Php script for contact form
- Thread starter psandy
- Start date
- Messages
- 764
- Reaction score
- 27
- Points
- 0
If in doubt Google about!
You are not the first newbie looking for help so many of your questions have been answered allready.
Just cut and paste the script below into a webpage called contact.php, and add your own email and website details.
You are not the first newbie looking for help so many of your questions have been answered allready.
Just cut and paste the script below into a webpage called contact.php, and add your own email and website details.
PHP:
<?php
// OPTIONS - PLEASE CONFIGURE THESE BEFORE USE!
$yourEmail = "somebody@gmail.com"; // the email address you wish to receive these mails through
$yourWebsite = "mysite"; // the name of your website
$maxPoints = 4; // max points a person can hit before it refuses to submit - recommend 4
function isBot() {
$bots = array("Indy", "Blaiz", "Java", "libwww-perl", "Python", "OutfoxBot", "User-Agent", "PycURL", "AlphaServer", "T8Abot", "Syntryx", "WinHttp", "WebBandit", "nicebot", "autoemailspider","Atomic_Email_Hunter/4.0","ContactBot/0.2","ContentSmartz");
$isBot = false;
foreach ($bots as $bot)
if (strpos($_SERVER['HTTP_USER_AGENT'], $bot) !== false)
$isBot = true;
if (empty($_SERVER['HTTP_USER_AGENT']) || $_SERVER['HTTP_USER_AGENT'] == " ")
$isBot = true;
return $isBot;
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$error_msg = NULL;
if (isBot())
exit("bots not allowed.</p>");// dumping bot into random generated email page would nice addition
function clean($data) {
$data = trim(stripslashes(strip_tags($data)));
return $data;
}
// lets check a few things - not enough to trigger an error on their own, but worth assigning a spam score..
// score quickly adds up therefore allowing genuine users with 'accidental' score through but cutting out real spam :)
$points = (int)0;
$badwords = array("adult", "beastial", "bestial", "blowjob", "clit", "cum", "cunilingus", "cunillingus", "cunnilingus", "cunt", "ejaculate", "fag", "felatio", "fellatio", "****", "fuk", "fuks", "gangbang", "gangbanged", "gangbangs", "hotsex", "hardcode", "jism", "jiz", "orgasim", "orgasims", "orgasm", "orgasms", "phonesex", "phuk", "phuq", "porn", "pussies", "pussy", "spunk", "xxx", "viagra", "phentermine", "tramadol", "adipex", "advai", "alprazolam", "ambien", "ambian", "amoxicillin", "antivert", "blackjack", "backgammon", "texas", "holdem", "poker", "carisoprodol", "ciara", "ciprofloxacin", "debt", "dating", "porn", "link=", "voyeur");
$exploits = array("content-type", "bcc:", "cc:", "document.cookie", "onclick", "onload", "javascript");
foreach ($badwords as $word)
if (strpos($_POST['comments'], $word) !== false)
$points += 2;
foreach ($exploits as $exploit)
if (strpos($_POST['comments'], $exploit) !== false)
$points += 2;
if (strpos($_POST['comments'], "http://") === true || strpos($_POST['comments'], "www.") === true)
$points += 2;
if (isset($_POST['nojs']))
$points += 1;
if (preg_match("/(<.*>)/i", $_POST['comments']))
$points += 2;
if (strlen($_POST['name']) < 3)
$points += 1;
if (strlen($_POST['comments']) < 15 || strlen($_POST['comments'] > 1500))
$points += 2;
// end score assignments
if (empty($_POST['name']) || empty($_POST['email']) || empty($_POST['comments'])) {
$error_msg .= "Name, e-mail and comments are required fields. \n";
} elseif (strlen($_POST['name']) > 35) {
$error_msg .= "The name field is limited at 35 characters. Your first name or nickname will do! \n";
} elseif (!ereg("^[A-Za-z' -]*$", $_POST['name'])) {
$error_msg .= "The name field must not contain special characters. \n";
} elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($_POST['email']))) {
$error_msg .= "That is not a valid e-mail address. \n";
} elseif (!empty($_POST['url']) && !preg_match('/^(http|https):\/\/(([A-Z0-9][A-Z0-9_-]*)(\.[A-Z0-9][A-Z0-9_-]*)+)(:(\d+))?\/?/i', $_POST['url']))
$error_msg .= "Invalid website url.";
if ($error_msg == NULL && $points <= $maxPoints) {
$subject = "website contact";
$message = "You received this e-mail message through your website: \n\n";
foreach ($_POST as $key => $val) {
$message .= ucwords($key) . ": $val \r\n";
}
$message .= 'IP: '.$_SERVER['REMOTE_ADDR']."\r\n";
$message .= 'Browser: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
$message .= 'Points: '.$points;
if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) {
$headers = "From: $yourEmail \r\n";
$headers .= "Reply-To: {$_POST['email']}";
} else {
$headers = "From: $yourWebsite <$yourEmail> \r\n";
$headers .= "Reply-To: {$_POST['email']}";
}
if (mail($yourEmail,$subject,$message,$headers)) {
echo ' <p style="font-size:36px"align="center">Your mail was successfully sent</p>';
flood();
} else {
echo '<p style="font-size:36px; color:master_town3.php?town=FF0000" align="center"> ERROR: Mail NOT Sent </p>';
flood();
}
}
}
function get_data($var) {
if (isset($_POST[$var]))
echo htmlspecialchars($_POST[$var]);
}
if ($error_msg != NULL) {
echo '<p><strong style="color: red;font-size:36px; ">ERROR: spam filter tripped</strong><br />';
flood();
echo nl2br($error_msg) . "</p>";
}
?>
<form action="contact.php" method="post">
<noscript><p><input type="hidden" name="nojs" id="nojs" /> </p></noscript>
<table width="85%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td class="sidebar_box"><label for="name">Name:</label> </td>
<td class="sidebar_box" colspan="2">
<input name="name" type="text" id="name" value="<?php get_data("name"); ?> name" size="50" /></td>
</tr>
<tr>
<td> </td>
<td colspan="2"> </td>
</tr>
<tr>
<td class="sidebar_box" ><label for="email">E-mail:</label> </td>
<td class="sidebar_box" colspan="2"><input name="email" type="text" id="email" value="<?php get_data("email"); ?> email address" size="50" /></td>
</tr>
<tr>
<td> </td>
<td colspan="2"> </td>
</tr>
<tr>
<td> </td>
<td colspan="2"> </td>
</tr>
<tr>
<td class="sidebar_box"><label for="location">Location*:</label></td>
<td class="sidebar_box" colspan="2"><input name="location" type="text" id="location" value="<?php get_data("location"); ?> Location (optional)" size="50" /></td>
</tr>
<tr>
<td> </td>
<td colspan="2"> </td>
</tr>
<tr>
<td class="sidebar_box"><label for="comments">Message:</label></td>
<td class="sidebar_box"colspan="2"><textarea name="comments" cols="45" rows="5" id="comments"><?php get_data("comments"); ?> Add your message in here.
</textarea></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td class="sidebar_box">* optional </td>
<td class="sidebar_box" ><div align="center">
<input type="submit" name="submit" id="submit" value="Send Message" />
</div></td>
<td class="sidebar_box">
<div align="left">
<input type="reset" name="Reset" value="Clear Form" onclick="a_contact.php"/>
</div></td>
</tr>
</table>
</form>
- Messages
- 9,373
- Reaction score
- 326
- Points
- 83
One interesting trick to stop spam is to include a text input called "message" (or any common field name. Rename your real field to "my_message" or something similar).
Set the display attribute to "none". ie
<input type="text" name="message" value="" style="display: none;">
Check to see if the field is filled out. Since a human cannot see the field, it is a probably a bot that filled out the form if the field is not blank.
Set the display attribute to "none". ie
<input type="text" name="message" value="" style="display: none;">
Check to see if the field is filled out. Since a human cannot see the field, it is a probably a bot that filled out the form if the field is not blank.