53 replies [Last post]
rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

Do I need to take precautions against auto spamming when including a mailto: method? (I want it to be as easy but optimal to e-mail me a request for information.)

If so, is the strategy to assure a human interaction?

If that is so, can one simply include an image of a fuzzy number/letter combination and ask the reader in a quasi-apologetic tone to enter that number in the subject line... lest the message be lost forever in the sea of deletion? Is that utterly tasteless and ineffective?

What do web authors/developers commonly do in this situation? Thanks.

CSS n00b

Tags:
Katie
Katie's picture
Offline
Enthusiast
Seattle, WA
Last seen: 6 years 29 weeks ago
Seattle, WA
Timezone: GMT-8
Joined: 2006-08-06
Posts: 357
Points: 2

rbfree wrote:Do I need to

rbfree wrote:
Do I need to take precautions against auto spamming when including a mailto: method?

Absolutely, unless you have a very good spam filter or high tolerance for spam.

rbfree wrote:
If that is so, can one simply include an image of a fuzzy number/letter combination and ask the reader in a quasi-apologetic tone to enter that number in the subject line... lest the message be lost forever in the sea of deletion? Is that utterly tasteless and ineffective?

I think that method would be very ineffective - both for real users and spambots. I think it unlikely that a real user would notice your message, and very few would bother to enter the contents of the fuzzy image into their email since there would be no way for forcing them to do so.

Since the email address in a mailto: link is plain text, using a mailto: is a sure way to publish that email address to all the world. Even if you ignore all emails to that address, you've notified all the world of a domain through which new email addresses might be guessed. At the least, I'd only use a throw-away address and domain in a mailto: link.

rbfree wrote:
What do web authors/developers commonly do in this situation? Thanks.

The best method in this day and age is to have visitors fill out a form for sending an email. You can then process the form on the server to pass spam tests, and clean it of dangerous hack attempts. It's also effective to have your fuzzy image (commonly known as a CAPTCHA) on the page with the form, and the form is not submitted if the CAPTCHA is answered incorrectly.

Blog: Pew Pew Laser Blog
Online File Storage: DropBox
Daily Deals on Local Activities: Groupon

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

thnx, one more question

Thanks for this tip. I think I can work it out given a bit of time. Will this require server side programming, or could it be done it javascript?

In the meantime, what are your thoughts about simply making an image with my e-mail address... such that an interested person could manually jot/type it? Thnx sincerely.

CSS n00b

Katie
Katie's picture
Offline
Enthusiast
Seattle, WA
Last seen: 6 years 29 weeks ago
Seattle, WA
Timezone: GMT-8
Joined: 2006-08-06
Posts: 357
Points: 2

It would be done with server

It would be done with server side programming. PHP's send mail has always worked well for me. You should investigate what options your host provides. I don't know of a way it could be done with JavaScript.

Blog: Pew Pew Laser Blog
Online File Storage: DropBox
Daily Deals on Local Activities: Groupon

csscr
csscr's picture
Offline
Enthusiast
Last seen: 4 weeks 5 days ago
Timezone: GMT+10
Joined: 2003-03-12
Posts: 126
Points: 55

contact form

Hi rbfree,
Katie's suggestion to use a contact form is a good one. It will require server side scripting such as PHP. You should be able to get a free script somewhere to meet your requirements.

Using an image will be unaccessible to visually impared users, unless you add your email address to the alt attribute, which could then be picked up by the email harvesting bots.

Stick with a form then once you reply to their initial question they will have your email address if they need it.

dugal
dugal's picture
Offline
Enthusiast
Last seen: 13 years 37 weeks ago
Joined: 2007-08-06
Posts: 149
Points: 0

Katie wrote:It would be done

Katie wrote:
It would be done with server side programming. PHP's send mail has always worked well for me. You should investigate what options your host provides. I don't know of a way it could be done with JavaScript.

I am using a html form page that actions to a php page that contains the code

mail("[email protected]", $subject, $message, $from);

Is this enough/what you are referring to? I was curious as it is still code on the page.

Ed Seedhouse
Ed Seedhouse's picture
Offline
Guru
Victoria British Columbia
Last seen: 1 year 14 weeks ago
Victoria British Columbia
Timezone: GMT-8
Joined: 2005-12-14
Posts: 3570
Points: 675

dugal wrote: I am using a

dugal wrote:

I am using a html form page that actions to a php page that contains the code
mail("[email protected]", $subject, $message, $from);

If that's all the code you are courting utter disaster. The PHP "mail" function by itself provides no security at all. Might as well use a "mailto" link for all it helps.

Ed Seedhouse

Posting Guidelines

Watch out! I am carrying irony, sarcasm and satire, and know how to use them.

Katie
Katie's picture
Offline
Enthusiast
Seattle, WA
Last seen: 6 years 29 weeks ago
Seattle, WA
Timezone: GMT-8
Joined: 2006-08-06
Posts: 357
Points: 2

Dugal, Yeah, that's the

Dugal,

Yeah, that's the basic form. Remember that PHP code isn't exposed to the browser. I do run each of the variables through a "cleaner" function.

Blog: Pew Pew Laser Blog
Online File Storage: DropBox
Daily Deals on Local Activities: Groupon

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

There are not any hacks that

There are not any hacks that i am aware of that could be used against the mail command, php can never be seen by the end user (there is a function that you can use but only if needed - e.g for a hitcounter service). Your email will never be seen.

Chris..S
Chris..S's picture
Offline
Moderator
Last seen: 9 years 35 weeks ago
Timezone: GMT+1
Joined: 2005-02-22
Posts: 6078
Points: 173

benracer wrote:There are not

benracer wrote:
There are not any hacks that i am aware of that could be used against the mail command, php can never be seen by the end user (there is a function that you can use but only if needed - e.g for a hitcounter service). Your email will never be seen.

This is a problem. You're quite possibly assuming your knowledge in this area is better than it is.

The PHP mail() function performs no parameter checking and it conforms closely to the SMTP specification. It is possible to pass multiple SMTP header fields in the fourth parameter field. This is by design. However it can allow a malicious user to take advantage of poor input filtering to send the contact email to thousands of recipients when the fourth parameter is used for a "From:" field. If you do intend to pass the user submitted email address as the "From:" you must filter the input to ensure you have a single, conforming email address.

There are at least two threads on this forum which discuss contact form mailers in some detail. There is also plenty of information on the internet of PHP vulnerabilities including what can happen when using the mail() function.

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

stop gap

Thanks for the above. I'll have to break my solution into short and medium-term.

For the short term, I'll use the image approach. In general, as my telephone number will be on the page, I will be somewhat accessible to visually impaired readers. I hope to get the page up by February (looks feasible).

In the medium term, I plan to start learning about PHP in February. I have a task in the interim that will require some javascript and then I'll dive into PHP, which I need to do for other reasons. Eventually, most of my applications will be server side, as that's the nature of what I want to get done. With a basic understanding of PHP, I can implement the above and know about what I'm doing.

Thanks again for helping me learn this stuff -- rbfree

CSS n00b

Ed Seedhouse
Ed Seedhouse's picture
Offline
Guru
Victoria British Columbia
Last seen: 1 year 14 weeks ago
Victoria British Columbia
Timezone: GMT-8
Joined: 2005-12-14
Posts: 3570
Points: 675

benracer wrote:There are not

benracer wrote:
There are not any hacks that i am aware of that could be used against the mail command, php can never be seen by the end user (there is a function that you can use but only if needed - e.g for a hitcounter service). Your email will never be seen.

That you are not aware of the problems doesn't make them go away or cease to exist. It does make you somewhat more likely to get gulled into a big security breach, though.

Every book I have read on PHP that mentions the "mail" function warns against it's insecurity.

Ed Seedhouse

Posting Guidelines

Watch out! I am carrying irony, sarcasm and satire, and know how to use them.

gary.turner
gary.turner's picture
Offline
Moderator
Dallas
Last seen: 1 year 12 weeks ago
Dallas
Timezone: GMT-6
Joined: 2004-06-25
Posts: 9776
Points: 3858

benracer wrote:There are not

benracer wrote:
There are not any hacks that i am aware of that could be used against the mail command, php can never be seen by the end user (there is a function that you can use but only if needed - e.g for a hitcounter service). Your email will never be seen.

In case you're interested, see email injection - secure php.

cheers,

gary

If your web page is as clever as you can make it, it's probably too clever for you to debug or maintain.

Hugo
Hugo's picture
Offline
Moderator
London
Last seen: 7 years 20 weeks ago
London
Joined: 2004-06-06
Posts: 15668
Points: 2806

Benracer you clearly do not

Benracer you clearly do not do enough googling and studying, never assume that 'as far as I'm aware' is a safe bet for proceeding on. If you're going to use server side scripting be damned sure you know what your doing and the absolute first port of call is security and vulnerabilities, before you go about uploading unsafe scripts to the net. This is an issue of responsibility. scripting/programing has many dangers especially if you are uploading to shared hosting where you could stand to put everyone at risk, with the mail function you stand to add to the general problems that beset email in general across the internet.

Before you make your first post it is vital that you READ THE POSTING GUIDELINES!
----------------------------------------------------------------
Please post ALL your code - both CSS & HTML - in [code] tags
Please validate and ensure you have included a full Doctype before posting.
Why validate? Read Me

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

Yes, There are problems with

Yes, There are problems with the headers being passed and you can even put it in a loop to send spam but can anyone confirm if the smtp server can be hacked - like in MySQL where an escape is needed to prevent user access.

Chris..S
Chris..S's picture
Offline
Moderator
Last seen: 9 years 35 weeks ago
Timezone: GMT+1
Joined: 2005-02-22
Posts: 6078
Points: 173

The MySQL problem is the

The MySQL problem is the same as the mail() problem. A user being able to specifically craft the data submitted by a form to subvert the server script. In MySQL you need to process the user input to ensure it can be safely added as data in your SQL statements, this normally means escaping any single quotes. In contact forms it normally means rejecting any data for the from & subject fields that include new lines. And while you're at it any user data echoed back to the browser needs to be filtered for <, > and possibly quotes to prevent cross-site scripting.

dhaynes
dhaynes's picture
Offline
Regular
Midwest, US
Last seen: 13 years 49 weeks ago
Midwest, US
Timezone: GMT-4
Joined: 2007-05-20
Posts: 38
Points: 0

csscr wrote:Hi

csscr wrote:
Hi rbfree,
Katie's suggestion to use a contact form is a good one. It will require server side scripting such as PHP. You should be able to get a free script somewhere to meet your requirements.

Using an image will be unaccessible to visually impared users, unless you add your email address to the alt attribute, which could then be picked up by the email harvesting bots.

Stick with a form then once you reply to their initial question they will have your email address if they need it.

Regarding using a contact form I've been using this contact form for a while now. It's been around for a long time, has several advanced features, and is constantly updated.

Need a Wordpress site? I'm your guy.

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

thanks dhaynes and all

Thanks for the contributions!

CSS n00b

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

is this mailto encrypter beneficial?

Again, thanks for the above. I looked through DHaynes' suggestion but realize that I need to have php under my belt before I work with that solution. (Learning some php is definitely a priority for me ASAP.)

So, I've been looking at some other stop-gap options. I've found a utility on-line that merely scrambles the (my) e-mail address to hex code.

In the context of what I'm doing (a simple web site will have no forms -- merely a simple informational description of a small-business) does this seem like a reasonable approach? If not reasonable, tolerable?

EDIT: Also, would the above approach work if I included subject box content and filtered out all messages without that content in the subject box?

CSS n00b

Hugo
Hugo's picture
Offline
Moderator
London
Last seen: 7 years 20 weeks ago
London
Joined: 2004-06-06
Posts: 15668
Points: 2806

For the moment then you

For the moment then you could try this jQuery plugin which gets you to write an address in the form of a 'me at example.com' the script then reads this and defustcates it into a clickable link, it's not fool proof but then none of these techniques are

Before you make your first post it is vital that you READ THE POSTING GUIDELINES!
----------------------------------------------------------------
Please post ALL your code - both CSS & HTML - in [code] tags
Please validate and ensure you have included a full Doctype before posting.
Why validate? Read Me

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

disregard, edited wrong message

Thanks again, Hugo. The more I look into this whole spam issue the more complex and developed I realize it is. I would guess that, on the whole, all this spam erodes efficiency in the larger internet. It's ubiquitous and uses resources.

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

The encode is needed as

The encode is needed as people can build bots that crawl your site for the mailto tag, your email is usually sold on to a 3rd party and you receive endless spam. You could use this...

Where the contsct form would go...

Name:
Subject:
Message:

Create a page called email.php

<?php $name = $_POST['name']; $subject = $_POST['subject']; $message = $_POST['message'];

$message = "This message is from {$name}. " . $message;

mail("[email protected]",$subject,$message);

header("location:index.php");
?>

jinoturistica
Offline
Enthusiast
Jinotega, Nicaragua
Last seen: 14 years 13 weeks ago
Jinotega, Nicaragua
Timezone: GMT-6
Joined: 2007-11-16
Posts: 152
Points: 0

mail options

There are 2 options for mail from an unknown user.
1) contact form - user fills in a HTML page, your server cleans it of injection attacks, your server sends it to you
2) and form of mailto. You pass your email address to the user and their email system sends whatever they type direct to you.

Under option 1), you have no idea of the validity of their email address because, to the browser and your server, its just another HTML field.

Under option 2) you have an idea as to their email address (they may lie to you!) but at the cost of exposing your own email address.

At the cost of losing your non-javascript users, you can document.write the mailto: tag. Most web crawlers don't activate javascript and will not see it.

Putting your 'contact us' page under a no-follow link will also cut down on spam.

Only permitting registered users to contact you is the best way IMHO. "We have sent an email to your yahoo account, please reply to that message..."

Just doin' my best at www.jinotega.com
Tony Robins

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

thanks again

Thanks Tony and benracer. Much to mull over on this thread.

CSS n00b

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

would this work with a contact me link instead of my e-mail

Could I somehow incorporate this script to use a link that merely says "E-mail us" (or something) rather than my e-mail address? What would my strategy be?

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

EDIT

EDIT - Duplicate post

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

I would recomend phpbuilder

I would recomend phpbuilder forum for any help with server side languages.

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

this php form will not validate

EDIT: My misunderstanding. With some p elements added, no problem.

BenRacer,

This form seems to drive my xhtml validator crazy. Have you tried to validate this?

CSS n00b

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

last clarification

Hugo or others, can you help me understand this instruction from the
http://plugins.jquery.com/project/defuscator
page? How do I "run" the defuscate(_) function? Does "elements containing obfuscated email addresses" refer to the anchor tag that contains my mail-to href? Do I surround the element with script tags? Embed them?

Include the plugin and run the .defuscate() function on the elements containing obfuscated email addresses:

$('p').defuscate();

Thanks yet again. If I can get this last little step, I'm done with this site and I can go back to the learning trenches and start getting a handle on scripting.

Here's the preceding passage.

Obfuscate


For this plugin to defuscate email addresses, you first have to obfuscate them. This is very easy. Instead of writing , you write:
name(put the 'at' sign here)example.com


What goes into the paranthese is up to you. You can even do:
name(replace this paranthese with the 'at' sign to get my email address)example.com


The Defuscator will recognize the obfuscated email address and defuscate it. This also works on mailto links such as:
Email me
Defuscate


Include the plugin and run the .defuscate() function on the elements containing obfuscated email addresses:
$('p').defuscate();

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

You can create the form any

You can create the form any way, all thats needed is to name the inputs to message, name, subject. It needs to post and the action must direct to the email.php, what is the url of were you have this.

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

thanks

Thanks for the follow-up BenRacer. How could I test this approach if my site is off-line (merely on my computer, no server)? Don't I need to have the webpage served on-line?

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

idealy yes but php can be

idealy yes but php can be installed on your local machine.

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

this yields a strange result

When I insert a script within the anchor element, I get as strange result -- an email with this text in the "to" box (with my e-mail name ):

put the 'at' sign here

and this is followed by a space and then



So, the script apparently inserts the text within the parens and also the email address... but without the at symbol.
That seems rather strange. What am I doing wrong?

:?

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

what exactly do you need? is

what exactly do you need? is this site ever going to be live?

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

yes

I'm trying to test your solution on my page to see if I have it right. However, I realized that since it's not online yet then there is no php server. I'd prefer to have it working before it goes on-line

As soon as I have this task done, I'll go on-line with it. Yahoo.

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

In my opinion it would be

In my opinion it would be worth paying the little price to get your site properly hosted. Then if you ever expand to a shopping cart/ecommerce or the need for serverside languages or this may be difficalt. I would reccomend servage as i have been with them for a long time. http://www.servage.net/?coupon=CUST32535

Chris..S
Chris..S's picture
Offline
Moderator
Last seen: 9 years 35 weeks ago
Timezone: GMT+1
Joined: 2005-02-22
Posts: 6078
Points: 173

Start by getting the *MP

Start by getting the *MP stack for your machine. Its available for Windows (WAMP, WAMPP or WIMP), Linux (LAMP) or OSX (MAMP). Search about a bit to make sure the package comes with an installation routine that matches your level of tinkering. I don't think they are all click and go, but some are.

As benracer says, hosting is cheap. There are plenty of hosts that provide PHP, MYSQL and plenty of other extras in hosting packages of less than $5/month.

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

yes

Yes, I think that would be wise (the web hosting) and I'll do some research on the *MP stack of which I'm ignorant. I'm just getting into some reading right now on web hosting beyond the little I've already read. I hope to do get a host service in the next couple of days. (Monday is my target.)

I'd like to get the javascript jquery solution first, however, so I know that I'm somewhat protected before I actually go on-line. Can anyone guide me through that? I just need to know how to connect the contact me link on my page with the javascript function in the .js file. (Ack.)

BTW, "yahoo" above didn't refer to the search engine but to the state of elation I'll experience when I finally have this site on-line, the maiden voyage.

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

The only problem with js is

The only problem with js is that many users have it disabled, most do not know it as their anti virus/spyware blocker disables it.

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

that is a problem

Yes, I've been reading that js can be a problem in that regard. How big of a problem do you suppose that is (in terms of proportion)? Though I'd like to have something there at least long enough to get the php script correctly installed I don't insist. If I can't get it handled by Monday, then I suppose I'll either disable contact mail or leave it mail:to and get on the php approach. Any opinion on which way would be best in that regard? In any case, many thanks.

CSS n00b

reprieve
Offline
newbie
Last seen: 13 years 46 weeks ago
Joined: 2008-01-27
Posts: 10
Points: 0

try these

http://www.emailmeform.com/

(quote from website)
No Special Server requirements Your web hosting server does not need to be able to run scripts, our powerful server process the form submission, sends you an email with the information and then redirect the visitor to your thank you web page, without the visitor knowing he left your web site. Because of this, our forms are working on any kind of web hosting account.

and
http://www.contactify.com/
(quote from website)
People click on it, they can send you a message. And YOU, never reveal your email address. Reduces spam. Guards your privacy. Keeps you contactable.

and, a bit of advice:

When setting up the form (either place) keep this in mind: you can set up a 'disposable' email contact address. In this manner: set up the contact form, the email, then put an automatic forward on THAT email (at your webhost email location) to another address which you will use in making your reply to whomever contacts you. This address can be same domain .... most webhosts allow more than one email address.

That way, if you ever have to change the email address on your website contact form, you can do so quite invisibly without disturbing anyone .... they'll never know, and what they have for you in their address book doesn't change. Just don't forget about the forwarding to an address you actually use.

I also recommend that people do not use the same email contact address in their advertising, business cards, letterheads, etc. as they have on their website. Website email contact addresses can be changed so much more easily ... especially when used with the forwarding technique.

reprieve

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

thanks (for the) reprieve

Thanks so much. I'll give these a try. As noted, once I get this baby site on-line, I'll get back to reading and grasping. (I seem to be learning slower than I figured... but still learning, nonetheless.) Again, thanks. rbfree

CSS n00b

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

will this script work if

Benracer or others, will the above php script work if I change the form so that "name:", "subject:", and "message:" are the text values for label elements (so I can apply style rules)?

Likewise, will it be a problem using a text area element instead of an input element?

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

with all php text (strings)

with all php text (strings) must be in quotes, most of the time using double will work, when a variable/input is used no quotes are needed. So where there is this ...

$_POST['message'];

change it to ...

"my hard code text";

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

could you clarify?

BenRacer, thanks again. Could you tell me if I understand you correctly? Am I replacing this entire clause?

$subject = $_POST['subject'];

And, what is "my hard code text"? Am I right in thinking that it's the all the text and coding in the (label) element, including the text value between beginning and end tags? So this code in the html doc...

Subject:

would translate to this line in the php doc $subject = " Subject:"; ?

Another question. Since most of what I plan to do will relate to serving data (in the medium term future), would you recommend spending time with php and skipping javascript?

CSS n00b

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

do I need single quots for nested text?

In cases like below, using php, do I need to have "yoursubject" and "fixedwidth" in single quotation marks?

$subject = "Subject:";

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

Ok, The subject that would

Ok,
The subject that would be provided in the form would appear in the header of the message. The php mail() function does that for you. The variable $subject contains the text that was inserted in to the text box. If you post exactly what you want the email to look like and contain i will write and annotate the script for you Smile.

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

thanks and I'd be happy to help with

Thanks for the generous help, BenRacer. I'd be happy to offer service in return, also. If you need proofreading or galley editing, I'd be happy to help you out... whether sentence level (grammar, punctuation, whatever) or structural/organizational editing.

I have lots of experience writing reader-based documents... and lots more tutoring and teaching technical writing and basic comp to undergrad and grad students and business people (usually working on business plans).

As far as the php is concerned, I'd like to fill the subject heading with a simple message, like:
"A comment or request for information"

The message could be blank, but for the purposes of my figuring this stuff out, I'd like to include something like,

"Dear Comprehensive Forestry,

Can you please send me more information?"

BTW, I've put up my index page and about us page to test out the php as currently written. The url is
http://comprehensiveforestry.com/

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

- This would work,

Smile - This would work,

<?php
$name = $_POST['yourname'];
$subject = $_POST['yoursubject'];
$message = $_POST['yourmessage'];

$message = "This Message Is From {$name}. \r\n" . $message;

mail("[email protected]",$subject,$message);

header("location:index.php");
?>

.. for the contact us form on your site.

[email protected]

rbfree
Offline
Enthusiast
Last seen: 12 years 50 weeks ago
Timezone: GMT-7
Joined: 2007-12-19
Posts: 124
Points: 0

got this error

Thanks for the script.

I got this error:

Warning: Cannot modify header information - headers already sent by (output started at /home/compreh1/public_html/phpscripts/email.php:3) in /home/compreh1/public_html/phpscripts/email.php on line 12

Can you help me translate this statement? What's HAL saying here?

In any case, this little temporary obstacle (elevated to minor headache) has helped me to realize how much I need to get the basics of scripting. (It'll take months, but way back when I had fun learning elementary FORTRAN and BASIC.)

For now, the various responses on this thread and those on some other threads but dealing with the same matter all have me convinced that the form approach is preferable and it has me yet more curious. I need to go poke around some more.

In any case, the web site is up, minus the contact functionality, and it seems to be working. Thanks so far.

CSS n00b

benracer
Offline
Regular
Last seen: 13 years 36 weeks ago
Joined: 2008-01-17
Posts: 27
Points: 0

We will get it working, this

We will get it working, this error usually means that you are trying to redirect but content has been sent to the browser. Have email.php just contain the script i provided. Then where it says "header("location:index.php"); change index.php to a page that has email sent ect.