I am working a site for a client and I am a newb to web design and development... so talk slowly and at like a 3rd grade level.

So, I am trying to make an email form - I have designed the form in HTML on my contact page http://gscapedesign.com/contact_us.html

I also created a php file - email_form.php (which I have no idea what I did there... I "hacked" from a tutorial and inserted what I thought was right and relevant to my situation). That said, when the form is completed, an error message comes up reading Parse error: syntax error, unexpected T_CONCAT_EQUAL in /home/content/95/8124395/html/email_form.php on line 17

<?php
$to = "josh@gscapedesign.com";
$subject = "Greenscape Customer Inquiry";
$message = "Customer name: " . $_POST['name'] . "\r\n" .
"Phone number: " . $_POST['phone'] . "\r\n" .
"Email: " . $_POST['email'] . "\r\n" ."\r\n" .
"Contact: " . $_POST['contact'] . "\r\n" ."\r\n" .
"Services: " . $_POST['landscape design and construction'] . "\r\n" .
"Services: " . $_POST['hardscape design and construction'] . "\r\n" .
"Services: " . $_POST['grounds maintenance'] . "\r\n" .
"Services: " . $_POST['irrigation and drainage systems'] . "\r\n" .
"Services: " . $_POST['lighting'] . "\r\n" .
"Budget: " . $_POST['budget'] . "\r\n" .

$from = $_POST['email'];
$headers = "From: $from" . "\r\n";
$headers = .= "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;
mail($to,$subject,$message,$headers) ;
?>

Any pointers???

Can you please post your code?

Did you need the html or php?

Or did you need something else?

Sorry I'm such a newb... I'm stumbling through all these languages.

<form action="email_form.php" method="post" name="contact_gscape" id="contact_gscape">
<span id="sprytextfield1">
<label for="name"><span class="form_text">Name</span></label>
<input type="text" name="name" id="name" />
<span class="textfieldRequiredMsg">A contact name is required.</span></span>
<br />
<span id="sprytextfield2">
<label for="phone" class="form_text">Phone Number</label>
<input type="text" name="phone" id="phone" />
<span class="textfieldRequiredMsg">A phone number is required.</span><span class="textfieldInvalidFormatMsg">Please enter a valid phone number.</span></span>
<br />
<span id="sprytextfield3">
<label for="email" class="form_text">Email</label>
<input type="text" name="email" id="email" />
<span class="textfieldRequiredMsg">An email address is required.</span><span class="textfieldInvalidFormatMsg">Please enter a valid email address.</span></span>
</p>
<span id="contact">
<label for="label">What is the best way to contact you?</label>
<select name="contact" size="1" id="contact">
<option value="Phone">Phone</option>
<option value="Email">Email</option>
</select>
<span class="selectRequiredMsg">Please select an item.</span></span>
</p>
<span class="form_text">What Greenscape services would you like to know more about?</span>
<br />
<label>
<input name="landscape design and construction" type="checkbox" id="landscape design and construction" value="landscape design and construction" />
<span class="form_text">Landscape Design &amp; Construction</span></label>
<br />
<label>
<input name="hardscape design and construction" type="checkbox" id="hardscape design and construction" value="hardscape design and construction" />
<span class="form_text">Hardscape Design &amp; Construction</span></label>
<br />
<label>
<input name="grounds maintenance" type="checkbox" id="grounds maintenance" value="grounds maintenance" />
<span class="form_text">Grounds Maintenance</span></label>
<br />
<label>
<input name="irrigation and drainage systems" type="checkbox" id="irrigation and drainage systems" value="irrigation and drainage systems" />
<span class="form_text">Irrigation &amp; Drainage Systems</span></label>
<br />
<label>
<input name="lighting" type="checkbox" id="lighting" value="lighting" />
<span class="form_text">Lighting</span></label>
</p>
<span class="form_text">What is your budget?</span>
<label for="budget"></label>
<select name="budget" id="budget">
<option value="level1">$0 - $500</option>
<option value="level2">$501-$1000</option>
<option value="level3">$1001-$5000</option>
<option value="level4">$5000+</option>
</select>
<span class="selectRequiredMsg">Please select an item.</span></span>
</p>
<span id="sprytextarea1">
<label for="other" class="form_text">Anything else?</label>
<br />
<textarea name="other" id="other" cols="45" rows="2"></textarea>
<span class="textareaRequiredMsg">A value is required.</span></span><br />
<input name="Submit" type="submit" value="Email Us" />
</form>

Sorry, I meant the PHP.

Your syntax error is on this line:


$headers = .= "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;



You put "= .=" by accident. It should only be ".=".

Change that line to this:


$headers .= "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;


And you should be fine.

It did indeed!!! THANK YOU!

I have more questions - if y'all don't mind. When the company receives the emailed form this is what they get

Customer name: Katie Rogers
Phone number: 1-555-555-5555
Email: katiebugla@yahoo.com

Best way to contact: Phone

Services:
Services:
Services:
Services:
Services: lighting
Budget: level1


I would like it to just display the services people selected (please see page for reference http://gscapedesign.com/contact_us.html)

Thoughts??? Thank you!

Create an array with each POST value, looping through them and checking if they're filled out should work.



<?php
$to = "josh@gscapedesign.com";
$subject = "Greenscape Customer Inquiry";
$message = "Customer name: " . $_POST['name'] . "\r\n" .
"Phone number: " . $_POST['phone'] . "\r\n" .
"Email: " . $_POST['email'] . "\r\n" ."\r\n" .
"Contact: " . $_POST['contact'] . "\r\n" ."\r\n";

$field = array('landscape design and construction', 'hardscape design and construction', 'grounds maintenance', 'irrigation and drainage systems', 'lighting', 'budget');

foreach($field as $f) {
if($_POST[$f] != '' && isset($_POST[$f])) {
$message .= "Services: ".$_POST[$f]."\r\n";
}
}

$message .= "Budget: " . $_POST['budget'] . "\r\n" .

$from = $_POST['email'];
$headers = "From: $from" . "\r\n";
$headers = "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;
mail($to,$subject,$message,$headers) ;
?>

Thank you JShor, you have been a tremendous help... I owe you!

Glad to help.

Since this issue is now resolved, please mark the thread as Resolved to communicate to other members that this is no longer pending.

So, it didn't seem to work - also, something I am noticing is that even if someone clicks on Landscape Design and Construction AND Lighting, only lighting shows up in the email...

Actually, if I didn't hit lighting this shows up (along with what I had before)


Services: $0 - $500
Budget: $0 - $500

I apologize for being a pain in the ass.

<?php
$to = "josh@gscapedesign.com";
$subject = "Greenscape Customer Inquiry";
$message = "Customer name: " . $_POST['name'] . "\r\n" .
"Phone number: " . $_POST['phone'] . "\r\n" .
"Email: " . $_POST['email'] . "\r\n" ."\r\n" .
"Best Way to Contact: " . $_POST['contact'] . "\r\n" ."\r\n";

$field = array('landscape design and construction', 'hardscape design and construction', 'grounds maintenance', 'irrigation and drainage systems', 'lighting');

foreach($field as $f) {
if($_POST[$f] != '' && isset($_POST[$f])) {
$message .= "Services: ".$_POST[$f]."\r\n";
}
}

$message .= "Budget: " . $_POST['budget'] . "\r\n" .

$message .= "Anything Else: " . $_POST['other'] . "\r\n" .

$from = $_POST['email'];
$headers = "From: $from" . "\r\n";
$headers = "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;
mail($to,$subject,$message,$headers) ;
?>

Will that read? I basically need it to read as such:

Customer name: Katie
Phone number: 1-555-555-5555
Email: katiebugla@yahoo.com

Best Way to Contact: Phone

Budget: $0-500
Services: lighting, grounds maintenance

Anything Else: "I like your portfolio page." (text area)

You're right, it didn't parse the field names correctly. But I had a better, more elegant solution.

Let's rename all of the checkboxes to the same name, as an array. The [] will indicate that it is an array. Change your checkboxes to this:


<label>
<input name="serviceItem[]" type="checkbox" id="landscape design and construction" value="landscape design and construction" />
<span class="form_text">Landscape Design &amp; Construction</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="hardscape design and construction" value="hardscape design and construction" />
<span class="form_text">Hardscape Design &amp; Construction</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="grounds maintenance" value="grounds maintenance" />
<span class="form_text">Grounds Maintenance</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="irrigation and drainage systems" value="irrigation and drainage systems" />
<span class="form_text">Irrigation &amp; Drainage Systems</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="lighting" value="lighting" />
<span class="form_text">Lighting</span></label>



We then loop through the serviceItem if it is set, and then append each value to $message

Here's the PHP:


$to = "josh@gscapedesign.com";
$subject = "Greenscape Customer Inquiry";
$message = "Customer name: " . $_POST['name'] . "\r\n" .
"Phone number: " . $_POST['phone'] . "\r\n" .
"Email: " . $_POST['email'] . "\r\n" ."\r\n" .
"Contact: " . $_POST['contact'] . "\r\n" ."\r\n";

$field = array('landscape design and construction', 'hardscape design and construction', 'grounds maintenance', 'irrigation and drainage systems', 'lighting', 'budget');

if(isset($_POST[serviceItem])) {
if(isset($_POST[serviceItem])) {
$message .= "Services: ".implode(", ", $_POST[serviceItem])."\r\n";
}
}

$message .= "Budget: " . $_POST['budget'] . "\r\n" .

$from = $_POST['email'];
$headers = "From: $from" . "\r\n";
$headers = "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;
mail($to,$subject,$message,$headers) ;



The result would be like this:



Customer name: Katie
Phone number: 1-555-555-5555
Email: katiebugla@yahoo.com

Best Way to Contact: Phone

Budget: $0-500
Services: lighting, grounds maintenance


This code also gives you much more flexibility, because you can add/remove checkboxes easily without having to modify your PHP code. Any additional checkboxes should have the name set to serviceItem[].

I tested this out myself this time and it works.

Btw, I edited that last post. I didn't realize you wanted it like "Services: lighting, etc." The new code should do that.

I am going to test it again... just out of curiousity, does 'budget' need to be in the array?

Btw, I edited that last post. I didn't realize you wanted it like "Services: lighting, etc." The new code should do that.

Hey, I don't really know enough to ask the questions in the right way... Thank you for being patient!

No problem. Also, this is dead code, I forgot to remove it:


$field = array('landscape design and construction', 'hardscape design and construction', 'grounds maintenance', 'irrigation and drainage systems', 'lighting', 'budget');


You can go ahead and erase that line. It doesn't do anything anymore. And budget didn't need to be in the array to begin with, but somehow my absent-minded self put it in there. :P

I've done so many test runs at this point I can't tell which test went with which trail, but the latest outcome (email side):
Customer name: Katie
Phone number: 1-XXX-XXX-XXXX
Email: katiebugla@yahoo.com

Contact: Phone

Anything Else: Another test.
katiebugla@yahoo.comBudget: $0 - $500
Customer name: Katie
Phone number: 1-XXX-XXX-XXXX
Email: katiebugla@yahoo.com

Contact: Phone

Can you post your entire code that you're using (PHP + HTML)?

Something must be wrong.

<?php
$to = "josh@gscapedesign.com";
$subject = "Greenscape Customer Inquiry";
$message = "Customer name: " . $_POST['name'] . "\r\n" .
"Phone number: " . $_POST['phone'] . "\r\n" .
"Email: " . $_POST['email'] . "\r\n" ."\r\n" .
"Contact: " . $_POST['contact'] . "\r\n" ."\r\n";

if(isset($_POST[serviceItem])) {
if(isset($_POST[serviceItem])) {
$message .= "Services: ".implode(", ", $_POST[serviceItem])."\r\n";
}
}

$message .= "Budget: " . $_POST['budget'] . "\r\n" .
$message .= "Anything Else: " . $_POST['other'] . "\r\n" .
$from = $_POST['email'];
$headers = "From: $from" . "\r\n";
$headers = "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;
mail($to,$subject,$message,$headers) ;
?>

this is the current php

<form action="email_form.php" method="post" name="contact_gscape" id="contact_gscape">
<span id="sprytextfield1">
<label for="name"><span class="form_text">Name</span></label>
<input type="text" name="name" id="name" />
<span class="textfieldRequiredMsg">A contact name is required.</span></span>
<br />
<span id="sprytextfield2">
<label for="phone" class="form_text">Phone Number</label>
<input type="text" name="phone" id="phone" />
<span class="textfieldRequiredMsg">A phone number is required.</span><span class="textfieldInvalidFormatMsg">Please enter a valid phone number.</span></span>
<br />
<span id="sprytextfield3">
<label for="email" class="form_text">Email</label>
<input type="text" name="email" id="email" />
<span class="textfieldRequiredMsg">An email address is required.</span><span class="textfieldInvalidFormatMsg">Please enter a valid email address.</span></span>
</p>
<span id="contact">
<label for="label">What is the best way to contact you?</label>
<select name="contact" size="1" id="contact">
<option value="Phone">Phone</option>
<option value="Email">Email</option>
</select>
<span class="selectRequiredMsg">Please select an item.</span></span>
</p>
<span class="form_text">What Greenscape services would you like to know more about?</span>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="landscape design and construction" value="landscape design and construction" />
<span class="form_text">Landscape Design &amp; Construction</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="hardscape design and construction" value="hardscape design and construction" />
<span class="form_text">Hardscape Design &amp; Construction</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="grounds maintenance" value="grounds maintenance" />
<span class="form_text">Grounds Maintenance</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="irrigation and drainage systems" value="irrigation and drainage systems" />
<span class="form_text">Irrigation &amp; Drainage Systems</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="lighting" value="lighting" />
<span class="form_text">Lighting</span></label>
</p>
<span class="form_text">What is your budget?</span><span id="level1">
<label for="budget"></label>
<select name="budget" id="budget">
<option value="$0 - $500">$0 - $500</option>
<option value="$501-$1000">$501-$1000</option>
<option value="$1001-$5000">$1001-$5000</option>
<option value="$5000+">$5000+</option>
</select>
<span class="selectRequiredMsg">Please select an item.</span></span>
</p>
<span id="sprytextarea1">
<label for="other" class="form_text">Anything else?</label>
<br />
<textarea name="other" id="other" cols="45" rows="2"></textarea></span><br />
<input name="Submit" type="submit" value="Email Us" />
</form>

that would be the "relevant" html - let me know if you need more, though.

I don't see why it's not working. Try clearing your cache, and make sure you select at least one checkbox.

I just tested it myself with a print call to $message instead of mail() and it works just fine.

Ok, seems to be a little better, any reason its posting twice?

Customer name: Katie
Phone number: 1-XXX-XXX-XXXX
Email: katiebugla@yahoo.com

Contact: Phone

Services: landscape design and construction, hardscape design and construction, lighting
Anything Else: Please let this work.
katiebugla@yahoo.comBudget: $0 - $500
Customer name: Katie
Phone number: 1-XXX-XXX-XXXX
Email: katiebugla@yahoo.com

Contact: Phone

Services: landscape design and construction, hardscape design and construction, lighting
Anything Else: Please let this work.
katiebugla@yahoo.com

It's functional at the moment, so THANK YOU!

Hmm. It's conceivable that if the data is sent twice (e.g., the form is submitted twice) then the data could be repeated, since it is appending data.

A simple solution would be to disable the submit button once the form is submitted.

Thank you JShor, how would I "disable" the submit button? As of now, once the submit button is pushed, the php page loads saying "thank for your your inquiry... blah blah blah" - I don't know if one has to do with the other, but that's what happens for the user at the moment.

It's pretty simple to do.

In your form tag, place the onsubmit event to select the button and disable it. All you have to do is modify your <form> tag.



<form action="email_form.php" method="post" name="contact_gscape" id="contact_gscape" onsubmit="document.getElementById('submit_btn').disabled = 'disabled'">


And then set the ID of the submit button to "submit_btn".



<input name="Submit" type="submit" value="Email Us" id="submit_btn" />

Ok, one last question:

The client is now getting emails like this:

Customer name: gfdgd
Phone number: gfdg
Email: ggdf@yt.fr <mailto:ggdf@yt.fr>

Best way to contact: Phone

Services: landscape design and construction, hardscape design and construction, grounds maintenance, irrigation and drainage systems, lighting
Anything Else:
ggdf@yt.frBudget: $0 - $500

anyway to prevent what seems like spam emails???

Also, still doubling the data in the form...

The best way to prevent spam is by using CAPTCHA. Also, please re-post the final code you're using so we can see what's causing the data to double.

<?php
$to = "josh@gscapedesign.com";
$subject = "Greenscape Customer Inquiry";
$message = "Customer name: " . $_POST['name'] . "\r\n" .
"Phone number: " . $_POST['phone'] . "\r\n" .
"Email: " . $_POST['email'] . "\r\n" ."\r\n" .
"Best way to contact: " . $_POST['contact'] . "\r\n" ."\r\n";

if(isset($_POST[serviceItem])) {
if(isset($_POST[serviceItem])) {
$message .= "Services: ".implode(", ", $_POST[serviceItem])."\r\n";
}
}

$message .= "Budget: " . $_POST['budget'] . "\r\n" .
$message .= "Anything Else: " . $_POST['other'] . "\r\n" .
$from = $_POST['email'];
$headers = "From: $from" . "\r\n";
$headers = "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;
mail($to,$subject,$message,$headers) ;
?>

And here is the html with the submit button remedy you suggested...

<form action="email_form.php" method="post" name="contact_gscape" id="contact_gscape" onsubmit="document.getElementById('submit_btn').disabled = 'disabled'">
<span id="sprytextfield1">
<label for="name"><span class="form_text">Name</span></label>
<input type="text" name="name" id="name" />
<span class="textfieldRequiredMsg">A contact name is required.</span></span>
<br />
<span id="sprytextfield2">
<label for="phone" class="form_text">Phone Number</label>
<input type="text" name="phone" id="phone" />
<span class="textfieldRequiredMsg">A phone number is required.</span><span class="textfieldInvalidFormatMsg">Please enter a valid phone number.</span></span>
<br />
<span id="sprytextfield3">
<label for="email" class="form_text">Email</label>
<input type="text" name="email" id="email" />
<span class="textfieldRequiredMsg">An email address is required.</span><span class="textfieldInvalidFormatMsg">Please enter a valid email address.</span></span>
</p>
<span id="contact">
<label for="label">What is the best way to contact you?</label>
<select name="contact" size="1" id="contact">
<option value="Phone">Phone</option>
<option value="Email">Email</option>
</select>
<span class="selectRequiredMsg">Please select an item.</span></span>
</p>
<span class="form_text">What Greenscape services would you like to know more about?</span>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="landscape design and construction" value="landscape design and construction" />
<span class="form_text">Landscape Design &amp; Construction</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="hardscape design and construction" value="hardscape design and construction" />
<span class="form_text">Hardscape Design &amp; Construction</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="grounds maintenance" value="grounds maintenance" />
<span class="form_text">Grounds Maintenance</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="irrigation and drainage systems" value="irrigation and drainage systems" />
<span class="form_text">Irrigation &amp; Drainage Systems</span></label>
<br />
<label>
<input name="serviceItem[]" type="checkbox" id="lighting" value="lighting" />
<span class="form_text">Lighting</span></label>
</p>
<span class="form_text">What is your budget?</span><span id="level1">
<label for="budget"></label>
<select name="budget" id="budget">
<option value="$0 - $500">$0 - $500</option>
<option value="$501-$1000">$501-$1000</option>
<option value="$1001-$5000">$1001-$5000</option>
<option value="$5000+">$5000+</option>
</select>
<span class="selectRequiredMsg">Please select an item.</span></span>
</p>
<span id="sprytextarea1">
<label for="other" class="form_text">Anything else?</label>
<br />
<textarea name="other" id="other" cols="45" rows="2"></textarea></span><br />
<input name="Submit" type="submit" value="Email Us" id="submit_btn" />
</form>

Should I perhaps use this code instead of trying to build my own???

http://www.work-at-home-forum.com/web-design-8/free-php-contact-form-with-spam-protection-12714.htm (http://www.work-at-home-forum.com/web-design-8/free-php-contact-form-with-spam-protection-12714.html)l

I see on another forum that someone has done something with php that starts like this


$from = $_POST['from'];
if(IsSet($from)){

Would putting some sort of modification that way be beneficial?

I really don't know what I am doing, so if that was out of left field, I apologize.

<?php
$to = "josh@gscapedesign.com";
$subject = "Greenscape Customer Inquiry";
$message = "Customer name: " . $_POST['name'] . "\r\n" .
"Phone number: " . $_POST['phone'] . "\r\n" .
"Email: " . $_POST['email'] . "\r\n" ."\r\n" .
"Best way to contact: " . $_POST['contact'] . "\r\n" ."\r\n";

if(isset($_POST[serviceItem])) {
if(isset($_POST[serviceItem])) {
$message .= "Services: ".implode(", ", $_POST[serviceItem])."\r\n";
}
}

"Budget: " . $_POST['budget'] . "\r\n" .
"Anything Else: " . $_POST['other'] . "\r\n" .
$from = $_POST['email'];
$headers = "From: $from" . "\r\n";
$headers = "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;
mail($to,$subject,$message,$headers) ;
?>

Ok, I took the $message tags off of "Budget" and "Anything Else" - and now I am getting just one message (YAY!)... however, it is not populating anything from the text area or 'other'

Oh, I see why there were duplicate messages now. The first $message variable string was never terminated, so it was essentially a $message within $message causing it to duplicate (and that's why your solution worked).

Try using this:


<?php
$to = "josh@gscapedesign.com";
$subject = "Greenscape Customer Inquiry";
$message = "Customer name: " . $_POST['name'] . "\r\n" .
"Phone number: " . $_POST['phone'] . "\r\n" .
"Email: " . $_POST['email'] . "\r\n" ."\r\n" .
"Best way to contact: " . $_POST['contact'] . "\r\n" ."\r\n";

if(isset($_POST[serviceItem])) {
if(isset($_POST[serviceItem])) {
$message .= "Services: ".implode(", ", $_POST[serviceItem])."\r\n";
}
}

$budget =
"Budget: " . $_POST['budget'] . "\r\n" .
"Anything Else: " . $_POST['other'] . "\r\n";

$from = $_POST['email'];
$headers = "From: $from" . "\r\n";
$headers = "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;
mail($to,$subject,$message.$budget,$headers) ;
?>

Okay - tried that and neither the budget or other showed up - but i am doing some trails to see what I can do.

Done some trials - here is what I have:

<?php
$to = "katiebugla@yahoo.com";
$subject = "Greenscape Customer Inquiry";
$message = "Customer name: " . $_POST['name'] . "\r\n" .
"Phone number: " . $_POST['phone'] . "\r\n" .
"Email: " . $_POST['email'] . "\r\n" ."\r\n" .
"Best way to contact: " . $_POST['contact'] . "\r\n" ."\r\n" .
"Budget: " . $_POST['budget'] . "\r\n" ;

if(isset($_POST[serviceItem])) {
if(isset($_POST[serviceItem])) {
$message .= "Services: ".implode(", ", $_POST[serviceItem])."\r\n";
}
}

$message .= "Anything Else: " . $_POST['other'] . "\r\n";
$from = $_POST['email'];
$headers = "From: $from" . "\r\n";
$headers = "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;
mail($to,$subject,$message,$headers) ;
?>

And it displays as such:

Customer name: John Doe
Phone number: 1-xxx-xxx-xxxx
Email: blah@yahoo.com

Best way to contact: Email

Budget: $1001-$5000
Services: hardscape design and construction, grounds maintenance, lighting
Anything Else: For the love of meatballs, work.

Thank you for your patience - would you mind directing me to some info on making this more secure (i.e. less spam)?

Name this file captcha.php:



<?php.

session_start();

$str = "";
$length = 0;
for ($i = 0; $i < 6; $i++) {
// these numbers represent ASCII table (small letters)
$str .= chr(rand(97, 122));
}

//md5 letters and saving them to session
$letters = md5($str);
$_SESSION['letters'] = $letters;

//determine width and height for our image and create it
$imgW = 300;
$imgH = 100;
$image = imagecreatetruecolor($imgW, $imgH);

//setup background color and border color
$backgr_col = imagecolorallocate($image, 238,239,239);
$border_col = imagecolorallocate($image, 208,208,208);

//let's choose color in range of purple color
$text_col = imagecolorallocate($image, rand(70,90),rand(50,70),rand(120,140));

//now fill rectangle and draw border
imagefilledrectangle($image, 0, 0, $imgW, $imgH, $backgr_col);
imagerectangle($image, 0, 0, $imgW-1, $imgH-1, $border_col);

//save fonts in same folder where you PHP captcha script is
//name these fonts by numbers from 1 to 3
//we shall choose different font each time
$fn = rand(1,3);
$font = $fn . ".ttf";

//setup captcha letter size and angle of captcha letters
$font_size = $imgH / 2.2;
$angle = rand(-15,15);
$box = imagettfbbox($font_size, $angle, $font, $str);
$x = (int)($imgW - $box[4]) / 2;
$y = (int)($imgH - $box[5]) / 2;
imagettftext($image, $font_size, $angle, $x, $y, $text_col, $font, $str);

//now we should output captcha image
header("Content-type: image/png");
imagepng($image);
imagedestroy ($image);

?>


Insert this into your form HTML:


<p>Insert letters from image below:</p>
<img src="http://yourdomain.com/captcha.php" width="300" height="100" alt="simple PHP captcha" />
<input type="text" name="captcha" />


And modify your form's PHP to this:


<?php

session_start();

if (!$is_valid) {
echo 'Letters from simple PHP captcha have not been entered correctly....';
} else {
$to = "josh@gscapedesign.com";
$subject = "Greenscape Customer Inquiry";
$message = "Customer name: " . $_POST['name'] . "\r\n" .
"Phone number: " . $_POST['phone'] . "\r\n" .
"Email: " . $_POST['email'] . "\r\n" ."\r\n" .
"Best way to contact: " . $_POST['contact'] . "\r\n" ."\r\n";

if(isset($_POST[serviceItem])) {
$message .= "Services: ".implode(", ", $_POST[serviceItem])."\r\n";
}

$budget =
"Budget: " . $_POST['budget'] . "\r\n" .
"Anything Else: " . $_POST['other'] . "\r\n";

$from = $_POST['email'];
$headers = "From: $from" . "\r\n";
$headers = "Bcc: kroge16@tigers.lsu.edu" . "\r\n" ;
mail($to,$subject,$message.$budget,$headers) ;

$is_valid = $_SESSION['letters'] == md5(strtolower($_POST['captcha']));

echo 'CAPTCHA has been entered correctly.';
}
?>


That will add a CAPTCHA image, where users have to enter the letters they see into the textbox. Robots can't do this, so it prevents spam.

Script credit:
http://stuntsnippets.com/simple-php-captcha/

I will work on this now and let you know how it goes... I really appreciate all your help and understanding!

A couple of dumb questions:

1) In the part of the code where its says "<img src="http://yourdomain.com/captcha.php"..." - does the yourdoman need to be replaced with my site name?

2) I am brand new to php and not sure how to customize things - where/how would I got about making this fairly small as I don't have a lot of room to work with (see gscapedesign.com/contact_us.html)

I think I am beginning to understand the notes in the php file for captcha - I need to save some font files in my root folder???

You could just leave it as:


<img src="captcha.php alt="captcha" />


(assuming captcha.php is in the same directory as your form).

Yes, you need to save three font files named 1.ttf, 2.ttf and 3.ttf (they should be different).

This is so that different fonts are displayed at different times, randomly.

Same directory as in same root folder, right? As of now I have the blue box with a question mark? I could be missing other things I need to customize.

<?php

session_start();

$str = "";
$length = 0;
for ($i = 0; $i < 6; $i++) {
// these numbers represent ASCII table (small letters)
$str .= chr(rand(97, 122));
}

//md5 letters and saving them to session
$letters = md5($str);
$_SESSION['letters'] = $letters;

//determine width and height for our image and create it
$imgW = 150;
$imgH = 50;
$image = imagecreatetruecolor($imgW, $imgH);

//setup background color and border color
$backgr_col = imagecolorallocate($image, 238,239,239);
$border_col = imagecolorallocate($image, 208,208,208);

//let's choose color in range of purple color
$text_col = imagecolorallocate($image, rand(70,90),rand(50,70),rand(120,140));

//now fill rectangle and draw border
imagefilledrectangle($image, 0, 0, $imgW, $imgH, $backgr_col);
imagerectangle($image, 0, 0, $imgW-1, $imgH-1, $border_col);

//save fonts in same folder where you PHP captcha script is
//name these fonts by numbers from 1 to 3
//we shall choose different font each time
$fn = rand(1,3);
$font = $fn . ".ttf";

//setup captcha letter size and angle of captcha letters
$font_size = $imgH / 2.2;
$angle = rand(-15,15);
$box = imagettfbbox($font_size, $angle, $font, $str);
$x = (int)($imgW - $box[4]) / 2;
$y = (int)($imgH - $box[5]) / 2;
imagettftext($image, $font_size, $angle, $x, $y, $text_col, $font, $str);

//now we should output captcha image
header("Content-type: image/png");
imagepng($image);
imagedestroy ($image);
?>

The only thing I changed here is the box size because I am trying to fit this in a very small space...

Insert letters from image below:<br />
<img src="captcha.php alt="captcha" /> <input type="text" name="captcha" /><br />

That's the html - nothing really different here...

And finally, here is what is in the directory - note the 1.ttf, 2.ttf, 3.ttf (did I do that right?)

Hey this is coming from someone fairly ignorant about web design/development, but I saw this on a comment section and wonder if there is validity to this?


Put it this way, if you have something to protect because someone can make money out of your service, a CAPTCHA is at most a road block. If you have a simple website and are just trying to keep out comment spam from bots, just add a simple “Enter the word ‘human’” field and check that. It will be just as effective and won’t annoy your users as much.

Basically anything at all (except a plain link) can stop bots. That doesn't mean the bots can't be reprogrammed to get around it-- they can be redesigned if someone cares. But that will make your site harder than most to access. If your site is important enough that bots are specifically targeting it, then you may need something harder to bypass.

A CAPTCHA is the best method available (at least of the methods commonly used) and will generally stop bots. At worst it will be overkill for security and annoy your users.

Bots cannot usually bypass a captcha, although some try to, and this can happen either with weak captchas (easy to read) or with popular ones. Spammers attempt to maximize effect with minimal effort, so if they can program a bot to attack the most popular captcha, that's a better use of their time. In that way, if you make your own captcha or use an unpopular one, you'll be safer just for that reason.

The real question is how much security you really need on your site.

Also, don't forget that there ARE human spammers out there, and there are other cases where humans can help bots to bypass security. So nothing is going to be a perfect solution.


In summary, if you use a method like "type human in the box" then that will generally work. I'm not sure it will really be any easier or more pleasant for visitors, but that's your choice. It won't be as hard for a bot to get around as a captcha, so if someone would reprogram the bot for your site, that's when you'd need something stronger.


By the way, one interesting method I have seen that I believe is all but unbreakable by bots is using images as captchas: type "dog" or "cat" in the box based on what you see in the picture. (Of course it can be hard to make these function and if a bot can memorize all of the images or can just guess with a 50% chance, then that's a problem in itself.) The main problem with any non "copy" method is that speakers of another language might not understand. "Is this a picture of a perro or gato?" If you don't speak Spanish, that will make no sense. (Of course the question would be entirely in the other language-- "¿Es un imagen de un perro o un gato?") Or if you do speak Spanish, then what about "paka" and "mbwa"? (Swahili). The point is, if you have any visitors who don't speak English well, then guessing animal names (or anything like that) might be very hard. It's something to explore, though, if you need very strong security.

What problem are you having, exactly? Can you post a link to a page?

Thank you djr33 - check out gscapedesign.com (specifically the contact page)

It's not so much that there are credit card numbers or things of that ilk being passed around on this form, but the guy I am building this for is literally working outside in the heat everyday and doesn't need 20+ spam emails to bother him... if I can cut the traffic a little bit, that would be good.

Thoughts and critiques are welcome, but again it's a simple site with not a lot of room AND I am really new to this (essentially teaching myself web design and development).

MY (and I emphasize me as the source) problem with the captcha is that I don't really know php at all so I would need my hand held to customize it to what I need it to do... On the other hand, with this Are you human thing - I need help figuring out how to force people to write human or something like that before they can submit the form.

It looks good, although you might want to have the errors when a field isn't filled out on the same line.

I once saw a spam-check that read the following (it was a series of radio buttons, with #3 checked as the default):
Which one of these items do you prefer?
1. Ice cream.
2. A puppy.
3. A properly-formatted data file.

I think at the moment it's letting me submit without filling out human - thoughts? It tells you that that is not the valid word, but still lets you submit - I am working in Dreamweaver, how do I force that to happen???
I am leaning toward a text field because it takes up the least amount of space.

That should be enough to prevent the average "crawling" bots that just random send spam.

However, I don't think it's completely clear. I imagine that at least 1/10 people who tries to send a message will be confused by that.

Note that I may have just sent a blank email in testing this. I wanted to see if you have some sort of error correction. What I suggest is that when the form is submitted if the "human" term is NOT entered, you say "You must type human in the box!" so they can fix it.


There are, however, slightly easier ways to deal with this:
A simple checkbox can usually stop bots (at least 50% of the time). So I suggest something like this:
I am human: []

Or you could do radio buttons such as:
This is: ()spam ()not spam ()advertisement

It's certainly not that strong, but it will stop those 20 emails a day. Some spam may still come through, but it's probably from humans anyway. I can almost guarantee no one cares enough about that website to specifically program a bot to get around any security-- there's no advantage, because there are some many websites out there without any security.



One note: you should be careful to make sure that it is not possible to guess from the source code which option should be selected. If it is particularly clear then a bot might be able to guess, although it's unlikely. It would certainly help someone programming a bot though. It's better if there's no clue except what you say on the page. Bots can't be programmed to parse language (even basic language) very easily. Using a bit of variation can make it way too hard for a spammer to care about your page.




By the way, you can even do a silent captcha: Javascript doesn't (usually) work for bots, so you can just use JS to set a value automatically (silently) and that will cover the captcha. But you'd still need some method for users who don't have JS, such as what you already have, unless you don't want them to be able to access the page.
So, this would mean: add some JS to the page that: 1) makes the value of your textbox "human"; 2) hides the textbox and question.

Yes I did get the blank email :(
Ok, bear with me, I am really web blonde... If I did the checkbox option how do I force that the form (including that checkbox) is filled out before they can submit...
Also, I have like an intermediate understanding of HTML and CSS - I am really lost on everything else (php, javascript, etc.), so at the moment simpler is better (otherwise a lot of hand holding might be necessary).

While I have fields required, one can still submit the form without filling it out - sorry to be a pain in the ass... again... still.

What you will do is simple (I hope): in the PHP page that receives the form, check to see if a certain value is submitted (and whether it has a value that is valid). If it is valid (and only if it is valid), then send the email. Otherwise you can ignore it, or redirect to the form page, or display an error for the user, or do something else along those lines.


if (isset($_POST['myfield']) && $_POST['myfield']=='human') {
mail(); //send the email
}
else {
echo 'Error!'; //alternative
}

ok, that worked (I think) - now if i want to customize it - do i need to change 'myfield' to the id of my form? Talking about a redirect, that would involve building another php page, right? OR (sorry) if they hit submit and nothing is filled out, shouldn't there be a way to have the form be "stopped" and show all the field required to fill out.

I apologize for dragging this thread out forever, what I really need is a tutor or a class - because I really have no idea what I am doing.

You can also learn just as well by practicing. But that means you'll be limited in what you can do as you learn and it won't necessarily be fast. That said, you can do trial and error to make almost anything, but that won't help much for paid projects like this (since you don't have infinite time to do them).

A redirect would be a code at the beginning of your page that would redirect the user if the form was filled out incorrectly. (And you'd probably want to quit execution of the current page so the form is not submitted even if the redirect is ignored.) So, no, you don't need a new PHP page. A redirect can be on the receiving page directing back to the form page.

Yes, 'myfield' is an example. Replace that as needed, or (if you want) rename the field in your form to 'myfield' as well. They just need to match.

Ok, so a couple more dumb questions:

1) Would you be willing to walk me through a redirect?

2) I currently just have a form, no fields - if I were to name the form 'myfield' would that be the solution? OR do I need to make a field tag within the form?

A 'field' just refers to an input in the form. So it might be a textbox or a select menu or a checkbox. All are seen in PHP in the $_POST array (or $_GET if you use that method-- not so common), and there's no difference except what types of data (such as true/false, 1/0, text, a preset list of terms, etc.). So this means you should rename your textbox input name="myfield" (for example).


As for a redirect, you can find lots of information about that by searching. The basic answer is the following: since it is done through a header, it must be sent before any HTML output to the browser, including even line breaks. This means you'll need to pre-process the form data (at least the 'myfield' value to see if it is valid) and if you need to redirect do it early, so check if the value is INVALID then redirect if that's the case.

http://php.net/manual/en/function.header.php

<?php header('Location: http://www.example.com/'); ?>