Used php for contact form, how to redirect back to the site?

Discussion in 'Web Design and Development' started by chiefroastbeef, Dec 18, 2008.

  1. chiefroastbeef macrumors 6502a

    Joined:
    May 26, 2008
    Location:
    Dallas, Texas/ Hong Kong
    #1
    Hello folks,

    I found a tutorial yesterday to use a php email form code, and it is working on my site: http://inprocess.ca/sam/_ContactUs.asp

    however, once I send the message, it goes to a "Your message was successfully sent!" page with nothing else. How can I add a code in my contact.php so that it'll redirect the window back to my main site?

    I've searched but found nothing yet.. Here is the php code for my email form:

    Thank you for your time and help!


    <?
    $subject="from ".$_GET['your_name'];
    $headers= "From: ".$_GET['your_email']."\n";
    $headers.='Content-type: text/html; charset=iso-8859-1';
    mail("myemail@gmail.com", $subject, "
    <html>
    <head>
    <title>Contact</title>
    </head>
    <body>

    <br>
    ".$_GET['message']."
    </body>
    </html>" , $headers);
    echo ("Your message was successfully sent!");
    ?>
     
  2. kylos macrumors 6502a

    kylos

    Joined:
    Nov 8, 2002
    Location:
    MI
    #2
    Replace the line
    Code:
    echo ("Your message was successfully sent!");
    with
    Code:
    header('Location: http://inprocess.ca/sam/_ContactUs.asp');
    
    or whatever your desired redirect url is.
     
  3. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #3
    You just use the header function and set the location for where you want the user to end up, though you won't be able to display the success message. You can also set a link after the success message that goes back to your home page. You can also add a meta tag to the displayed page that will do a redirect after a few seconds.

    Also, you should realize, without scrubbing your form data, someone could seriously spam you if that's the extent of your PHP code. I could probably put together a script that would send you 100s of spam messages a day. You really need to close that gap. There's scripts out there that people have written for you already and I highly suggest using one. I'm not a big fan of the CAPTCHA ones, but there's plenty of alternatives that keep spammers away.
     
  4. chiefroastbeef thread starter macrumors 6502a

    Joined:
    May 26, 2008
    Location:
    Dallas, Texas/ Hong Kong
    #4
    Thank you for the help guys!

    I've been searching on the captcha stuff, man this is over my head... I downloaded the freecap script, but have no idea how to implement it into my .php file.

    I tried the header thing, replaced my echo command, however I get this after I press "submit" on the contact form.

    "Warning: Cannot modify header information - headers already sent by (output started at e:\web\public_html\gipit\inprocess\sam\contact.php:2) in e:\web\public_html\gipit\inprocess\sam\contact.php on line 17"

    I can only send one header at a time or something?

    Thanks guys!
     
  5. jrrdnx macrumors member

    jrrdnx

    Joined:
    Nov 13, 2008
    Location:
    Indiana
    #5
    You cannot use the header() function after any information has been sent to the user, i.e. any html code. Remove the html, body, title, etc. tags and your header function should work fine.

    Edit: Direct from the PHP manual... "Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP."
     
  6. SelfMadeCelo macrumors regular

    SelfMadeCelo

    Joined:
    Sep 9, 2008
    Location:
    Tulare, CA
    #6
    If you want to have just one page to send the info then redirect you have to use output buffering. Use:

    PHP:
    ob_start();
    At the begining of the page then:

    PHP:
    ob_end_flush();
    At the end.

    Although the code looks like it needs a bit of work...
     
  7. chiefroastbeef thread starter macrumors 6502a

    Joined:
    May 26, 2008
    Location:
    Dallas, Texas/ Hong Kong
    #7
    Hi guys,

    Yea, I just downloaded it off the internet. Is there a better php email form code you guys recommend?

    Is this one any good? Seems pretty similar to mine... http://www.phpeasystep.com/workshopview.php?id=8

    Thanks for all the help guys! I really appreciate it.
     
  8. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #8
    This one from Dagon Design looks pretty decent and free. I haven't used it, but haven't used others either. I created my own, but I haven't gotten around to putting it together in such a way that I can distribute it easily.

    It looks too simplistic from my perspective. It doesn't do any data sanitizing either. The one I link above checks for injection attacks and has an optional CAPTCHA functionality. It's a little hefty though, code length wise.
     
  9. chiefroastbeef thread starter macrumors 6502a

    Joined:
    May 26, 2008
    Location:
    Dallas, Texas/ Hong Kong
    #9
    Hello there,

    Thanks for the link, but I'm afraid that is way over my head (wooooosshhh).

    I downloaded the php file, looked at the code, and man oh man..

    When you guys say my php code is too simplistic, what do you actually mean? Like it will be hacked by spambots?
     
  10. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #10
    Yes. Using injection, I could easily hijack your form and use it to send mass emails to whomever I want with your current code. The more typical though, is that once a spambot crosses that page it will catalog it and automatically fill out the form and you'll start getting a bit of spam. That spambot will also likely pass the web page on to other spambots so that the will also spam you.

    On my small web site, I was getting about a dozen spam attempts a week, though I always managed to block them with my coding. The attempts have lessened to only a couple a month. They've essentially given up on my page. Not that my code is perfect, but you have to do some data sanitizing to at least make sure your form isn't turned into a spam tool. You'll start getting messages from people blaming you for the spam you receive, or worst yet, your web host will detect the spam activity and take down your site.

    Edit: I know the code for the link I posted is massive, but there's only a few parts that you have to customize and fill out from the looks of it to getit up and running.

    Edit 2: Here's a nice, fairly easy to read article about email injection and how it occurs. It doesn't give you a solution, but will allow you to better understand what I'm trying to warn you about.
     
  11. chiefroastbeef thread starter macrumors 6502a

    Joined:
    May 26, 2008
    Location:
    Dallas, Texas/ Hong Kong
    #11
    Again, thank you for your post, I am learning a lot!

    I think I've finally discovered my innate fear of botnets... I remember having bad dreams about them when I was 4 years old now, it is all flashing before me.

    I guess I will try to figure out the php file you posted earlier. Off the top of your head, which parts should I pay attention to to customize the script? And do I just leave the php file(along with all the comments) as is and upload it to my server?

    Thanks again!
     
  12. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #12
    If you open up the file "dd-formmailer.php" and start scrolling down you'll see a line that says "Start of Options." This is where to start ;) The code looks well documented, so give them a read and answer them. I don't know your setup or how you're going to try to use it so it's hard to give much advice. The harder part looked to be the Form Structure configuration. There's online documentation for that at the web site. I didn't read into it much, but you only need that if you want the code to generate the form for you. You can alternatively create your own contact form, which you've actually already done. Most of the settings you'll be able to leave as defaults.

    After you're set there you'll just upload this PHP file along with the other files that came with the download. You can get away with not including some of the other files depending on which parts you implement. The JavaScript file is likely only needed if you're using the form generator, the CSS can probably be replaced with your own edits. Most of the language files in the lang folder can probably be deleted (except the language you need of course), and the recaptcha file you won't need if you don't implement that part.
     
  13. chiefroastbeef thread starter macrumors 6502a

    Joined:
    May 26, 2008
    Location:
    Dallas, Texas/ Hong Kong
    #13
    All I want the form to do is to create a name field, email field, subject field(not really needed), and a comment box.

    So all I have to do is find the ".$GET[]; files and change them to ['your_name'], which is dictated in my html form.

    php code from old simplistic file:

    <?
    $subject="from ".$_GET['your_name'];
    $headers= "From: ".$_GET['your_email']."\n";
    $headers.='Content-type: text/html; charset=iso-8859-1';
    mail("myemail@gmail.com", $subject, "
    <html>
    <head>
    <title>Contact</title>
    </head>
    <body>

    <br>
    ".$_GET['message']."
    </body>
    </html>" , $headers);
    echo ("Your message was successfully sent!");
    ?>
    _______


    Contact form on the webpage:

    <form action="dd-formmailer.php" method="get" name="contact_form" enctype="text/plain">
    <p><label for="name">Name: </label>
    <input id="name" name="your_name" type="text" /></p>
    <p><label for="emailAddy">Email: </label>
    <input id="emailAddy" name="your_email" type="text" /></p>
    <p><label for="subject">Subject: </label>
    <input id="subject" name="subject" type="text" /></p>
    <p><label for="msg">Message: </label>
    <textarea id="msg" name="message" cols="45" rows="7"></textarea></p>
    <p><input id="submit" name="submit"
    type="submit" value="Send" /></p>
    <p> </p>
    <p> </p>
    </form>
     
  14. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #14
    In the config file Try the following settings:

    PHP:
    $standalone FALSE;
    $form_struct '
      type=text|label=Name|fieldname=name|max=60|req=true
      type=text|label=Email|fieldname=emailAddy|max=60|req=true|ver=email
      type=text|label=Subject|fieldname=subject|max=100|req=true
      type=textarea|label=Message|fieldname=msg|req=true|rows=7|max=2000
    '
    ;
    $sender_name 'name'// name comes from fieldname in $form_struct above
    $sender_email 'emailAddy';
    $email_subject 'Contact: subject';
    $verify_method 'off'// 'off', 'basic', or 'recaptcha'
    I'm not going through each setting though, so do check over the other settings as well as others have to be updated. The web site for the file also has a lot of documentation to help you out when you're unsure of a setting.
     
  15. chiefroastbeef thread starter macrumors 6502a

    Joined:
    May 26, 2008
    Location:
    Dallas, Texas/ Hong Kong
    #15
    Thank you for the help and the head start! I will spend more time on it tomorrow(night time here in Hong kong). I appreciate your help!
     

Share This Page