PHP E-mail Form

  Ade_1 12:02 09 Mar 2008


I am developing a website for a client and they wish for a contact form to be displayed on one of the pages. I was wondering if there was a form generator that would generate a contact form which would prevent spam OR have a captcha image on it so that spam wasn't sent by bots to the client's e-mail address. This form will be displayed on a HTML page, not a PHP page.

Thanks in advance

Aidan L

  MAJ 14:06 09 Mar 2008

There are a couple of suggestions for a mail form on the forum, ADE_1. There's this one click here and this one. click here

  Kemistri 14:47 09 Mar 2008

The Site Wizard's offering is not fully secure, so don't use that if you can help it. Look at the second link, but you may need to do a little tweaking to tune it to your needs. And above all, keep the PHP out of the visible markup (separate file) and test it thoroughly.

  Ade_1 16:48 09 Mar 2008

Ok, thanks to both for the advice. I'll look at that second link later on. Much appreciated.

  MAJ 18:55 09 Mar 2008

very interesting, knowing your coding knowledge. I know nothing about coding (please keep that in mind). In what way is the Site Wizard's offering not fully secure? I would be interested to know. I can see that it has no way of validating the sender's email address, but I don't think you mean that type of thing do you?

  Kemistri 19:07 09 Mar 2008

You're almost 100% right, MAJ. Whatever is entered in the form fields is not subject to proper and detailed filtering; the Site Wizard code allows you to specify mandatory fields, but doesn't make rules about what those fields should contain -- thus preventing the use of spam keywords, gibberish instead of an e-mail address and/or phone number, or foul language. Spammers are getting better at using forms, so you need something to block the most obvious keyword content. Hence the extra filters.

  MAJ 19:26 09 Mar 2008

Ah, got ya, Kemistri, something to watch out for indeed. I did use that form (am still using it) on a site I helped a mate set up. So far he hasn't had any problems with it, no spam whatsoever and his email address hasn't been harvested from it (as far as we can make out), but even I did notice that gibberish can be entered and sent without invoking the error page. It's probably worth moving to the other script when I get a bit of time to do so. Thanks for your reply, Kemistri, I appreciate it.

  Kemistri 20:29 09 Mar 2008

Happy to help.

Your friend's e-mail address will be hidden safely by the Site Wizard script -- it reacts to anyone trying to view the PHP file via the address bar by bouncing them to an HTML file, so they never get to see the code.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Dell XPS 13 9370 (2018) review

No need to scan sketches into your computer with Moleskine's new smart pen

WWDC history: Apple's product launches since 2005

Comment importer des contacts d’un iPhone à un autre iPhone ?