In the digital era, contact forms have become an essential part of almost every website. They allow users to easily connect with website owners without the need for directly entering an email address. This article focuses on creating a script for sending messages from a web form to email using PHP.
Basics of a Contact Form
Before diving into coding, it's important to understand the basic structure of a contact form. A contact form typically consists of several fields, such as name, email, subject, and message. The HTML code for a simple contact form may look like this:
<form action="send_email.php" method="post">
<label for="name">Name:</label><br>
<input type="text" id="name" name="name" required><br>
<label for="email">Email:</label><br>
<input type="email" id="email" name="email" required><br>
<label for="subject">Subject:</label><br>
<input type="text" id="subject" name="subject" required><br>
<label for="message">Message:</label><br>
<textarea id="message" name="message" rows="4" required></textarea><br>
<input type="submit" value="Send">
</form>
PHP Script for Form Processing
PHP is a server-side scripting language that allows processing data submitted from a web form. The send_email.php script starts by verifying that the data was submitted using the POST method, and then checks if all required fields are filled.
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = strip_tags(trim($_POST["name"]));
$email = filter_var(trim($_POST["email"]), FILTER_SANITIZE_EMAIL);
$subject = strip_tags(trim($_POST["subject"]));
$message = trim($_POST["message"]);
if (empty($name) OR empty($message) OR !filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "Oops! Something went wrong. Make sure you've filled out all fields correctly.";
exit;
}
$recipient = "This email address is being protected from spambots. You need JavaScript enabled to view it.";
$email_subject = "New message from web form: $subject";
$email_content = "Name: $name\n";
$email_content .= "Email: $email\n\n";
$email_content .= "Message:\n$message\n";
$email_headers = "From: $name <$email>";
if (mail($recipient, $email_subject, $email_content, $email_headers)) {
echo "Thank you! Your message has been sent.";
} else {
echo "Oops! Something went wrong, and we couldn't send your message.";
}
} else {
echo "Oops! Something went wrong.";
}
?>
Security Measures
Security should always be a top priority when it comes to processing user data. Using functions like strip_tags() and filter_var() is a good way to limit the risk of XSS (Cross-site scripting) and injection of malicious code. Furthermore, it's crucial to ensure that the email address is valid using FILTER_VALIDATE_EMAIL.
Creating a contact form with a PHP script for sending messages is a fundamental yet very important skill for web developers. Emphasizing security and input validation will ensure that this process is not only functional but also secure for both you and your users.
