TheDemoSite.co.uk  sample code: ASP and MySQL - PHP and MySQL - phpFormMailer - ASP Contact form   PHP code examples with database connectivity

PHP code examples with database connectivity
 phpFormMailer


PHP mail form - secure and easy to implement - phpFormMailer source code

PHP code examples with database connectivity

phpFormMailer v2.7 - last updated 25th Nov 2014
Source code
- its free to use, modify/enhance in anyway you like, all we ask is you leave the reference to thedemosite.co.uk - Thanks!
Just two files to create from the HTML and PHP code below (your host will need to support PHP! Try here for PHP hosting or if you need to host several domain names then try Reseller hosting business both of which fully support PHP mail and provide webmail).

Copy the HTML below and save as: or download the free zip
contact.html

<html>
<head>
<!-- phpFormMailer v2.7 - last updated 25th Nov 2014 -->
<title>PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi form
mailers)</title>
<style>
BODY{color:#000000; font-size: 8pt; font-family: Verdana}
.button {background-color: rgb(128,128,128); color:#ffffff; font-size: 8pt;}
.inputc {font-size: 8pt;}
.style3 {font-size: xx-small}
</style>
</head>
<body>
<form name="phpformmailer" action="contact_process.php" align="center" method="post">
  <div align="center"><center><table bgcolor="#F2F2F2" width="742" cellspacing="6">
    <tr>
      <td width="162"><strong>Contact Us</strong></td>
      <td width="556"><span class="style3">Protected by: <a
      href="/phpformmailer/" title="phpFormMailer - easy to use and setup PHP form mailer">phpFormMailer</a> the freely available PHP form mailer</span></td>
    </tr>
    <tr>
      <td align="right" width="162"><small>Your name:</small></td>
      <td width="556"><font face="Arial">
      <input class="inputc" size="50" name="name">
      <input type="hidden" name="block_spam_bots" value="1">
      </font></td>
    </tr>
    <tr>
      <td align="right" width="162"><font color="#000080" size="1">*</font><small> Your email
      address:</small></td>
      <td align="left" width="556"><font face="Arial"><input class="inputc" size="50"
      name="email">
      </font></td>
    </tr>
    <tr align="middle">
      <td align="right" width="162"><font color="#000080" size="1">*</font><small> Confirm email
      address:</small></td>
      <td width="556" align="left"><font face="Arial"><input class="inputc" size="50"
      name="email2">
      </font></td>
    </tr>
    <tr>
      <td align="right" width="162"><font color="#000080" size="1">*</font><small> Subject:</small></td>
      <td width="556"><font face="Arial"><input class="inputc" size="60" name="thesubject">
      </font></td>
    </tr>
    <tr>
      <td align="right" width="162">&nbsp;
        <p><font color="#000080" size="1">*</font><small> Your
      request or query:</small></td>
      <td width="556"><textarea style="FONT-SIZE: 10pt" name="themessage" rows="7" cols="60"></textarea>
        <a href="/phpformmailer/"  title="phpFormMailer - easy to use and setup PHP form mailer"> </a></td>
    </tr>
    <tr>
      <td width="162"></td>
      <td width="556"><p>
        <input type="button" class="button"
      value="Send" name="B1" ONCLICK="javascript:validateForm()">
          <small> <small>You must fill in
        the fields marked with a *</p>
        </td>
    </tr>
  </table>
      <p>&nbsp;</p>
      <p>&nbsp;</p>
      <p>&nbsp;</p>
      <p>&nbsp;</p>
      <p>&nbsp;</p>
      <p><span class="style3">Protected by: <a
      href="/phpformmailer/" title="phpFormMailer - easy to use and setup PHP form mailer">phpFormMailer</a> the freely available PHP form mailer</span></p>
  </center></div>
</form>

<script language="JavaScript"><!--
function validateForm() 
{
 var okSoFar=true
 with (document.phpformmailer)
 {
  var foundAt = email.value.indexOf("@",0)
  if (foundAt < 1 && okSoFar)
  {
    okSoFar = false
    alert ("Please enter a valid email address.")
    email.focus()
  }
  var e1 = email.value
  var e2 = email2.value
  if (!(e1==e2) && okSoFar)
  {
    okSoFar = false
    alert ("Email addresses you entered do not match.  Please re-enter.")
    email.focus()
  }
  if (thesubject.value=="" && okSoFar)
  {
    okSoFar=false
    alert("Please enter the subject.")
    thesubject.focus()
  }
  if (themessage.value=="" && okSoFar)
  {
    okSoFar=false
    alert("Please enter the details for your enquiry.")
    themessage.focus()
  }
  if (okSoFar==true)  
  {
   block_spam_bots.value=4*3;//spam bots currently can not read JavaScript, if could then they'd fail the maths!
   submit();                  // do check for updatea often at:  TheDemoSite.co.uk 
  } 
 }
}
// --></script>
</body>
</html>


Also copy the PHP below and save as:
contact_process.php
Ensure you change, as required, the variables: $valid_ref1, $valid_ref2 and $replyemail


<?php
/* PHP Form Mailer - easy, secure form mail:
  phpFormMailer v2.7

 last updated 25th Nov 2014 - check back often for updates!
     (easy to use and more secure than many cgi form mailers) FREE from:

                  TheDemoSite.co.uk

      Should work fine on most Unix/Linux platforms
      for a Windows version see: asp.thedemosite.co.uk
*/

// ------- three variables you MUST change below  -------------------------------------------------------
$replyemail="[email protected]"//change to your email address
$valid_ref1="http://thedemosite.co.uk/contact.html"//chamge to your domain name
$valid_ref2="http://thedemosite.co.uk/contact.html"//chamge to your domain name

// -------- No changes required below here -------------------------------------------------------------
//
// email variable not set - load $valid_ref1 page
if (!isset($_POST['email'])){
    echo 
"<script language=\"JavaScript\"><!--\n ";
    echo 
"top.location.href = \"$valid_ref1\"; \n// --></script>";
    exit;
}
//check provided email address is VALID.
if(filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)==FALSE ){
    echo 
"<script language=\"JavaScript\"><!--\n alert(\"ERROR - email address provided is invalid.\\n\\n\");\n";
    echo 
"top.location.href = \"$valid_ref1\"; \n// --></script>";
    exit;
}
$ref_page=$_SERVER["HTTP_REFERER"];
$valid_referrer=0;
if(
$ref_page==$valid_ref1$valid_referrer=1;
elseif(
$ref_page==$valid_ref2$valid_referrer=1;
if((!
$valid_referrer) OR ($_POST["block_spam_bots"]!=12))//you can change this but remember to change it in the contact form too
{
 echo 
'<h2>ERROR - not sent.';
 if (
file_exists("debug.flag")) echo '<hr>"$valid_ref1" and "$valid_ref2" are incorrect within the file:<br>
                                      contact_process.php <br><br>On your system these should be set to: <blockquote>
                                                                          $valid_ref1="'
.str_replace("www.","",$ref_page).'"; <br>
                                                                          $valid_ref2="'
.$ref_page.'";
                                                                          </blockquote></h2>Copy and paste the two lines above
                                                                          into the file: contact_process.php <br> (replacing the existing variables and settings)'
;
 exit;
}

//check user input for possible header injection attempts!
function is_forbidden($str,$check_all_patterns true)
{
 
$patterns[0] = '/content-type:/';
 
$patterns[1] = '/mime-version/';
 
$patterns[2] = '/multipart/';
 
$patterns[3] = '/Content-Transfer-Encoding/';
 
$patterns[4] = '/to:/';
 
$patterns[5] = '/cc:/';
 
$patterns[6] = '/bcc:/';
 
$forbidden 0;
 for (
$i=0$i<count($patterns); $i++)
  {
   
$forbidden preg_match($patterns[$i], strtolower($str));
   if (
$forbidden) break;
  }
 
//check for line breaks if checking all patterns
 
if ($check_all_patterns AND !$forbidden$forbidden preg_match("/(%0a|%0d|\\n+|\\r+)/i"$str);
 if (
$forbidden)
 {
  echo 
"<font color=red><center><h3>STOP! Message not sent.</font></h3><br><b>
        The text you entered is forbidden, it includes one or more of the following:
        <br><textarea rows=9 cols=25>"
;
  foreach (
$patterns as $key => $value) echo trim($value,"/")."\n";
  echo 
"\\n\n\\r</textarea><br>Click back on your browser, remove the above characters and try again.
        </b><br><br><br><br>Thankfully protected by phpFormMailer freely available from:
        <a href=\"http://thedemosite.co.uk/phpformmailer/\">http://thedemosite.co.uk/phpformmailer/</a>"
;
  exit();
 }
}

foreach (
$_REQUEST as $key => $value//check all input
{
 if (
$key == "themessage"is_forbidden($valuefalse); //check input except for line breaks
 
else is_forbidden($value);//check all
}

$name $_POST["name"];
$email $_POST["email"];
$thesubject $_POST["thesubject"];
$themessage $_POST["themessage"];

$success_sent_msg='<p align="center"><strong>&nbsp;</strong></p>
                   <p align="center"><strong>Your message has been successfully sent to us<br>
                   </strong> and we will reply as soon as possible.</p>
                   <p align="center">A copy of your query has been sent to you.</p>
                   <p align="center">Thank you for contacting us.</p>'
;

$replymessage "Hi $name

Thank you for your email.

We will endeavour to reply to you shortly.

Please DO NOT reply to this email.

Below is a copy of the message you submitted:
--------------------------------------------------
Subject: 
$thesubject
Query:
$themessage
--------------------------------------------------

Thank you"
;

$themessage "name: $name \nQuery: $themessage";
mail("$replyemail",
     
"$thesubject",
     
"$themessage",
     
"From: $email\nReply-To: $email");
mail("$email",
     
"Receipt: $thesubject",
     
"$replymessage",
     
"From: $replyemail\nReply-To: $replyemail");
echo 
$success_sent_msg;
/*
  PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi form mailers)
   FREE from:

    TheDemoSite.co.uk       */
?>

When you have created the two files (contact.html and contact.php) upload to your web site into the root folder (or into a sub folder of your choice, changing the $valid_ref1 and $valid_ref2 variables as appropriate).

Note that it is easier to download the free zip than faff about creating the above files.


TheDemoSite.co.uk is a MySQL database, PHP and phpFormMailer FREE code example site hosted at:
UK hosting and DNS management for AC.UK and GOV.UK domain names - Seiretto Ltd
Copyright© 1996-2015.  All rights reserved.