PDA

Click to See Complete Forum and Search --> : help needed with my php contact form?!

zakzan
07-26-2007, 06:17 AM
hello, I'm new to the forum and would really appreciate some help.. i am not an expert by any means in php but have a contact form on my site which delivers a message to a particular recipient. What i want to do is use the same script on a different page of my site which will send the message to a different email address? It's an advertising site in effect and I have the form on one page for some holiday studios/apartments and want to use it on another page for a different hotel... Hope that makes sense, thanks...
MatMel
07-26-2007, 06:20 AM
What code do you have so far?
zakzan
07-26-2007, 06:26 AM
this is the html form in my page, the divs are for css styling...

<div id="reqbx">
<form action="http://www.zakynthos-now.com/contact.php" method="post">
<div id="reqavail">
<h3>Contact us to request accommodation availability…</h3><p>Please complete all details of your enquiry and we will get back to you shortly.</p>
<input name="op" type="hidden" value="send" />
<table class="avail">
<tr><td>Name:</td><td><input name="name" type="text" size="28" maxlength="150" /></td>
<td>E-mail:</td><td><input name="email" type="text" size="28" maxlength="150" /></td></tr>
<tr><td>Message:</td><td colspan="2"><textarea name="message" rows="3" cols="30"></textarea></td>
<td><input name="submit" type="submit" value="Send Message" /></td></tr></table>
</div>
</form>

this is my php file...

<?php
if (isset($_POST["op"]) && ($_POST["op"]=="send")) {

/******** START OF CONFIG SECTION *******/
$sendto = "akropolis@zakynthos-now.com";
$subject = "Accommodation Availability Request from Zakynthos-Now";
// Select if you want to check form for standard spam text
$SpamCheck = "Y"; // Y or N
$SpamReplaceText = "*content removed*";
// Error message prited if spam form attack found
$SpamErrorMessage = "<p align=\"center\"><font color=\"red\">Malicious code content detected.
</font><br />Your IP Number of".getenv("REMOTE_ADDR")." has been logged.</p>";
/******** END OF CONFIG SECTION *******/


$name = $HTTP_POST_VARS['name'];
$email = $HTTP_POST_VARS['email'];
$message = $HTTP_POST_VARS['message'];
$confirm = 'http://www.zakynthos-now.com/thanks.html';
$headers = "From: $email\n";
$headers . "MIME-Version: 1.0\n"
. "Content-Transfer-Encoding: 7bit\n"
. "Content-type: text/html; charset = \"iso-8859-1\";\n\n";
if ($SpamCheck == "Y") {
// Check for Website URL's in the form input boxes as if we block website URLs from the form,
// then this will stop the spammers wasting time sending emails
if (preg_match("/http/i", "$name")) {echo "$SpamErrorMessage"; exit();}
if (preg_match("/http/i", "$email")) {echo "$SpamErrorMessage"; exit();}
if (preg_match("/http/i", "$message")) {echo "$SpamErrorMessage"; exit();}

// Patterm match search to strip out the invalid charcaters, this prevents the mail injection spammer
$pattern = '/(;|\||`|>|<|&|^|"|'."\n|\r|'".'|{|}|[|]|\)|\()/i'; // build the pattern match string

$name = preg_replace($pattern, "", $name);
$email = preg_replace($pattern, "", $email);
$message = preg_replace($pattern, "", $message);

// Check for the injected headers from the spammer attempt
// This will replace the injection attempt text with the string you have set in the above config section
$find = array("/bcc\:/i","/Content\-Type\:/i","/cc\:/i","/to\:/i");
$email = preg_replace($find, "$SpamReplaceText", $email);
$name = preg_replace($find, "$SpamReplaceText", $name);
$message = preg_replace($find, "$SpamReplaceText", $message);

// Check to see if the fields contain any content we want to ban
if(stristr($name, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();}
if(stristr($message, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();}

// Do a check on the send email and subject text
if(stristr($sendto, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();}
if(stristr($subject, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();}
}
// Build the email body text
$emailcontent = "
-----------------------------------------------------------------------------
ACCOMMODATION AVAILABILITY ENQUIRY
-----------------------------------------------------------------------------

Name: $name
Email: $email
Message: $message

_______________________________________
End of Email
";
// Check the email address enmtered matches the standard email address format
if (!eregi("^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,6}$", $email)) {
echo "<p>It appears you entered an invalid email address</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

elseif (!trim($name)) {
echo "<p>Please go back and enter a Name</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}


elseif (!trim($message)) {
echo "<p>Please go back and type a Message</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

elseif (!trim($email)) {
echo "<p>Please go back and enter an Email</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

// Sends out the email or will output the error message
elseif (mail($sendto, $subject, $emailcontent, $headers)) {
header('Location:'.$confirm);
}
}
?>
zakzan
07-26-2007, 06:28 AM
this is my php file...


<?php
if (isset($_POST["op"]) && ($_POST["op"]=="send")) {

/******** START OF CONFIG SECTION *******/
$sendto = "akropolis@zakynthos-now.com";
$subject = "Accommodation Availability Request from Zakynthos-Now";
// Select if you want to check form for standard spam text
$SpamCheck = "Y"; // Y or N
$SpamReplaceText = "*content removed*";
// Error message prited if spam form attack found
$SpamErrorMessage = "<p align=\"center\"><font color=\"red\">Malicious code content detected.
</font><br />Your IP Number of".getenv("REMOTE_ADDR")." has been logged.</p>";
/******** END OF CONFIG SECTION *******/


$name = $HTTP_POST_VARS['name'];
$email = $HTTP_POST_VARS['email'];
$message = $HTTP_POST_VARS['message'];
$confirm = 'http://www.zakynthos-now.com/thanks.html';
$headers = "From: $email\n";
$headers . "MIME-Version: 1.0\n"
. "Content-Transfer-Encoding: 7bit\n"
. "Content-type: text/html; charset = \"iso-8859-1\";\n\n";
if ($SpamCheck == "Y") {
// Check for Website URL's in the form input boxes as if we block website URLs from the form,
// then this will stop the spammers wasting time sending emails
if (preg_match("/http/i", "$name")) {echo "$SpamErrorMessage"; exit();}
if (preg_match("/http/i", "$email")) {echo "$SpamErrorMessage"; exit();}
if (preg_match("/http/i", "$message")) {echo "$SpamErrorMessage"; exit();}

// Patterm match search to strip out the invalid charcaters, this prevents the mail injection spammer
$pattern = '/(;|\||`|>|<|&|^|"|'."\n|\r|'".'|{|}|[|]|\)|\()/i'; // build the pattern match string

$name = preg_replace($pattern, "", $name);
$email = preg_replace($pattern, "", $email);
$message = preg_replace($pattern, "", $message);

// Check for the injected headers from the spammer attempt
// This will replace the injection attempt text with the string you have set in the above config section
$find = array("/bcc\:/i","/Content\-Type\:/i","/cc\:/i","/to\:/i");
$email = preg_replace($find, "$SpamReplaceText", $email);
$name = preg_replace($find, "$SpamReplaceText", $name);
$message = preg_replace($find, "$SpamReplaceText", $message);

// Check to see if the fields contain any content we want to ban
if(stristr($name, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();}
if(stristr($message, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();}

// Do a check on the send email and subject text
if(stristr($sendto, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();}
if(stristr($subject, $SpamReplaceText) !== FALSE) {echo "$SpamErrorMessage"; exit();}
}
// Build the email body text
$emailcontent = "
-----------------------------------------------------------------------------
ACCOMMODATION AVAILABILITY ENQUIRY
-----------------------------------------------------------------------------

Name: $name
Email: $email
Message: $message

_______________________________________
End of Email
";
// Check the email address enmtered matches the standard email address format
if (!eregi("^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,6}$", $email)) {
echo "<p>It appears you entered an invalid email address</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

elseif (!trim($name)) {
echo "<p>Please go back and enter a Name</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}


elseif (!trim($message)) {
echo "<p>Please go back and type a Message</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

elseif (!trim($email)) {
echo "<p>Please go back and enter an Email</p><p><a href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

// Sends out the email or will output the error message
elseif (mail($sendto, $subject, $emailcontent, $headers)) {
header('Location:'.$confirm);
}
}
?>