B
baldo
Can i find a template of a mail form working in php?
html form and php-script on the webserver?
html form and php-script on the webserver?
P
Paolo E.
C
Christoph Michael Becker
Am 20.06.2013 21:32, schrieb Beauregard T. Shagnasty:
| Copy the code above and paste it into your contact/feedback form page.
I'd say: don't do that, as the code uses stripslashes() (without any
check, if magic_quotes_gpc is On, which was removed as of PHP 5.4) and
eregi() (which is deprecated since PHP 5.3)--so it seems to be pretty
old code.
Furthermore the script doesn't set a Content-Type header, so the mail is
not unlikely to be unreadable if the body contains non ASCII characters,
let alone that the script ignores issues with non ASCII characters at all.
| $crack=eregi("(\r|\n)(to:|from:|cc:|bcc
",$body);
Shall this prevent email header injection? I'll be blowed!
| Copy the code above and paste it into your contact/feedback form page.
I'd say: don't do that, as the code uses stripslashes() (without any
check, if magic_quotes_gpc is On, which was removed as of PHP 5.4) and
eregi() (which is deprecated since PHP 5.3)--so it seems to be pretty
old code.
Furthermore the script doesn't set a Content-Type header, so the mail is
not unlikely to be unreadable if the body contains non ASCII characters,
let alone that the script ignores issues with non ASCII characters at all.
| $crack=eregi("(\r|\n)(to:|from:|cc:|bcc
",$body);Shall this prevent email header injection? I'll be blowed!
S
se
baldo said:
I use this one. Done so for quite a long time. I'm very satisfied with it
http://www.jamesshuggins.com/h/hefs/huggins-email-form-script.htm
/se
C
Christoph Michael Becker
Am 20.06.2013 22:41, schrieb Beauregard T. Shagnasty:
I have done so yet via the contact for on the page. I don't know if
this script is used for this contact form, but I have noticed that it
does not display any line breaks entered in the message in the online
confirmation (the script would not do so as well). Interestingly, the
confirmation email breaks the lines apart with an additional empty line
in my Thunderbird (quite so as with many replies from Google groups); I
am not sure what causes this, but it might be the overlong lines without
any Content-Type header stating format=flowed.
I have done so yet via the contact for on the page. I don't know if
this script is used for this contact form, but I have noticed that it
does not display any line breaks entered in the message in the online
confirmation (the script would not do so as well). Interestingly, the
confirmation email breaks the lines apart with an additional empty line
in my Thunderbird (quite so as with many replies from Google groups); I
am not sure what causes this, but it might be the overlong lines without
any Content-Type header stating format=flowed.
L
Lewis
In message said:
Why?
<mailto:[email protected]> works really well. Web forms are horrible.
--
'There's a limit to the power of a spring, no matter how tightly one
winds it.' 'Oh, yes. Yes. And you hope that if you wind a spring one
way, all its energies will unwind the other way. And sometimes you have
to wind the spring as tight as it will go,' said Vetinari,' and pray it
doesn't break.' --Men at Arms
B
baldo
se said:
is there something less commercial and more straightforward?
D
Denis McMahon
+1, upvote, like etc etc etc
Why anyone would want to piss about with form to email with all the
attendant security risks when they can just add a mailto link escapes me.
And yes I do know about spam address harvesting, most of which these days
is done by hacking servers or malware reading address books.
C
Christoph Michael Becker
Beauregard said:
ACK.
S
se
baldo said:
How the hell can you talk of commercial when being on Huggins site.
His offer is all free, except if you have problems with it and ask for his
help.
But a huge helpfile is included in the download.
If you read carefully, then you will find two examples, which you can use as
templates.:
http://clearlaketutoring.com/contact-form.htm
The example he use is a template of Pat Geary who uses his php-script.
http://www.expression-web-tutorials.com/sample-contact.html
Her templates is free - look in there by yourself. Using the templates.
You dont have to do other than filling in names of your own.
/se
Using the the simple basis script-methodes as is done in this template,
are relatively easy to arrange. The script is much more advanced.
L
Lewis
In message said:
Use gmail or use chrome?
Use gmail or use chrome?
Use gmail or use chrome?
Mailto works great with gmail with a tiny download or works right 'out
of the box" with Chrome.
No, obfuscating your email address is a complete and utter waste of time.
For the record, I never use web forms to contact someone unless I have
absolutely no choice (like HD warranty RMAs). If I click "Contact us"
and see a web form and no email alternate, I close the window.
D
dorayme
Beauregard T. Shagnasty said:
It is quite often a great deal of trouble to reach a company any other
way. I have had many cases where people do not reply to other forms of
messages, like answering machine requests, emails. There are some
bureaucracies that are so security conscious and regimented that they
insist on this type of communication, often after a user/password
login to the section where the form is.
L
Lewis
In message said:
Where did I ever say that?
I'm sure they have solutions as well.
No, it's not. hiding email adresses does not prevent (or even slow) spam
unless the email address is never used by anyone for anything, and even
then, chances are good it will receive spam.
How do you figure that?
Oh, I know why web monkeys love them, that has nothing to do with me. I
do not jump through hoops designed by web monkeys./
L
Lewis
Then your mail admin sucks and should be replaced with someone
competent. I have an email address that has been used constantly for
almost 20 years now. I see almost no spam on it.
Only to prevent the idiots from sending you a copy of replies.
L
Lewis
In message said:
Yes, I said that.
No, I never said that.
L
Lewis
As I said, to prevent clueless people from automatically emailing me
copies of their posts.
S
se
Lewis said:
Makes no difference.
R
richard
Am 20.06.2013 21:32, schrieb Beauregard T. Shagnasty:
| Copy the code above and paste it into your contact/feedback form page.
I'd say: don't do that, as the code uses stripslashes() (without any
check, if magic_quotes_gpc is On, which was removed as of PHP 5.4) and
eregi() (which is deprecated since PHP 5.3)--so it seems to be pretty
old code.
Furthermore the script doesn't set a Content-Type header, so the mail is
not unlikely to be unreadable if the body contains non ASCII characters,
let alone that the script ignores issues with non ASCII characters at all.
| $crack=eregi("(\r|\n)(to:|from:|cc:|bcc
Shall this prevent email header injection? I'll be blowed!
Bless you.
For shooting down the great and mighty shitnasty.
R
richard
Hell, spammers look for emails in various forums outside of usenet.
Then, there are those scrupulous companies who you do business with that
will sell your email addy in a heartbeat just to make money.
My idea is to surround the mailto: link with hundreds of fake addys.
Just put them in a division which is hidden from view.
As I understand it, they have to remove bad addies by hand.
They don't want their prescious addy getting shut down because of hundreds
of returned mail notices.
D
Denis McMahon
Wrong. They don't give a damn about bad email addys in their lists, they
don't bother doing any sort of address verification at all, and they
don't care about bounces - most of the email is being sent by spam botnets
anyway.