Confirmation Email in PHP Form -

Discussion in 'Web Design and Development' started by danielLeifer56, Oct 28, 2008.

  1. danielLeifer56 macrumors newbie

    Joined:
    Oct 28, 2008
    #1
    Hi,

    I have a form on my website here: http://downtownpet.com/nyc_dog_walker_schedule.html

    When a user submits it I receive the results to my email address. What I was hoping to do was have the clients receive the results too, sent to the email address they provide in the form. Any help would be appreciated, thanks.
     
  2. TheHoff macrumors 6502

    Joined:
    Oct 22, 2008
    #2
    The file that controls the mail sending is a php script, not the html. Post the source code to this file on your server: formmail.php

    The problem you may run in to though is with spam. When you put in field that allows a user to put in an email address and then have an email sent to that address, you are opening your server up to be hammered as a spam sending device.
     
  3. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #3
    +1 on this warning. It's very easy for a spammer to use your script for their own purposes. You might want to look into pre-existing scripts that have some steps to avoid this issue some.
     
  4. danielLeifer56 thread starter macrumors newbie

    Joined:
    Oct 28, 2008
    #4
    Thanks for the feedback - I don't know programming myself so I was wondering if it was an easy code fix - any advice on that? If not I'll try and find someone, thanks.
     
  5. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #5
    Not really. It's a growing research area. One somewhat quick fix is to add CAPTCHA (Completely Automatic Public Turing test to tell Computers and Humans Apart) to the page (those images of gnarled text that you have to decipher). Those type of additions only help block automated spam-bots though, which are really the most common, especially amongst sites with lower visit volumes. No system is 100% perfect though. See this article on how Microsoft keeps getting picked on, though it applies to all the big companies, especially the ones that offer email accounts. A smaller site doesn't need as much protection though as beating their systems doesn't get them much in the end.

    Some reading:
    http://phpsec.org/articles/2005/text-captcha.html
    http://www.webformantispam.com/blocking-webform-spambots/
    http://www.webformspamprotection.com/
    http://www.formmail.com/captcha/
    http://www.neilgunton.com/doc/spambot_trap

    Disclaimer: I have not used any of the products linked to above. I created my own scripts for this stuff.
     

Share This Page