joined:Feb 22, 2009
>>I am asking because I am getting an error that it can't connect - which I know, because there is no database. However, I have used this code before, with the mysql_real_escape_string, on another website's email form, and had no errors at all Have a read of this...
Yes, this function assumes a database connection from the last known/in use connection, the function itself takes two parameters, one of which is optional
as described in that link.
And as anyango has already pointed out, as there is no DB involved, there is no need to use this function in this context.
For sanitising the data, just preg_match() for validating the email address, and there is always the alternative of this little function that does the preg_match pattern for you:-
Great little time saver there...
and use strip_tags() to remove any unwanted html tags from any data that your sending in the body of the email. trim() is also good to use, and if your wanting to be extra cautious you can set up a swear word filter just in case there is any attempt at people putting unwanted content into emails.
Just a few suggestions there, but it's always worth doing things like this, and as it's easy to reuse this coding, just pop them into a function for continued reuse on any project.
Have fun with your project.
Cheers & seasons greetings,