: 25px;
}
.textarea{
float:left;
height:100px;
width: 70%;
}
.robotic { display: none; }
</style>
</head>
<body>
<div id="form">
<form action="" method="post">
<fieldset>
<label for="name">Name:</label>
<input id="name" name="name" type="text" required
placeholder=" Your name" >
</fieldset>
<fieldset>
<label >Email:</label>
<input type="email" id="email" name="email" placeholder="me@mymail.com" required >
</fieldset>
<fieldset>

<label>Website:</label>
<input type="url" id="website" name="website" placeholder=" http://mysite.com" required >
</fieldset>
<fieldset>
<label>Message</label>
<textarea class="textarea" name="Message" id="Message" ></textarea>
</fieldset>
<fieldset>
<input class="robotic" type="text" name="myrealname" id="myrealname" >
<input type="submit" name="Submit" value="Submit"> <input name="reset" type="reset">
</fieldset>

</form>
</div>
</body>
</html>

edbr
05-13-2015, 04:51 AM
acctually i just tested your fornm and it retured the error please enter home page which is not on the form.

the validaytion for that is

/* Validating web address in form field ********************************************** */

if ($_POST['website'] != "") {
$website = filter_var($_POST['website'], FILTER_SANITIZE_URL);
if (!filter_var($website, FILTER_VALIDATE_URL)) {
$errors .= "$website is <strong>NOT</strong> a valid URL.<br/><br/>";
}
} else {
$errors .= 'Please enter your home page.<br/>';
}

its not my favorite as it must include http:// and i think that can be a problem. you can remove or comment that out if you choose

edbr
05-13-2015, 04:57 AM
ok i put it online and sent using your email address , have a look in your inbox. ill delete it soon :)

d a v e
05-13-2015, 06:10 AM
nothing in my inbox or spam folder :( for gekkoweb@gmail.com

edbr
05-13-2015, 06:38 AM
hm ill send again with cc to me hold the phone :)

edbr
05-13-2015, 06:44 AM
ok sent now and i got it (albeit in spam) in a gmail address chk our inbox again

d a v e
05-13-2015, 07:41 AM
nope still nothing. sent you an email from my gmail to test that our emails are working at least ;)

edbr
05-13-2015, 07:44 AM
ok you send me the code by email that you have and ill check it/ i have tested and retested and i get the mail everytime, im starting to suspect gmail so ill but im using it also

Ali raja
10-16-2015, 07:06 AM
got lots of knowledge through this thread. looking forward to learn more.

Duncan3
01-14-2016, 08:01 AM
Great thread, helped me a lot.:smile: Thank you.

BPhoenixCreate
12-13-2016, 03:52 AM
Yeah, I have a tendency to use a php mailer. Not sure why I prefer that...that is just the first method I learned.

edbr
12-15-2016, 01:34 AM
question of preference. also swift mailer and Pear are common preferences