Problem with a contact me php form. Anyone look please?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


I know next to nothing about PHP, and to be honest I don't need to
learn it.  I just need a simple form to work.  Can anyone look at it
for me?

I have downloaded a freebie php script for a spam free email contact
form.  This is where it came from...

I have butchered it slightly, but not the basic code, just the excess
table stuff. The problem is that a valid email address I entered as a
test returns as invalid. Can anyone tell me if the script is any good
and worth persevering with or is there better somewhere? I don't mind
the inbox filling up with tests if you should so fancy! :)

You will find my version at on the contact link.
Ah, just thought.  You won't see the code as it will be processed
first. I'll paste it at the end.

OK, here I go again, off to the land of nod. 14 past 11 at night.

Thanks all. G'night.

if (isset($_POST["op"]) && ($_POST["op"]=="send")) {

/* ******* START OF CONFIG SECTION ****** */

  $sendto  = "info [alpha tango] thermachek  (delta oscar tango) com";

// I messed up this address just for usenet.  It's not like this on my
// site.

  $subject = "Email from Thermachek website";

// Select if you want to check form for standard spam text

  $SpamCheck = "Y"; // Y or N

  $SpamReplaceText = "*content removed*";

// Error message printed if spam form attack found

$SpamErrorMessage = "<p align=\"center\"><font color=\"red\">Malicious
code content detected.

</font><br><b>Your IP Number of <b>".getenv("REMOTE_ADDR")."</b> has
been logged.</b></p>";

/* ******* END OF CONFIG SECTION ****** */
  $name = $HTTP_POST_VARS['name'];
  $email = $HTTP_POST_VARS['email'];
  $message = $HTTP_POST_VARS['message'];
  $headers = "From: $email\n";
  $headers . "MIME-Version: 1.0\n"
           . "Content-Transfer-Encoding: 7bit\n"
           . "Content-type: text/html;  charset =
if ($SpamCheck == "Y") {          
// Check for Website URL's in the form input boxes as if we block
website URLs from the form,
// then this will stop the spammers wastignt ime sending emails
if (preg_match("/http/i", "$name")) {echo "$SpamErrorMessage";
if (preg_match("/http/i", "$email")) {echo "$SpamErrorMessage";
if (preg_match("/http/i", "$message")) {echo "$SpamErrorMessage";

// Patterm match search to strip out the invalid charcaters, this
prevents the mail injection spammer
  $pattern = '/(;|\||`|>|<|&|^|"|'."\n|\r|'".'||[|]|\)|\()/i'; //
build the pattern match string
  $name = preg_replace($pattern, "", $name);
  $email = preg_replace($pattern, "", $email);
  $message = preg_replace($pattern, "", $message);

// Check for the injected headers from the spammer attempt
// This will replace the injection attempt text with the string you
have set in the above config section
  $find = array("/bcc\:/i","/Content\-Type\:/i","/cc\:/i","/to\:/i");
  $email = preg_replace($find, "$SpamReplaceText", $email);
  $name = preg_replace($find, "$SpamReplaceText", $name);
  $message = preg_replace($find, "$SpamReplaceText", $message);
// Check to see if the fields contain any content we want to ban
 if(stristr($name, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}
 if(stristr($message, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}
 // Do a check on the send email and subject text
 if(stristr($sendto, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}
 if(stristr($subject, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}
// Build the email body text
  $emailcontent = "
Email from Thermachek website
Name: $name
Email: $email
Message: $message

End of Email
// Check the email address enmtered matches the standard email address
 if (!eregi("^[A-Z0-9_%-]+@[A-Z0-9_%-]+\.a[A-Z]$", $email)) {
  echo "<p>It appears you entered an invalid email address</p><p><a
href='javascript: history.go(-1)'>Click here to go back</a>.</p>";

 elseif (!trim($name)) {
  echo "<p>Please go back and enter a Name</p><p><a href='javascript:
history.go(-1)'>Click here to go back</a>.</p>";

 elseif (!trim($message)) {
  echo "<p>Please go back and type a Message</p><p><a
href='javascript: history.go(-1)'>Click here to go back</a>.</p>";

 elseif (!trim($email)) {
  echo "<p>Please go back and enter an Email</p><p><a
href='javascript: history.go(-1)'>Click here to go back</a>.</p>";

// Sends out the email or will output the error message
 elseif (mail($sendto, $subject, $emailcontent, $headers)) {
  echo "<br><br><p><b>Thank You $name</b></p><p>We will be in touch as
soon as possible.</p>";
else {

<form method="post"><INPUT NAME="op" TYPE="hidden" VALUE="send">
<div> <!-- Block container for the input elements -->
        <input name="name" type="text" size="30" maxlength="150">
        <input name="email" type="text" size="30" maxlength="150">

      <td valign="top"><p>Message:</p></td>
      <td><textarea name="message" cols="50"
    <tr><td></td> <td><input name="submit" type="submit" value="Send
<?php } ?>

Re: Problem with a contact me php form. Anyone look please?

Mike Barnard wrote:
Quoted text here. Click to load it

If you don't need to learn php, hire a consultant to fix it for you.

This is a group to help PHP programmers, not give you free consulting

Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.

Site Timeline