Forum Moderators: coopster
I'm looking for a good free secure php enquiry mail form script to use for my clients sites.
I've been using a custom script for a couple of years now and noticed latley many clients are suffering from repeated form attacks by spammers trying to inject bcc headers into the email. It may be my script is vunerable and I'm looking to upgrade.
I'm looking for recommendations on a php mail script that converts an html form from the clients site.
Any help much appreciated.
<?php
// Check that all fields were filled in
if((!$_POST["name"]) ¦¦ (!$_POST["email"]) ¦¦ (!$_POST["comments"]))
{
die("You must fill in all of the fields.");
}
// Check that no email injection is being attempted
elseif (eregi("MIME-Version:",$_POST["name"].$_POST["email"].$_POST["comments"]))
{
die("That type of message is not allowed.");
}
// Check that no email injection is being attempted AGAIN
elseif (eregi("Content-Type",$_POST["name"].$_POST["email"].$_POST["comments"]))
{
die("That type of message is not allowed.");
}
// Check that no email injection is being attempted AGAIN
elseif (eregi("@my-domain.co.uk",$_POST["name"].$_POST["email"].$_POST["comments"]))
{
die("That type of message is not allowed.");
}
else
{
$message = "$_POST[comments]\n\nIP address: $REMOTE_ADDR";
mail("me@my-domain.co.uk", "Contact from website", stripslashes($message), "From: $_POST[name] <$_POST[email]>");
echo 'Thank you for contacting us.';
}
?>
It's not perfect (nor very elegant!) and I'm sure it will get ripped to shreds in subsequent posts but it seems to work OK for me. :)
There are more streamlined examples and tutorials available if you search for email validation.
