PHP contact-us script runs without modification. It detects the domain and emails all data of the contact-us form. This PHP script is used to send contact-us form data to the webmaster, It is simple and runs without modification.
Run out-of-box PHP contact-us script, it does not need modification, it will detect the domain and send an email containing the contact message to [email protected] whatever fields are in your form; it will detect them and send the form data with email.
- User must enter data in the name field, email, subject, and message before submitting.
- The new version contains more user input filtering. So it keeps the script safe. We sanitize each input key and value using the function
htmlspecialchars()
and the filterFILTER_SANITIZE_STRING
. And It strip any HTML code or invalid characters.
Run out-of-box PHP contact-us script, it does not need modification, it will detect the domain and send an email containing the contact message to [email protected] whatever fields are in your form; it will detect them and send the form data by email.
- A website with hosting support PHP; Almost all hosts do support it.
- You could use it for any website regardless of what it uses: pure HTML/PHP, WordPress, Joomla, Drupal, or any other system
PHP 5.6, PHP 7.0, PHP 7.1, PHP 7.2, PHP 7.3, PHP 7.4, PHP 8.0, PHP 8.1 or PHP 8.2
HTML, PHP, web, web hosting, website, script, code, contact us
Lots of Contact Us scripts are available over the Internet. Other scripts need modification of the PHP file before use while this script will run directly out of the box. This script is very useful to those who do not know PHP and to beginners of PHP.
- Unzip the downloaded zip file
- Create the contact-us folder in the www directory of your website
- Upload the files to the contact-us folder
- That is all
- The contact-us URL is like example.com/contact-us replace example.com with your domain
- You could modify the Contact Us page design as you want,
- Add or omit fields as needed
- Use from_email, from_name, subject, message, and captcha as field names
- Put your Ads or make your form free of ads
- You are free to put a link to us or not.
<form action="send.php" method="POST">
Use from_email
, from_name
, subject
, message
, and captcha
as
main fields' names in your form.
If you don’t wish to use a captcha, then change the 1st line of the ‘config.php’ code to be as follows:
$captcha = false;
If you wish to use a captcha, then no change is needed and the 1st line of the ‘config.php’ code will be:
$captcha = true;
If you need to modify the form; please note that we use a captcha, include the following in your form:
<img src="captcha_code_file.php?rand=<?php echo rand();
?>" id='captchaimg' ><br>
Enter the code above here: <input id="captcha"
name="captcha" type="text"><br>
Put your own $thank_you_url
in the 2^nd^ line of the code.
-
Check the referrer page and stop the script if it is called directly:
$REFERER = $_SERVER['HTTP_REFERER']; if(!preg_match("@^http:\/\/(www\.)?$domain\/@",$REFERER)){ die("This page can't be call directly"); }
-
Validate user email and user name to prevent injecting the wrong command in the header parameter of the mail() function:
if(!$from_email) $from_email = "web_page@$domain"; if (!filter_var($from_email, FILTER_VALIDATE_EMAIL)) { $Err .= 'Invalid email format<br>'; $from_email = "web_page@$domain"; }
-
Validate the subject and encode it if needed to prevent send failure:
if ($subject && !preg_match('/^[A-Za-z ]+$/',$subject)){ $subject = "=?UTF-8?B?".base64_encode($subject)."?="; }
-
Store the captcha in session and compare it with the variable
-
Seek all posted variables
foreach ($_POST as $key => $value) { if ( strpos( strtolower( $key ), 'email' ) !== false ) { $value = filter_var( $value, FILTER_SANITIZE_EMAIL ); } else { $value = filter_var( $value, FILTER_SANITIZE_STRING ); } $value = htmlspecialchars( $value ); $key = filter_var( $key, FILTER_SANITIZE_STRING ); $key = htmlspecialchars( $key ); $value = htmlspecialchars($value); $message_html .= "<h2>$key</h2><p>$value</p>"; }
-
Send the message in Html UTF-8 format to be compatible with most languages
-
Redirect to thank you URL
header('Location: '. $thank_you_url);
There are lots of mailing techniques in PHP; PEAR Mail, PHP Mailer, and a mail function. However, we just use the mail function as it is common and simple.
Remove all illegal characters from an email address
$from_email = filter_var($from_email, FILTER_SANITIZE_EMAIL);
Check if the variable $email is a valid email address
if (!filter_var($from_email, FILTER_VALIDATE_EMAIL)) {
$Err .= 'Invalid email format<br>';
$from_email = "web_page@$domain";
}
$pattern = '/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/';
if(!preg_match($pattern, $from_email)){
$Err .= 'Invalid email format<br>';
$from_email = "web_page@$domain";
}