Webinova Online Customer Support > Webinova Help Desk > Knowledgebase

Search help:

How to submit web forms with PHP


How to create secured web forms using PHP

In order to create web forms using PHP you can use the integrated mail() function. It is highly recommended to implement antispam functions in your scripts as well. That is needed to ensure that no undesired messages will be relayed through your account.

The following script is a simple “Contact Us” form with three fields:
1.    Sender’s email address
2.    Subject of the message
3.    Content of the message

function spamcheck($field)
  //filter_var() sanitizes the e-mail address that is inserted
  // The FILTER_SANITIZE_EMAIL filter removes all forbidden e-mail characters from the inserted string  $field=filter_var($field, FILTER_SANITIZE_EMAIL);
  //filter_var() validates the e-mail address that is inserted
  // The FILTER_VALIDATE_EMAIL filter validates the value of the text inserted as an e-mail address
  if(filter_var($field, FILTER_VALIDATE_EMAIL))
    return TRUE;
    return FALSE;

if (isset($_REQUEST['email']))
  {//this is a simple check that makes sure the email field not empty

  //this is the check that uses the validation function to ensure the email address is valid
  $mailcheck = spamcheck($_REQUEST['email']);
  if ($mailcheck==FALSE)
    echo "You have inserted incorrect email address or have left some of the fields empty";
    {//send email
    $email = $_REQUEST['email'] ;
    $subject = $_REQUEST['subject'] ;
    $message = $_REQUEST['message'] ;
    mail("", "Subject: $subject",
    $message, "From: $email" );
    echo "Thank you for using our mail form! We will get in touch with you soon!";
  {//if the "email" field is not filled out the form itself will be displayed.
  echo "<form method='post' action='contact.php'>
  Email: <input name='email' type='text' /><br />
  Subject: <input name='subject' type='text' /><br />
  Message:<br />
  <textarea name='message' rows='15' cols='40'>
  </textarea><br />
  <input type='submit' />

The email validation function is using two filters (FILTER_SANITIZE_EMAIL and FILTER_VALIDATE_EMAIL) to check the inserted in the Sender’s field email address for any forbidden characters  and to ensure that the email address is typed correctly. If the email address meets the requirements the script reads the rest of the inserted data in the form and sends it to the administrative email. In all other cases the script will inform the sender that the information he inserted is invalid or not full.

In our case the emails are being send to and you will have to substitute it with yours. The above script assumes the name of the script is contact.php.

Was this article helpful? yes / no
Article details
Article ID: 111
Category: Email HOW-TOs
Date added: 2012-11-19 13:14:12
Views: 20
Rating (Votes): Article rated 3.0/5.0 (6)

« Go back

Powered by Help Desk Software HESK - brought to you by Help Desk Software SysAid