• View
• Edit
• History
• Attach
• Print
• Backlinks

Mailform3

Questions answered by this recipe

Is there a way to have a wiki page process a mail form (e.g. a Contact Me form) and report status / errors back on the same wiki page?
Is there a simple way to have a mail form that blocks certain IP addresses (people who have spammed me in the past)?
Can you think of another way to do a mail form than the two previous ones in this Cookbook? (MailForm, Mailform2)

Description

A single page mail form with feedback

This "Contact Me" form uses a per-page configuration file (in pmwiki/local) and the conditional markup and form markup built into PmWiki.

First, to create a "Contact Me" form in Main, use something like this example Main.ContactMe.phpΔ script, and put it in the appropriate local directory (e.g. for a standard installation of PmWiki, it goes in pmwiki/local). In this script, you will need to change the email address to receive the email, and you may wish to modify the feedback messages. If you are going to put the form on a page other than Main/ContactMe, then change the name of the script file accordingly.

This script has the capability to block users from specific IP addresses from sending you emails. Defaultly, no IP addresses are blocked, you have to maintain that list within the script. To assist you, the IP address of the user is appended to the message they entered before the script sends the email to you.

Next, create a Main/ContactMe wiki page containing something like this example Main.ContactMe.txtΔ source. Customize the introductory/explanatory text on that wiki page and you're done! You should now have a ContactMe page on your site that allows visitors to send an email to the address you specified in the local/Main.ContactMe.php script.

Notes

You will probably want to make sure this page is password-protected or otherwise not freely available for the world to edit. Not that there is any security risk (since all the real work is done in the local script), just that someone could easily break your form.

The script allows the user to use standard HTML tags to format the message. However, the script disables several tags (e.g. <script>, <img>) that could be security threats before sending the email by replacing the tags with non-HTML (so you can see what the user tried to do to you). You can easily disable HTML entirely by changing the "Content Type" setting appropriately, and then you could eliminate the lines in the script where the "dangerous" tags are disabled.

Clarification about the Subject line

The subject line for the mail message is the text assigned to the $re variable in the PHP script. The information from the "subject" checkboxes on the input form is appended to the end of the body of the email (just after the sender's IP address), via the $lsubject variable.

If you wish to add a Subject text input to your form (in place of the checkboxes), I would strongly advise making sure the contents of that input undergo the same HTML processing that the body of the email is given (to prevent attempts by the user of the form to put "bad" or "evil" HTML content in the subject line).

Personally, I would also suggest that you use the $lsubject variable to receive the contents of that HTML-sanitized text -- i.e. so that what the user types in as the subject only shows up at the bottom of the email message; and not among the subject lines displayed in your inbox. Other than the obvious aversion to offensive subject lines, I prefer the canned subject line so I can automatically filter the incoming "ContactMe" email into it's own special folder in Thunderbird/Outlook/etc.

Release Notes

03 Sep 2006 --- updated Main.ContactMe.php to enable specification of partial IP addresses to block. If the IP address in the BlackListIP array is "192.168.1." then any IP address beginning with 192.168.1. will be blocked.

Comments

Sept. 23, 2006 I love this recipe, and for the most part it works great, but I have run into a Spam problem. I receive the e-mails but they do not include the senders ip address as promised. The bottom of the e-mail reads:

<hr>Sender's IP address:

Please help! I am using the default configuration with version 2.1.26 of PmWiki. Profiles/MattKemple

Thanks for this recipe, I love the inpage success message. I also solved the IP issue message. On a Linux Apache system $REMOTE_ADDR isn't working Both occurrences in the script should replaced with: $_SERVER['REMOTE_ADDR'] Then things work as expected.

Have fun, Bart October 06, 2006, at 10:17 AM

Bart, Thanks for the help this seems to have remedied the problem. -Matt Oct. 19, 2006

UPDATE 05 AUG 2007 I have uploaded a slightly modified version of the PHP file which takes care of the REMOTE_ADDR problem. TonyColley

Hello, well, I tried mailform, 1, 2, 3, and I am not completely satisfied...

I can't code in php, so if somebody can help me and contribute for the community with a mailform4 it should be fine!-)

What I would like is: a mailform4.php which allows to create a free form with as much form fields as needed. By example, if the user needs 3 fields or 10 fields mailform4 will take in account these 3 or 10 fields and send all the informations to the mailformaddress.

I give an example of php script which does what I describe above and works fine in html context (but don't in wiki context). If this can inspire the future contributor... Thanks!!!

<?php
$TO = "your@emailaddress";
$h = "From: " . $TO;
$message = "";
while (list($key, $val) = each($HTTP_POST_VARS))
{$message .= "$key : $val\n";}
mail($TO, $subject, $message, $h);
Header("Location: http://yourdomain/result.html(approve links)");
?>

If this script can manage too hidden variables (for sending informations about the origin and purpose of the form), and if a simple test can block the sending when a field is empty, all should be great!

How can one add more message fields, e.g. for a support-request form (Message-detail, Message-options, etc)? Thanks, JanBrejcha

            $laddress = $_POST["address"];
            $ltelephone = $_POST["telephone"];

            $bd .= "\nAddress: ".$laddress;
            $bd .= "\nTelephone: ".$ltelephone;

            ||Address:||(:input textarea name="address" rows="5" cols="50":)||
            ||Telephone:||(:input text name="telephone" size="50":)||

Adding a Spam bot protection using PM's Captcha receipe

I like this mailform a lot. When I found PM's Captcha receipe I thought that it would be nice to use it in this mailform, which can be done easily in a few steps:
Download captcha.php, copy it into the cookbook/ directory, and include it in your 'local/config.php' as described in PM's receipe. (The $EnablePostCaptchaRequired is not required here.)
In the Main.ContactMe.php you insert the following after line 75

 else if (!IsCaptcha()) {
   $msg = "Empty or wrong code. ";
   $snt = "false";
   $frm = "true";
 }

and in the Main.ContactMe.txt you replace line 29 || (:input submit value="Send Message":) ||||
by
||Enter code: {$Captcha} (:input captcha:) (:input submit value="Send Message":) ||||
That is all, now it should work fine.

But I have also a question: Is it possible to keep the message text? When I hit the send button and the mail was for some reason not sent, the name and the mailadress I typed reappear in their forms, but the message form is empty.

FH February 14, 2008, at 06:09 AM

Fabrizio February 23, 2009,

I tried this using Mailform3 following all the instructions but it does not work

See Also

• MailForm
• Mailform2

Contributors

TonyColley August 31, 2006, at 03:57 PM (created)