Need help with a building a secure form

[justin.scherer14]

Hello,

So I have finished up pretty much everything for my website except the two forms that I need. I need them to be secure and I need them to go straight to my e-mail. If anyone has an idea on how to do this that would be great because, again, this is the last part of my website that needs work.

 

[froger]

Use PHP?

$variable = strip_tags(addslashes($_POST['form']))

if ($variable != NULL)
{
mail('someone@aol.com', 'Title', $variable);
}

 

[farscapeone]

If you want it really secure, you should look at his tutorial:
http://net.tutsplus.com/tutorials/php/secure-your-forms-with-form-keys/

 

[justin.scherer14]

Thank you for that! I will be using that website to make my forms secure. Can anyone help me with creating a php and html form that will submit the data it gets to me in e-mail form. I have been trying to do this but it keeps sending the form with the nobody@thesite.com e-mail address. This does not work because it creates a problem that sets off spam alerts and filters. It will not even get to my e-mail address. So, if anyone can help me or guide me to a tutorial on how to do this that would be greatly appreciated.

 

[tillabong]

Hi, earlier on i created a similar thread with the issue of php mail() getting filtered and going to the junk folder. I didnt manage to get an answer from the thread but after weeks of trying, these few things did the trick.

1. I created an MX entry for my domain. Just go to your cPanel and create an MX entry for your domain.

2. Add the proper headers to your php code. Remember to change the email address accordingly. And make sure that the email address actually exist on the server. You could create an email address in you cPanel.

$headers  = 'From: <admin@yoursite.com>' . "\r\n";
$headers .= '<admin@yoursite.com>' . "\r\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-Type: text/html; charset=ISO_8859-1' . "\r\n";
$headers .= 'Content-Transfer-Encoding: 8bit' . "\r\n";
$headers .= 'Return-Path: admin@yoursite.com' . "\r\n";
																		
$mail = mail($to, $subject, $letter, $headers, "-fadmin@yoursite.com");

3. Under Email Authentication in your cPanel. Enable domainkeys and SPF.

Hope all these works out for you. =)

 

[arnab792]

mail function php

declare the variable 1st....
add your email to $tomail
<?php
$fname=$_POST['fname'];
$email=$_POST['email'];
$phone=$_POST['phone'];
$address=$_POST['address'];
$message=$_POST['message'];
$mailsubj = "Email Confirmation";
$sender = $email;
$tomail= "yourname@example.com";
$strBody="<html><body>Thank you for contacting us.<br />Your E-mail has been submitted. We will soon you contact.<br><br>Following are full details:<br><br>";
$strBody.="<b>Name:</b> $fname <br />"."<b>Email:</b> $email <br />"."<b>Phone:</b> $phone <br />"."<b>Address:</b> $address <br />"."<b>Message:</b> $message <br />";
$strBody.="</body></html>";

mail($tomail, $mailsubj, $strBody, "From: $sender\nContent-Type: text/html; charset=iso-8859-1");

?>

 

[tillabong]

Re: mail function php

$fname=$_POST['fname'];
$email=$_POST['email'];
$phone=$_POST['phone'];
$address=$_POST['address'];
$message=$_POST['message'];
$mailsubj = "Email Confirmation";
$sender = $email;
$tomail= "yourname@example.com";

Your variables are subjected to headers injection.

 

[justin.scherer14]

Okay. I will try that and let you know what happens. Right now it seems like the Chopin servers are down so I can not do anything until they are back up. Thank you again for that help. I basically have the php forms all laid out so now it is just getting it to the email address is all.