mail form

Discussion in 'HTML' started by baldo, Jun 20, 2013.

  1. baldo

    baldo Guest

    Can i find a template of a mail form working in php?
    html form and php-script on the webserver?
     
    baldo, Jun 20, 2013
    #1
    1. Advertising

  2. baldo

    Paolo E. Guest

    Paolo E., Jun 20, 2013
    #2
    1. Advertising

  3. Am 20.06.2013 21:32, schrieb Beauregard T. Shagnasty:
    > baldo wrote:
    >
    >> Can i find a template of a mail form working in php?
    >> html form and php-script on the webserver?

    >
    > If you want to see how a form is done, peruse this one:
    >
    > <http://safalra.com/programming/php/contact-feedback-form/ >


    | Copy the code above and paste it into your contact/feedback form page.

    I'd say: don't do that, as the code uses stripslashes() (without any
    check, if magic_quotes_gpc is On, which was removed as of PHP 5.4) and
    eregi() (which is deprecated since PHP 5.3)--so it seems to be pretty
    old code.

    Furthermore the script doesn't set a Content-Type header, so the mail is
    not unlikely to be unreadable if the body contains non ASCII characters,
    let alone that the script ignores issues with non ASCII characters at all.

    | $crack=eregi("(\r|\n)(to:|from:|cc:|bcc:)",$body);

    Shall this prevent email header injection? I'll be blowed!

    --
    Christoph
     
    Christoph Michael Becker, Jun 20, 2013
    #3
  4. baldo

    se Guest

    "baldo" <> skrev i meddelelsen
    news:XnsA1E570EBDE3B2notnovalidno@91.208.207.161...
    > Can i find a template of a mail form working in php?
    > html form and php-script on the webserver?


    I use this one. Done so for quite a long time. I'm very satisfied with it
    http://www.jamesshuggins.com/h/hefs/huggins-email-form-script.htm

    /se
     
    se, Jun 20, 2013
    #4
  5. Am 20.06.2013 22:41, schrieb Beauregard T. Shagnasty:
    > You could take that up with the author.


    I have done so yet via the contact for on the page. I don't know if
    this script is used for this contact form, but I have noticed that it
    does not display any line breaks entered in the message in the online
    confirmation (the script would not do so as well). Interestingly, the
    confirmation email breaks the lines apart with an additional empty line
    in my Thunderbird (quite so as with many replies from Google groups); I
    am not sure what causes this, but it might be the overlong lines without
    any Content-Type header stating format=flowed.

    --
    Christoph M. Becker
     
    Christoph Michael Becker, Jun 20, 2013
    #5
  6. baldo

    Lewis Guest

    In message <XnsA1E570EBDE3B2notnovalidno@91.208.207.161>
    baldo <> wrote:
    > Can i find a template of a mail form working in php?
    > html form and php-script on the webserver?


    Why?

    <mailto:> works really well. Web forms are horrible.

    --
    'There's a limit to the power of a spring, no matter how tightly one
    winds it.' 'Oh, yes. Yes. And you hope that if you wind a spring one
    way, all its energies will unwind the other way. And sometimes you have
    to wind the spring as tight as it will go,' said Vetinari,' and pray it
    doesn't break.' --Men at Arms
     
    Lewis, Jun 21, 2013
    #6
  7. baldo

    baldo Guest

    "se" <> wrote in news:kpvp4e$jms$:

    > "baldo" <> skrev i meddelelsen
    > news:XnsA1E570EBDE3B2notnovalidno@91.208.207.161...
    >> Can i find a template of a mail form working in php?

    > I use this one. Done so for quite a long time. I'm very satisfied with it
    > http://www.jamesshuggins.com/h/hefs/huggins-email-form-script.htm


    is there something less commercial and more straightforward?
     
    baldo, Jun 21, 2013
    #7
  8. On Fri, 21 Jun 2013 04:32:35 +0000, Lewis wrote:

    > In message <XnsA1E570EBDE3B2notnovalidno@91.208.207.161>
    > baldo <> wrote:
    >> Can i find a template of a mail form working in php?
    >> html form and php-script on the webserver?

    >
    > Why?
    >
    > <mailto:> works really well. Web forms are horrible.


    +1, upvote, like etc etc etc

    Why anyone would want to piss about with form to email with all the
    attendant security risks when they can just add a mailto link escapes me.
    And yes I do know about spam address harvesting, most of which these days
    is done by hacking servers or malware reading address books.

    --
    Denis McMahon,
     
    Denis McMahon, Jun 21, 2013
    #8
  9. Beauregard T. Shagnasty wrote:
    > Denis McMahon wrote:
    >
    >> Lewis wrote:
    >>> baldo wrote:
    >>>> Can i find a template of a mail form working in php?
    >>>> html form and php-script on the webserver?
    >>>
    >>> Why?
    >>>
    >>> <mailto:> works really well. Web forms are horrible.

    >>
    >> +1, upvote, like etc etc etc
    >>
    >> Why anyone would want to piss about with form to email with all the
    >> attendant security risks when they can just add a mailto link escapes
    >> me.

    >
    > What do the two of you expect visitors to do who do not have email clients
    > installed on their computers? Those using a friend's computer; those
    > accessing from an internet cafe; or those who have no ISP address at all
    > and rely on online mail services such as Yahoo/Gmail/Hotmail? Your "mailto"
    > link is useless to all of them.


    ACK.

    --
    Christoph M. Becker
     
    Christoph Michael Becker, Jun 21, 2013
    #9
  10. baldo

    se Guest

    "baldo" <> skrev i meddelelsen
    news:XnsA1E65A18FA18notnovalidno@91.208.207.37...
    > "se" <> wrote in news:kpvp4e$jms$:
    >
    >> "baldo" <> skrev i meddelelsen
    >> news:XnsA1E570EBDE3B2notnovalidno@91.208.207.161...
    >>> Can i find a template of a mail form working in php?

    >> I use this one. Done so for quite a long time. I'm very satisfied with it
    >> http://www.jamesshuggins.com/h/hefs/huggins-email-form-script.htm

    >
    > is there something less commercial and more straightforward?


    How the hell can you talk of commercial when being on Huggins site.
    His offer is all free, except if you have problems with it and ask for his
    help.
    But a huge helpfile is included in the download.
    If you read carefully, then you will find two examples, which you can use as
    templates.:
    http://clearlaketutoring.com/contact-form.htm
    The example he use is a template of Pat Geary who uses his php-script.
    http://www.expression-web-tutorials.com/sample-contact.html
    Her templates is free - look in there by yourself. Using the templates.
    You dont have to do other than filling in names of your own.

    /se

    Using the the simple basis script-methodes as is done in this template,
    are relatively easy to arrange. The script is much more advanced.
     
    se, Jun 21, 2013
    #10
  11. baldo

    Lewis Guest

    In message <kq1drt$i4p$>
    Beauregard T. Shagnasty <> wrote:
    > Denis McMahon wrote:


    >> Lewis wrote:
    >>> baldo wrote:
    >>>> Can i find a template of a mail form working in php?
    >>>> html form and php-script on the webserver?
    >>>
    >>> Why?
    >>>
    >>> <mailto:> works really well. Web forms are horrible.

    >>
    >> +1, upvote, like etc etc etc
    >>
    >> Why anyone would want to piss about with form to email with all the
    >> attendant security risks when they can just add a mailto link escapes
    >> me.


    > What do the two of you expect visitors to do who do not have email clients
    > installed on their computers?


    Use gmail or use chrome?

    > Those using a friend's computer;


    Use gmail or use chrome?

    > those accessing from an internet cafe;


    Use gmail or use chrome?

    >or those who have no ISP address at all and rely on online mail
    >services such as Yahoo/Gmail/Hotmail? Your "mailto" link is useless to
    >all of them.


    Mailto works great with gmail with a tiny download or works right 'out
    of the box" with Chrome.

    <https://support.google.com/mail/answer/10966?hl=en>

    >> And yes I do know about spam address harvesting, most of which these
    >> days is done by hacking servers or malware reading address books.


    > ..or scanning web pages. You must obfuscate!


    No, obfuscating your email address is a complete and utter waste of time.

    For the record, I never use web forms to contact someone unless I have
    absolutely no choice (like HD warranty RMAs). If I click "Contact us"
    and see a web form and no email alternate, I close the window.

    --
    Look, that's why there's rules, understand? So that you *think* before
    you break 'em.
     
    Lewis, Jun 21, 2013
    #11
  12. baldo

    dorayme Guest

    In article <kq1lm8$sdt$>,
    "Beauregard T. Shagnasty" <> wrote:

    > Lewis wrote:


    > > ... I never use web forms to contact someone unless I have
    > > absolutely no choice (like HD warranty RMAs). If I click "Contact us"
    > > and see a web form and no email alternate, I close the window.

    >
    > Beauregard T. Shagnasty wrote:


    > Your loss, I suppose.
    >


    It is quite often a great deal of trouble to reach a company any other
    way. I have had many cases where people do not reply to other forms of
    messages, like answering machine requests, emails. There are some
    bureaucracies that are so security conscious and regimented that they
    insist on this type of communication, often after a user/password
    login to the section where the form is.

    --
    dorayme
     
    dorayme, Jun 21, 2013
    #12
  13. baldo

    Lewis Guest

    In message <kq1lm8$sdt$>
    Beauregard T. Shagnasty <> wrote:
    > Lewis wrote:


    >> Beauregard T. Shagnasty wrote:
    >>> Denis McMahon wrote:
    >>>> Lewis wrote:
    >>>>> <mailto:> works really well. Web forms are horrible.
    >>>>
    >>>> +1, upvote, like etc etc etc
    >>>>
    >>>> Why anyone would want to piss about with form to email with all the
    >>>> attendant security risks when they can just add a mailto link escapes
    >>>> me.

    >>
    >>> What do the two of you expect visitors to do who do not have email
    >>> clients installed on their computers?

    >>
    >> Use gmail or use chrome?
    >>
    >>> Those using a friend's computer;

    >>
    >> Use gmail or use chrome?
    >>
    >>> those accessing from an internet cafe;

    >>
    >> Use gmail or use chrome?
    >>
    >>>or those who have no ISP address at all and rely on online mail services
    >>>such as Yahoo/Gmail/Hotmail? Your "mailto" link is useless to all of
    >>>them.

    >>
    >> Mailto works great with gmail with a tiny download or works right 'out
    >> of the box" with Chrome.


    > So when you are visiting someone's house, you expect them to install a
    > "tiny download" from Google or install an additional browser, just for
    > you?


    Where did I ever say that?

    > And that only applies to Gmail. You forgot users of all the other
    > online mail services.


    I'm sure they have solutions as well.

    >> <https://support.google.com/mail/answer/10966?hl=en>


    >> No, obfuscating your email address is a complete and utter waste of
    >> time.


    > Well, that's totally wrong...


    No, it's not. hiding email adresses does not prevent (or even slow) spam
    unless the email address is never used by anyone for anything, and even
    then, chances are good it will receive spam.

    >> For the record, I never use web forms to contact someone unless I have
    >> absolutely no choice (like HD warranty RMAs). If I click "Contact us"
    >> and see a web form and no email alternate, I close the window.


    > Your loss, I suppose.


    How do you figure that?

    > You are also not considering (perhaps intentionally) that the web form can
    > control the data submitted with specific fields for validated response,
    > which can also be stored in a database, as opposed to a non-structured
    > email message of random text.


    Oh, I know why web monkeys love them, that has nothing to do with me. I
    do not jump through hoops designed by web monkeys./

    --
    "Reality continues to ruin my life."
     
    Lewis, Jun 22, 2013
    #13
  14. baldo

    Lewis Guest

    In message <>
    Ed Mullen <> wrote:
    > Lewis wrote:
    >> In message <XnsA1E570EBDE3B2notnovalidno@91.208.207.161>
    >> baldo <> wrote:
    >>> Can i find a template of a mail form working in php?
    >>> html form and php-script on the webserver?

    >>
    >> Why?
    >>
    >> <mailto:> works really well. Web forms are horrible.
    >>


    > Here's why.


    > When I used mailto: links on my Web sites my email addresses were in the
    > clear in the HTML. Hence, they were harvested by spammers. I got to
    > the point where I was getting 1,000+ spams a week. I had to cancel that
    > email addy.


    Then your mail admin sucks and should be replaced with someone
    competent. I have an email address that has been used constantly for
    almost 20 years now. I see almost no spam on it.

    > Munging your email in Usenet is also essential.


    Only to prevent the idiots from sending you a copy of replies.

    --
    "You've got to dance like nobody's watching." - Kathy Mattea
     
    Lewis, Jun 22, 2013
    #14
  15. baldo

    Lewis Guest

    In message <kq38kb$ve4$>
    Beauregard T. Shagnasty <> wrote:
    > Lewis wrote:


    > [snippage]
    >> Beauregard T. Shagnasty wrote:
    >>> Lewis wrote:
    >>>> Mailto works great with gmail with a tiny download or works right 'out
    >>>> of the box" with Chrome.

    >>
    >>> So when you are visiting someone's house, you expect them to install a
    >>> "tiny download" from Google or install an additional browser, just for
    >>> you?

    >>
    >> Where did I ever say that?


    > Just above. Gmail needs a "tiny download".


    Yes, I said that.

    >You would ask a friend to install it on *his* computer so you could
    >send an email to a web site?


    No, I never said that.

    --
    I know you won't believe it's true I only went with her cuz she looked
    like you
     
    Lewis, Jun 22, 2013
    #15
  16. baldo

    Lewis Guest

    In message <>
    Ed Mullen <> wrote:
    > Lewis wrote:
    >> In message <kq1lm8$sdt$>
    >> Beauregard T. Shagnasty <> wrote:
    >>> Lewis wrote:

    >>
    >>>> Beauregard T. Shagnasty wrote:


    >>>> No, obfuscating your email address is a complete and utter waste of
    >>>> time.

    >>
    >>> Well, that's totally wrong...

    >>
    >> No, it's not. hiding email adresses does not prevent (or even slow) spam
    >> unless the email address is never used by anyone for anything, and even
    >> then, chances are good it will receive spam.
    >>


    > And yet, you obfuscate your email on this newsgroup. Interesting.


    As I said, to prevent clueless people from automatically emailing me
    copies of their posts.

    --
    Penny, I'm a physicist. I have a working knowledge of the entire
    universe and everything it contains.
     
    Lewis, Jun 23, 2013
    #16
  17. baldo

    se Guest

    "Lewis" <> skrev i meddelelsen
    news:...
    > In message <>
    > Ed Mullen <> wrote:
    >> Lewis wrote:
    >>> In message <kq1lm8$sdt$>
    >>> Beauregard T. Shagnasty <> wrote:
    >>>> Lewis wrote:
    >>>
    >>>>> Beauregard T. Shagnasty wrote:

    >
    >>>>> No, obfuscating your email address is a complete and utter waste of
    >>>>> time.
    >>>
    >>>> Well, that's totally wrong...
    >>>
    >>> No, it's not. hiding email adresses does not prevent (or even slow) spam
    >>> unless the email address is never used by anyone for anything, and even
    >>> then, chances are good it will receive spam.
    >>>

    >
    >> And yet, you obfuscate your email on this newsgroup. Interesting.

    >
    > As I said, to prevent clueless people from automatically emailing me
    > copies of their posts.



    Makes no difference.


    >
    > --
    > Penny, I'm a physicist. I have a working knowledge of the entire
    > universe and everything it contains.
     
    se, Jun 23, 2013
    #17
  18. baldo

    richard Guest

    On Thu, 20 Jun 2013 22:37:29 +0200, Christoph Michael Becker wrote:

    > Am 20.06.2013 21:32, schrieb Beauregard T. Shagnasty:
    >> baldo wrote:
    >>
    >>> Can i find a template of a mail form working in php?
    >>> html form and php-script on the webserver?

    >>
    >> If you want to see how a form is done, peruse this one:
    >>
    >> <http://safalra.com/programming/php/contact-feedback-form/ >

    >
    >| Copy the code above and paste it into your contact/feedback form page.
    >
    > I'd say: don't do that, as the code uses stripslashes() (without any
    > check, if magic_quotes_gpc is On, which was removed as of PHP 5.4) and
    > eregi() (which is deprecated since PHP 5.3)--so it seems to be pretty
    > old code.
    >
    > Furthermore the script doesn't set a Content-Type header, so the mail is
    > not unlikely to be unreadable if the body contains non ASCII characters,
    > let alone that the script ignores issues with non ASCII characters at all.
    >
    >| $crack=eregi("(\r|\n)(to:|from:|cc:|bcc:)",$body);
    >
    > Shall this prevent email header injection? I'll be blowed!


    Bless you.
    For shooting down the great and mighty shitnasty.
     
    richard, Jun 23, 2013
    #18
  19. baldo

    richard Guest

    On Fri, 21 Jun 2013 21:48:38 -0400, Ed Mullen wrote:

    > Lewis wrote:
    >> In message <XnsA1E570EBDE3B2notnovalidno@91.208.207.161>
    >> baldo <> wrote:
    >>> Can i find a template of a mail form working in php?
    >>> html form and php-script on the webserver?

    >>
    >> Why?
    >>
    >> <mailto:> works really well. Web forms are horrible.
    >>

    >
    > Here's why.
    >
    > When I used mailto: links on my Web sites my email addresses were in the
    > clear in the HTML. Hence, they were harvested by spammers. I got to
    > the point where I was getting 1,000+ spams a week. I had to cancel that
    > email addy.
    >
    > I moved to using forms where my email address was NOT contained in the
    > clear in the HTML of any of my pages: It was/is hidden in the form
    > handler script, away from the bots that scarf up email addresses. My
    > spam is down to, perhaps, one or two a month.
    >
    > Munging your email in Usenet is also essential.
    >
    > There are other benefits and tricks that forms offer but that basic
    > protection is enough to warrant that one should consider moving away
    > from mailto: links.


    Hell, spammers look for emails in various forums outside of usenet.
    Then, there are those scrupulous companies who you do business with that
    will sell your email addy in a heartbeat just to make money.

    My idea is to surround the mailto: link with hundreds of fake addys.
    Just put them in a division which is hidden from view.
    As I understand it, they have to remove bad addies by hand.
    They don't want their prescious addy getting shut down because of hundreds
    of returned mail notices.
     
    richard, Jun 23, 2013
    #19
  20. On Sun, 23 Jun 2013 15:39:13 -0400, richard wrote:

    > As I understand it, they have to remove bad addies by hand.
    > They don't want their prescious addy getting shut down because of
    > hundreds of returned mail notices.


    Wrong. They don't give a damn about bad email addys in their lists, they
    don't bother doing any sort of address verification at all, and they
    don't care about bounces - most of the email is being sent by spam botnets
    anyway.

    --
    Denis McMahon,
     
    Denis McMahon, Jun 24, 2013
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Curt_C [MVP]
    Replies:
    5
    Views:
    373
    Karim
    May 19, 2004
  2. me
    Replies:
    0
    Views:
    458
  3. Tim
    Replies:
    12
    Views:
    1,296
    kchayka
    Jul 15, 2005
  4. nauticalmac

    Mail insertion hack on Send Mail form

    nauticalmac, Dec 23, 2005, in forum: ASP General
    Replies:
    0
    Views:
    285
    nauticalmac
    Dec 23, 2005
  5. Ferrous Cranus
    Replies:
    42
    Views:
    479
    Ferrous Cranus
    Sep 6, 2013
Loading...

Share This Page