mirror/PHPMailer
0
0
Fork 0
mirror of https://github.com/PHPMailer/PHPMailer.git synced 2024-09-19 17:42:14 +02:00
Code
master
PHPMailer/examples/contactform.phps

96 lines
3.5 KiB
PHP
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/**
* This example shows how to handle a simple contact form safely.
*/
//Import PHPMailer class into the global namespace
use PHPMailer\PHPMailer\PHPMailer;
$msg = '';
//Don't run this unless we're handling a form submission
if (array_key_exists('email', $_POST)) {
date_default_timezone_set('Etc/UTC');
require '../vendor/autoload.php';
//Create a new PHPMailer instance
$mail = new PHPMailer();
//Send using SMTP to localhost (faster and safer than using mail()) requires a local mail server
//See other examples for how to use a remote server such as gmail
$mail->isSMTP();
$mail->Host = 'localhost';
$mail->Port = 25;
//Use a fixed address in your own domain as the from address
//**DO NOT** use the submitter's address here as it will be forgery
//and will cause your messages to fail SPF checks
$mail->setFrom('from@example.com', 'First Last');
//Choose who the message should be sent to
//You don't have to use a <select> like in this example, you can simply use a fixed address
//the important thing is *not* to trust an email address submitted from the form directly,
//as an attacker can substitute their own and try to use your form to send spam
$addresses = [
'sales' => 'sales@example.com',
'support' => 'support@example.com',
'accounts' => 'accounts@example.com',
];
//Validate address selection before trying to use it
if (array_key_exists('dept', $_POST) && array_key_exists($_POST['dept'], $addresses)) {
$mail->addAddress($addresses[$_POST['dept']]);
} else {
//Fall back to a fixed address if dept selection is invalid or missing
$mail->addAddress('support@example.com');
}
//Put the submitter's address in a reply-to header
//This will fail if the address provided is invalid,
//in which case we should ignore the whole request
if ($mail->addReplyTo($_POST['email'], $_POST['name'])) {
$mail->Subject = 'PHPMailer contact form';
//Keep it simple - don't use HTML
$mail->isHTML(false);
//Build a simple message body
$mail->Body = <<<EOT
Email: {$_POST['email']}
Name: {$_POST['name']}
Message: {$_POST['message']}
EOT;
//Send the message, check for errors
if (!$mail->send()) {
//The reason for failing to send will be in $mail->ErrorInfo
//but it's unsafe to display errors directly to users - process the error, log it on your server.
$msg = 'Sorry, something went wrong. Please try again later.';
} else {
$msg = 'Message sent! Thanks for contacting us.';
}
} else {
$msg = 'Invalid email address, message ignored.';
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Contact form</title>
</head>
<body>
<h1>Contact us</h1>
<?php if (!empty($msg)) {
echo "<h2>$msg</h2>";
} ?>
<form method="POST">
<label for="name">Name: <input type="text" name="name" id="name"></label><br>
<label for="email">Email address: <input type="email" name="email" id="email"></label><br>
<label for="message">Message: <textarea name="message" id="message" rows="8" cols="20"></textarea></label><br>
<label for="dept">Send query to department:</label>
<select name="dept" id="dept">
<option value="sales">Sales</option>
<option value="support" selected>Technical support</option>
<option value="accounts">Accounts</option>
</select><br>
<input type="submit" value="Send">
</form>
</body>
</html>
View Git Blame Copy Permalink