-1

I have a form on my website that emails a message to my gmail using a PHP script. Everytime I test it, it works and I receive the email. But I have had a few others test the form - and the emails have never come through. Do I need to configure a SMTP server? I have read a few articles - but confused as to how to adapt the code to work within my current PHP file. Any help greatly appreciated!

FORM.PHP

  <? php
  // Define some constants
define("RECIPIENT_NAME", "MY NAME");
define("RECIPIENT_EMAIL", "MY GMAIL ADDRESS");
define("EMAIL_SUBJECT", "Website Enquiry");

$full_name;
$email;
$subject;
$message;
$captcha;
if (isset($_POST['name'])) {
  $name = $_POST['name'];
  if ($name != filter_var($name, FILTER_SANITIZE_STRING)) {
    echo "Name is not valid!";
    exit; // or exit w/e you please
  }
} else {
  echo "Name field is required!";
  exit; // or exit w/e you please
}
if (isset($_POST['email'])) {
  $email = $_POST['email'];
  if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
    echo "Email is not valid!";
    exit; // or exit w/e you please
  }
} else {
  echo "Email field is required!";
  exit; // or exit w/e you please
}

if (isset($_POST['message'])) {
  $message = $_POST['message'];
  if ($message != filter_var($message, FILTER_SANITIZE_STRING)) {
    echo "Message is not valid!";
    exit; // or exit w/e you please
  }
} else {
  echo "Message field is required!";
  exit; // or exit w/e you please
}

if (isset($_POST['g-recaptcha-response'])) {
  $captcha = $_POST['g-recaptcha-response'];
}

if (!$captcha) {
  echo 'error';
  exit;
}

$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?INSERT GOOGLE VERIFICATION KEY&response=".$captcha.
  "&remoteip=".$_SERVER['REMOTE_ADDR']);

if ($response.success == false) {
  echo 'fail';
  // No need to exit() here, code ends after this anyway
} else {
  // If all values exist, send the email
  if ($name && $email && $message) {
    $recipient = RECIPIENT_NAME.
    " <".RECIPIENT_EMAIL.
    ">";
    $headers = "From: ".$name.
    " <".$email.
    ">";
    $success = mail($recipient, EMAIL_SUBJECT, $message, $headers);
    echo "success";
  } else {
    echo "Name, email and message are required!";
  }
  // No need to exit() here, code ends after this anyway
} ?>
/*HTML*/

<p><b>CONTACT FORM</b>
</p>
<form role="form" id="form" action="form.php" method="post">
  <div class="form-group">
    <label for="name">Your Name</label>
    <input type="text" class="form-control" id="name" name="name" placeholder="Enter name">

    <span class="help-block" style="display: none;">Please enter your name.</span>

    <label for="email">Email address</label>
    <input type="email" class="form-control" id="email" name="email" placeholder="Enter email">
    <span class="help-block" style="display: none;">Please enter a valid e-mail address.</span>

    <label for="message">Message</label>
    <textarea class="form-control" rows="7" id="message" name="message" placeholder="Enter message"></textarea>

    <span class="help-block" style="display: none;">Please enter a message.</span>
  </div>
  <div class="form-group">
    <div class="g-recaptcha" data-theme="dark" data-sitekey="INSERT DATA SITE KEY HERE"></div>
    <span class="help-block" style="display: none;">Please check that you are not a robot.</span>
  </div>
  <button type="submit" id="Submit" data-loading-text="Sending..." class="btn btn-default">Send Message</button>
</form>

</div>

I have worked out the problem was the $email. If the user used certain emails like @gmail.com or @hotmail.com the email would not be delivered. So, I adjusted my PHP to use my webhost email as the "FROM" address - and posted the NAME, EMAIL and MESSAGE all in the message part of the email. I now receive the email regardless of the users email address. Here is the amended PHP:

<?php
// Define some constants
define( "RECIPIENT_NAME", "INSERT NAME" );
define( "RECIPIENT_EMAIL", "INSERT MY GMAIL" );
define( "EMAIL_SUBJECT", "Website Enquiry" );
define( "SENT_FROM", "Pauls Website" );
define( "SENT_EMAIL", "INSERT MY WEBHOST EMAIL" );

$full_name;$email;$subject;$message;$captcha;
if(isset($_POST['name']))
{
 $name=$_POST['name'];
 if($name = htmlspecialchars($name, ENT_QUOTES));
    if($name != filter_var($name, FILTER_SANITIZE_STRING))
    {
        echo "Name is not valid!";
        exit; // or exit w/e you please
    }
}
else
{
    echo "Name field is required!";
    exit; // or exit w/e you please
}
if(isset($_POST['email']))
{
    $email=$_POST['email'];
 if($email = htmlspecialchars($email, ENT_QUOTES));
    if(! filter_var($email, FILTER_VALIDATE_EMAIL))
    {
        echo "Email is not valid!";
        exit; // or exit w/e you please
    }
}
else
{
    echo "Email field is required!";
    exit; // or exit w/e you please
}

if(isset($_POST['message']))
{
 $message =$_POST['message']; 
  if($message = htmlspecialchars($message, ENT_QUOTES));
    if($message != filter_var($message, FILTER_SANITIZE_STRING))
 
    {
        echo "Message is not valid!";
        exit; // or exit w/e you please
    }
}
else
{
    echo "Message field is required!";
    exit; // or exit w/e you please
}

$body = "<b>Name:</b> " .$name. "<br/><b>Email:</b> " .$email. "<br/><b>Message:</b> " .$_POST["message"];

if(isset($_POST['g-recaptcha-response']))
{
    $captcha=$_POST['g-recaptcha-response'];
}

if(!$captcha)
{
    echo 'error';
    exit;
}

$response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?INSERT SECRET CODE&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']);

if($response.success==false)
{
    echo 'fail';
    // No need to exit() here, code ends after this anyway
}
else
{
    // If all values exist, send the email
    if ( $name && $email && $message ) 
    {
  $headers  = 'MIME-Version: 1.0' . "\r\n";
  $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
  $headers .= "From: " . SENT_FROM . " <" . SENT_EMAIL . ">"; 
  $recipient = RECIPIENT_NAME . " <" . RECIPIENT_EMAIL . ">"; 
        $success = mail( $recipient, EMAIL_SUBJECT, $body, $headers );
        echo "success";
    }
    else
    {
        echo "Name, email and message are required!";
    }
    // No need to exit() here, code ends after this anyway
}
?>

I have also added some code so that apostrophes are both accepted in the form, and displayed correctly in the email received. Just trying to work out how to implement nl2br() so that the message includes any new lines. At the moment it truncated the message into one line, even if the user has new lines for multiple paragraphs.

Paul O'Shea
  • 67
  • 10
  • Are you using an official mailserver? If not, you might want to check your servers IP address at [Spamhaus SBL](https://www.spamhaus.org/sbl/). Most major Email service providers use this list to block emails coming from private servers to prevent spam. If it's indeed blocked, you require a SMTP from an official mailserver. – icecub Sep 17 '15 at 01:17
  • I'm not using an official mailserver as far as I know. My site is hosted on x10hosting.com I'm just confused as to why it works for me, but not others. Can the internet service of the user affect if the mail is sent of filtered? I thought it would be dictated by the server the website is hosted on. – Paul O'Shea Sep 17 '15 at 01:28

0 Answers0