stackoom
  简体   繁体   中英

How do I fix this php email submit form?

 原文  2019-09-15 04:22:38       php/ email

Question


I am new to PHP, how would one change this code so that this php mail file checks that the form data is actually there?

My goal here is to prevent bots and malicious users from sending blank emails by simply accessing the php mail in the browser.

Regards,
George 

<?php

$to_email = 'myemail@myemail.com';
$subject = 'Service Request';
$Body_Msg = "A new contact form submitted by ".$_REQUEST["F_Name"].
            " \r\n Name: ". $_REQUEST["F_Name"].
            "\r\nPhone No: ".$_REQUEST["your_phone"].
           " \r\nEmail: ".$_REQUEST["email_id"].
           "\r\nServices wanted: ".$_REQUEST["services"].
           "\r\nAddress: ".$_REQUEST["Address"].
           "\r\nMessage: ".$_REQUEST["Message"].
nl2br($Body_Msg);
$headers = 'From: website@mywebsite.com';
mail($to_email,$subject,$Body_Msg,$headers);
echo "Thank you for contacting My Company. We will revert you shortly.";


?>

<script type="text/javascript">
    window.setTimeout(function(){

        // Move to a new location or you can do something else
        window.location.href = "contact.html";

    }, 500);
</script>

2 answers

solution1
 1  2019-09-15 04:39:18

There are many many factors to apply when securing forms. Better to go ahead and follow a good guide (out of many out there). https://wp-mix.com/php-securing-email-scripts/

This will tighten your security. Also, it's always a good practice to add captcha to your html form.

Good luck

solution2
 0  2019-09-15 05:22:37

Here is some code that checks that a form attribute email is passed over HTTP POST, and if so assigns to a variable. 

<?php
if($_SERVER['REQUEST_METHOD']=='POST') {
    if(isset($_POST['email'])) {
        $email = $_POST['email'];
    }
    if(is_null($email)) {
        die('No email field posted.');
    }
}

Note: an empty string passed will not terminate with the 'No email field posted.' message.

You can reduce the if - isset and assignment above to the equivalent: 

 $email = $_POST['email'] ?? null;

You'll likely further need to validate and/or filter/sanitize your data, to prevent user input exploits (ie email header injection - that can lead to form/email spamming).

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do i create an email button that will submit to web form php? How do I send an email to the user on submit of php form How to submit a form to an email in php How do I fix the POST 405 error for an email form (PHP) hosted on http-server? how do i submit a angular js built form to an email address How do I submit a form to a database from an email? How do I get my contact form to send an email on submit? How do i email from php form How do I submit form via: PHP sending email, Using Ajax for no screen refresh, and post a message next to form with no screen refresh? Submit a form and email it with PHP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM