Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Tip: Mailform component
#1
Lightbulb 
Hello,

I made a simple mailform incl. a simple Anti-Spam function in a component.
The form (html) is optimized for bootstrap, but you can customize for your own projects

- Add this code in a component (ex. <?php get_component('mailform'); ?>) :
PHP Code:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" id="contactForm" method="post">
  <
div class="form-group">
    <
label>Name</label>
    <
input type="text" class="form-control" name="name" placeholder="Name" id="name" required data-validation-required-message="Add your name.">
   </
div>

<
div class="form-group">
    <
label>Email</label>
    <
input type="text" class="form-control" name="email" placeholder="Email" id="email" required data-validation-required-message="Add your email.">
   </
div>

<
div class="form-group">
    <
label>Message</label>
    <
textarea rows="5" class="form-control" placeholder="Message" name="message" id="message" required data-validation-required-message="Add your message."></textarea>
   </
div>
<
div class="form-group">
    <
label>The result from 2+(Anti Spam!)</label>
    <
input type="text" class="form-control" name="human" placeholder="?" id="human" required data-validation-required-message="Vul het resultaat in.">
   </
div>
<
div class="form-group">
  <
button type="submit" class="btn btn-success btn-lg" name="submit">Send</button>
</
div>
</
form>

<?
php

if (isset($_POST['submit']))
{
if ((
$_POST['human'] == '4'))
{
$name htmlspecialchars($_POST['name']);
$email $_POST['email'];
$message htmlspecialchars($_POST['message']);


    
// Alles is ingevuld, de mail kan verstuurd worden
    
$to 'yourmail@mail.com'// Your email here
    
$subject 'Mail from your site';
    
$content   "Email: ".$email."\n\nName:".$name."\n\nMessage: ".$message."\n\n";
    
$headers   "from: ".$email."\r\n";
        
    
mail($to$subject$content$headers);
    
    echo 
'<div class="alert alert-success" role="alert">The mail is send...</div>';
}
else
{
  echo 
'<div class="alert alert-danger" role="alert">Error! Mail not send...</div>';
}
}
?>

I hope this is useful for someone??

You can place this form(component) where you want in your template.

Sorry for my bad english Confused

Regards,
Christophe


Attached Files Thumbnail(s)
   
Reply
#2
vulnerable to email header injection.
http://en.wikipedia.org/wiki/Email_injection

( also i changed to php code tags for highlighting )
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#3
(2015-01-22, 07:21:48)shawn_a Wrote: vulnerable to header injection.
( also i changed to php code tags for highlighting )

Hi @shawn_a,

Thats better with the tag highlighting.

I don't know how can make the script more security.
I'm not a programmer, only a hobbyist.

Feel free to modify the script for a better security, so i also learn Rolleyes

Regards,
Christophe
Reply
#4
sanitation is hard even for the experts.
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#5
(2015-01-22, 07:58:29)shawn_a Wrote: sanitation is hard even for the experts.

Ah OK Undecided
Reply
#6
There is some basic str replacers out there but they might strip content as well so its a hard balance.
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply




Users browsing this thread: 1 Guest(s)