+- GetSimple Support Forum (http://get-simple.info/forums)
+-- Forum: GetSimple (http://get-simple.info/forums/forumdisplay.php?fid=3)
+--- Forum: Scripts & Components (http://get-simple.info/forums/forumdisplay.php?fid=11)
+--- Thread: Tip: Mailform component (/showthread.php?tid=7051)
Tip: Mailform component - tuxy - 2015-01-22
Hello,
I made a simple mailform incl. a simple Anti-Spam function in a component.
The form (html) is optimized for bootstrap, but you can customize for your own projects
- Add this code in a component (ex. <?php get_component('mailform'); ?>) :
PHP Code:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" id="contactForm" method="post">
<div class="form-group">
<label>Name</label>
<input type="text" class="form-control" name="name" placeholder="Name" id="name" required data-validation-required-message="Add your name.">
</div>
<div class="form-group">
<label>Email</label>
<input type="text" class="form-control" name="email" placeholder="Email" id="email" required data-validation-required-message="Add your email.">
</div>
<div class="form-group">
<label>Message</label>
<textarea rows="5" class="form-control" placeholder="Message" name="message" id="message" required data-validation-required-message="Add your message."></textarea>
</div>
<div class="form-group">
<label>The result from 2+2 (Anti Spam!)</label>
<input type="text" class="form-control" name="human" placeholder="?" id="human" required data-validation-required-message="Vul het resultaat in.">
</div>
<div class="form-group">
<button type="submit" class="btn btn-success btn-lg" name="submit">Send</button>
</div>
</form>
<?php
if (isset($_POST['submit']))
{
if (($_POST['human'] == '4'))
{
$name = htmlspecialchars($_POST['name']);
$email = $_POST['email'];
$message = htmlspecialchars($_POST['message']);
// Alles is ingevuld, de mail kan verstuurd worden
$to = 'yourmail@mail.com'; // Your email here
$subject = 'Mail from your site';
$content = "Email: ".$email."\n\nName:".$name."\n\nMessage: ".$message."\n\n";
$headers = "from: ".$email."\r\n";
mail($to, $subject, $content, $headers);
echo '<div class="alert alert-success" role="alert">The mail is send...</div>';
}
else
{
echo '<div class="alert alert-danger" role="alert">Error! Mail not send...</div>';
}
}
?>I hope this is useful for someone??
You can place this form(component) where you want in your template.
Sorry for my bad english
Regards,
Christophe
RE: Tip: Mailform component - shawn_a - 2015-01-22
vulnerable to email header injection.
http://en.wikipedia.org/wiki/Email_injection
( also i changed to php code tags for highlighting )
RE: Tip: Mailform component - tuxy - 2015-01-22
(2015-01-22, 07:21:48)shawn_a Wrote: vulnerable to header injection.
( also i changed to php code tags for highlighting )
Hi @shawn_a,
Thats better with the tag highlighting.
I don't know how can make the script more security.
I'm not a programmer, only a hobbyist.
Feel free to modify the script for a better security, so i also learn
Regards,
Christophe
RE: Tip: Mailform component - shawn_a - 2015-01-22
sanitation is hard even for the experts.
RE: Tip: Mailform component - tuxy - 2015-01-22
(2015-01-22, 07:58:29)shawn_a Wrote: sanitation is hard even for the experts.
Ah OK
RE: Tip: Mailform component - shawn_a - 2015-01-22
There is some basic str replacers out there but they might strip content as well so its a hard balance.