PHPize Online / SQLize Online  /  SQLtest Online

<?php // contact_form_processor.php // Initialize variables $name = ''; $email = ''; $message = ''; $honeypot = ''; $errors = []; $success = false; // Check if form was submitted via POST if ($_SERVER['REQUEST_METHOD'] === 'POST') { // Get the honeypot field (should be empty if human submitted) $honeypot = isset($_POST['website']) ? trim($_POST['website']) : ''; // Check honeypot - if filled, it's likely a bot if (!empty($honeypot)) { // Silently reject bot submissions http_response_code(400); exit('Invalid submission detected.'); } // Sanitize input fields using appropriate filters $name = isset($_POST['name']) ? filter_var(trim($_POST['name']), FILTER_SANITIZE_STRING) : ''; $email = isset($_POST['email']) ? filter_var(trim($_POST['email']), FILTER_SANITIZE_EMAIL) : ''; $message = isset($_POST['message']) ? filter_var(trim($_POST['message']), FILTER_SANITIZE_STRING) : ''; // Validate required fields after sanitization if (empty($name)) { $errors[] = 'Name is required.'; } if (empty($email)) { $errors[] = 'Email is required.'; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $errors[] = 'Please enter a valid email address.'; } if (empty($message)) { $errors[] = 'Message is required.'; } // Additional validation for name length if (strlen($name) > 100) { $errors[] = 'Name must be less than 100 characters.'; } // Additional validation for message length if (strlen($message) > 1000) { $errors[] = 'Message must be less than 1000 characters.'; } // If no errors, process the form if (empty($errors)) { // Email configuration $to = 'your-email@example.com'; // Replace with your email $subject = 'New Contact Form Submission'; // Construct email body $email_body = "You have received a new message from your contact form:\n\n"; $email_body .= "Name: " . $name . "\n"; $email_body .= "Email: " . $email . "\n"; $email_body .= "Message:\n" . $message . "\n\n"; $email_body .= "---\n"; $email_body .= "Submitted on: " . date('Y-m-d H:i:s') . "\n"; $email_body .= "IP Address: " . $_SERVER['REMOTE_ADDR'] . "\n"; // Email headers $headers = array(); $headers[] = 'From: Contact Form <noreply@yourdomain.com>'; // Replace with your domain $headers[] = 'Reply-To: ' . $name . ' <' . $email . '>'; $headers[] = 'Content-Type: text/plain; charset=UTF-8'; $headers[] = 'X-Mailer: PHP/' . phpversion(); // Convert headers array to string $headers_string = implode("\r\n", $headers); // Attempt to send email if (mail($to, $subject, $email_body, $headers_string)) { $success = true; // Clear form data on success $name = ''; $email = ''; $message = ''; } else { $errors[] = 'Sorry, there was an error sending your message. Please try again later.'; } } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Contact Form</title> <style> body { font-family: Arial, sans-serif; max-width: 600px; margin: 50px auto; padding: 20px; line-height: 1.6; } .form-group { margin-bottom: 20px; } label { display: block; margin-bottom: 5px; font-weight: bold; } input[type="text"], input[type="email"], textarea { width: 100%; padding: 10px; border: 1px solid #ddd; border-radius: 4px; font-size: 16px; box-sizing: border-box; } textarea { height: 120px; resize: vertical; } button { background-color: #007cba; color: white; padding: 12px 24px; border: none; border-radius: 4px; cursor: pointer; font-size: 16px; } button:hover { background-color: #005a87; } .error { color: #d63638; background-color: #fcf0f1; border: 1px solid #d63638; padding: 10px; border-radius: 4px; margin-bottom: 20px; } .success { color: #00a32a; background-color: #f0f6fc; border: 1px solid #00a32a; padding: 10px; border-radius: 4px; margin-bottom: 20px; } .honeypot { position: absolute; left: -9999px; top: -9999px; } </style> </head> <body> <h1>Contact Us</h1> <?php if (!empty($errors)): ?> <div class="error"> <strong>Please correct the following errors:</strong> <ul> <?php foreach ($errors as $error): ?> <li><?php echo htmlspecialchars($error); ?></li> <?php endforeach; ?> </ul> </div> <?php endif; ?> <?php if ($success): ?> <div class="success"> <strong>Thank you!</strong> Your message has been sent successfully. We'll get back to you soon. </div> <?php endif; ?> <form method="POST" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>"> <!-- Honeypot field - hidden from users but visible to bots --> <div class="honeypot"> <label for="website">Website (leave blank):</label> <input type="text" id="website" name="website" value="<?php echo htmlspecialchars($honeypot); ?>"> </div> <div class="form-group"> <label for="name">Name *</label> <input type="text" id="name" name="name" value="<?php echo htmlspecialchars($name); ?>" required> </div> <div class="form-group"> <label for="email">Email *</label> <input type="email" id="email" name="email" value="<?php echo htmlspecialchars($email); ?>" required> </div> <div class="form-group"> <label for="message">Message *</label> <textarea id="message" name="message" required><?php echo htmlspecialchars($message); ?></textarea> </div> <button type="submit">Send Message</button> </form> </body> </html>