Zentyx

Zenguy's Email Script

Today we are going to create an email script to help stop those rotten email bots.
We will code 3 pages. contact.php (email form), contact2.php (action to the form),
and finally contact3.php (email validation).

contact.php

Notice the following line from the above code.
<input type="text" name="email" style="display: none;" value="bots are bad">
This is one of two ways to trick the bots.
This field is what the bots automatically fill in.
So by using style="display: none;" the user never
sees or fills in the field called email, but the bot will.
So as long as this field does not change we are good.

This brings us to the second way to trick the bots.
Our fields in the form will have some random names instead
of the usual email, subject, comments etc.
We are using 4 fields to fill this form that have random field names.
1. Name with a random field name of tt765tt.
2. Email with a random field name of oo456oo.
3. Subject with a random field name of ww908ww.
4. Comments with a random field name of mm657mm.

  <tr>
    <td width="141" align="right">Your name: </td>
    <td colspan="2"><input type="text" name="tt765tt" size="20" value=""/>*</td>
  </tr>
  <tr>
    <td align="right">Your email: </td>
    <td colspan="2"><input type="text" name="oo456oo" size="20" value=""/>*</td>
  </tr>
  <tr>
    <td align="right" >Subject: </td>
    <td colspan="2"><input type="text" name="ww908ww" size="20" value=""/>*</td>
  </tr>
  <tr>
    <td align="right">Comments: </td>
    <td width="199"><textarea name="mm657mm" rows="8" cols="30" value=""></textarea></td>
    <td width="140">*</td>
  </tr>
  <tr>
    <td colspan="2"> <input type="submit" name="submit" value="Send Email" /></td>
  </tr>
  </form>
</table>

Our first page is done :)

Next we need to make the action to our form.
The 1st part of this page we are going to check 4 things.
1. Was the field called email changed?
2. Is the posted email valid? (code shown later in tutorial)
3. Was there a post from the form? (or did someone link directly?)
4. Check to make sure all the "good" fields were filled in.

contact2.php

<?PHP

// 1st check
if (!$_POST['email'] == "bots are bad")
{
// If the hidden field "email" has been changed from bots are bad...it's a bot,
// (Remember our 1st trick from the contact.php?)
// terminate execution of the script.
exit();
}else{
// The field was not changed, on with the next check.
}

// 2nd check
include 'contact3.php';
// This is the function to validate the email.
// The code is displayed further in the tutorial.
// We need to include the page that will validate the posted email.
// Also use the trim() function to clean up any spaces from each end.
$email = trim($_POST['oo456oo'])
if(!validateEmail($email))
{
// If the email is not a valid one, send an error message.
echo "<center><p> </p>";
echo "Not a valid email address.<br />";
echo "<a href=\"contact.php\" title=\"Back\">Back</a></center>";
// terminate execution of the script.
exit();
}else{
// The email looks good, on with the next check.
}

// 3rd check
if (!$_POST['submit'])
{
// User has come to this page wrongfully, they did not post from contact.php.
echo "<center><p>Error!</p>";
//************** Edit below if need be**************//
echo "<a href=\"index.php\" title=\"Back\">Back</a></center>";
// terminate execution of the script.
exit();
}else{
// The user is here correctly, let set some variables from the form.
}

// Set your users info from the previous form.
$name = $_POST['tt765tt'];
$email = $_POST['oo456oo'];
$subject = $_POST['ww908ww'];
$comments = $_POST['mm657mm'];

// 4th check
if ($name == "" OR $email == ""OR $subject == "" OR $comments == "")
{
// If certain fields are empty send an error message.
echo "<center><p>You forgot a mandatory field.</p><br>";
echo "<a href=\"contact.php\" title=\"Back\">Back</a></center>";
// terminate execution of the script.
exit();
}else{
// All fields have some text
}

If everything passes the 4 previous checks we are good to send the email.
So we now need to set a few things.
Make sure you change $my_email = "YOUR_EMAIL_HERE@YOUR_EMAIL.com";
to your own email.
Plus set the time and date to show when the email was sent to you.

contact2.php continued.

//Change YOUR_EMAIL_HERE@YOUR_EMAIL.com to your email.
$my_email = "YOUR_EMAIL_HERE@YOUR_EMAIL.com";
// Set date and time
$today = date("m.d.Y");
$time = date("H:i:s");

Now we have to display all the info that is being sent.
From the next block below, everything between the PHP tags is assigned to the variable $message
We are implimenting all the variables we set in the above block of code.

contact2.php continued.

// Make a nice looking layout for the email
$message =
"Message sent: $today at $time:\n\n".
"From: $name\n".
"Email: $email\n".
"About: $subject\n\n".
"--------------------------- COMMENTS ---------------------------\n\n".
$comments.
"\n\n--------------------------------------------------------------------------\n\n";
// Send the email
mail($my_email, $subject, $message, "From: $name <$email>");
?>

<table align="center" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td align="center">Thank you for your inquiry, your email has been sent.</td>
  </tr>
</table>

Notice the following line from the above code.
mail($my_email, $subject, $message, "From: $name <$email>");
The mail() function allows you to send mail.

Our second page is done :)

Now we need to code out the email validation page.
This is to make sure the email is real.
contact3.php

<?PHP
function validateEmail ( $email )
{
// Create the syntactical validation regular expression
$regexp = "^([_a-z0-9-]+)(\.[_a-z0-9-]+)*@([a-z0-9-]+)(\.[a-z0-9-]+)*(\.[a-z]{2,4})$";// Presume that the email is invalid
$valid = 0;// Validate the syntax
if (eregi($regexp, $email))
{
list($username,$domaintld) = split("@",$email);
if (getmxrr($domaintld,$mxrecords))
$valid = 1;
} else {
$valid = 0;
}return $valid;}
?>

Thank you for checking out my tutorial.
I hope it helps you...Zenguy
Link to code only