Home » Software, Coding & Hosting » PHP Contact Us Script, runs without modification

PHP Contact Us Script, runs without modification

    PHP contact-us script runs without modification. It detects the domain then emails all contact-us form data to info@yourdomain

    PHP Contact Us Script Links and Downloads

    Direct download of PHP Contact Us Script

    PHP Contact Us Script on CodeProject

    Get it from GitHub

    ♦ Arabic version of this article

    What is new in PHP Contact Us Script

    The recent version contains more user input filtering. So it keeps the script safe we sanitize each input key and value using the function htmlspecialchars() and the filter FILTER_SANITIZE_STRING. And I strip any Html code or invalid characters.

    Introduction

    Run out of box PHP contact-us script, so it does not need modification, it will detect the domain and email the contact message and fields to info@exmple.com whatever fields are in your form; it will detect them indeed and send the form data with email.

    System requirements for PHP Contact Us Script

    • Any website with hosting support PHP; Almost all hosts do support it.
    • In other words, you could use it for any website regardless of what it uses: pure Html/PHP, WordPress, Joomla, Drupal, or any other system

    Supported PHP Version

    PHP 5.6, PHP 7.0, PHP 7.1, PHP 7.2, PHP 7.3, PHP 7.4 or PHP 8.0

    Keywords

    HTML, PHP, web, web-hosting, website, script, code, contact us

    Background

    Lots of contact-us scripts are available over the internet. On the other hand, other scripts need modification of the PHP file before use while this script will run directly out of the box.
    So this script is very useful to those who do not know PHP and to the beginners of PHP.

    Using PHP Contact Us Script

    • Unzip the downloaded zip file
    • then create the contact-us folder in the www directory of your website
    • After that, upload the files to the contact-us folder
    • and that is all.
    • Finally, the contact-us URL is like example.com/contact-us replace example.com with your domain

    Changing contact-us form design

    • You could change the contact us page design as you want,
    • add or omit fields as needed
    • However, use from_emailfrom_namesubjectmessage and captcha as fields names
    • Surely, you can put your own Ads or make your form free of ads.
    • and you are free to put a link to us or not.

    About the contact-us code

    From Action

    <form action="send.php" method="POST">

    Fields Names

    Use from_email, from_name, subject, message and captcha as main fields’ names in your form, then add required, minlength, and maxlength attributes for each field.

    Captcha

    When you don’t wish to use captcha, then change the 1st line of the ‘config.php’ code to be:
    $captcha = false;

    And if you wish to use captcha, then you do not need to change anything; and the 1st line of the ‘config.php’ code will be:

    $captcha = true;

    You can modify the form as you like; however, please note that we use captcha, include the following in your form:

    <img src="captcha_code_file.php?rand=<?php echo rand(); 
    ?>" id='captchaimg' ><br>
    Enter the code above here : 
    <input id="captcha" name="captcha" type="text">

    Input Filtering

    To keep the script safe, we sanitize each input key and value using FILTER_SANITIZE_STRING. I strip any Html code or invalid characters.

    Thank you URL

    Put your own $thank_you_url in the 2nd line of the code.

    What Does PHP Contact Us Script Do?

    • Check the referred page and if someone calls the script directly, it will stop executing:
      $REFERER = $_SERVER['HTTP_REFERER'];
      if(!preg_match("@^http:\/\/(www\.)?$domain\/@",$REFERER)){
                      die("This page can't be call directly");
      }
    • Validate user email and user name to prevent injecting the wrong command in the header parameter of the mail() function:
      if(!$from_email) $from_email = "web_page@$domain";
      if (!filter_var($from_email, FILTER_VALIDATE_EMAIL)) {
                      $Err .= 'Invalid email format<br>';
                      $from_email = "web_page@$domain";
      }
    • Then it validates the subject and encodes it if needed to prevent send failure:
      if ($subject && !preg_match('/^[A-Za-z ]+$/',$subject)){
                      $subject = "=?UTF-8?B?".base64_encode($subject)."?=";
      }
    • After that, it will store the captcha in session and compare it with variable
    • Finally, it seeks all posted variables and applies security filtration of user inputs.
      foreach ($_POST as $key => $value){
          if ( strpos( strtolower( $key ), 'email' ) !== false ) {
              $value = filter_var( $value, FILTER_SANITIZE_EMAIL );
          } else {
              $value = filter_var( $value, FILTER_SANITIZE_STRING );
          }
          $value = htmlspecialchars( $value );
          $key = filter_var( $key, FILTER_SANITIZE_STRING );
          $key = htmlspecialchars( $key );
          $value = htmlspecialchars($value);
          $message_html .= "<h2>$key</h2><p>$value</p>";
      }
    • Send the message in Html UTF-8 format to be compatible with most languages
    • Finally, redirect to thank you URL
      header('Location: '. $thank_you_url);

    PHP Mailing Technique

    There are lots of mailing techniques in PHP; PEAR Mail, PHP Mailer, and a mail function. However, we just use the mail function as it is common and simple.

    PHP Email Validation

    PHP FILTER_SANITIZE_EMAIL Filter

    Remove all illegal characters from an email address:

    $from_email = filter_var($from_email, FILTER_SANITIZE_EMAIL);

    PHP FILTER_VALIDATE_EMAIL Filter

    Check if the variable $email is a valid email address:

    if (!filter_var($from_email, FILTER_VALIDATE_EMAIL)) {                    
        $Err .= 'Invalid email format<br>';               
        $from_email = "web_page@$domain";
    }

    Validate Email in PHP using a regular expression:

    $pattern = '/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/';
    if(!preg_match($pattern, $from_email)){ 
        $Err .= 'Invalid email format<br>';               
        $from_email = "web_page@$domain";
    }

    Links to PHP Contact Us Script

    https://www.codeproject.com/KB/PHP/1139299.aspx

    End