I finally got my form to work, although its ugly at the moment and I'll need to "pretty" it up.

So my issues is that while the form does send me the email, the email contains no data. I am new to CSS so I really appreciate any help I can get.

Here is my contact.php"


<?php
$field_name = $_POST['cf_name'];
$field_email = $_POST['cf_email'];
$field_message = $_POST['cf_message'];

$mail_to = 'jeff@vegaspchelp.com';
$subject = 'Message from a site visitor '.$field_name;

$body_message = 'From: '.$field_name."\n";
$body_message .= 'E-mail: '.$field_email."\n";
$body_message .= 'Message: '.$field_message;

$headers = 'From:'.$cf_email."\r\n";
$headers .= 'Reply-To: '.$cf_email."\r\n";

$mail_status = mail ($mail_to, $subject, $body_message, $headers);

if ($mail_status) { ?>
<script language="javascript" type="text/javascript">
alert('Thank you for the message. We will contact you shortly.');
window.location = 'index-4.html';
</script>
<?php
}
else { ?>
<script language="javascript" type="text/javascript">
alert('Message failed. Please, send an email to jeff@vegaspchelp.com');
window.location = 'index-4.html';
</script>
<?php
}
?>

______________________________________________________________________________________________________________________________________
Here is the html from the page that holds the form:


<form action="contact.php" id="form">
<div class="container1">
<div class="tail">
<div class="h"><input name="cf_name" type="text" value="Your name" onblur="if(this.value=='') this.value='Your name' ] this.value=''" /></div>
<div class="h"><input name="cf_email" type="text" value="Your E-mail" onblur="if(this.value=='') this.value='Your E-mail' ] this.value=''" /></div>

<div class="h3">
<textarea name="cf_message" rows="40" cols="30" onblur="if (this.value=='') this.value='Message'" onfocus="if(this.value == 'Message' ) this.value=''" >Message</textarea>
</div>
</div>
<div class="container1">
<div class="fright">
<a href="#" class="link" onclick="document.getElementById('form').submit()">Send</a>
<div class="indent-2" ><a href="#" class="link" onclick="document.getElementById('form').reset()">clear</a></div>
</div>
</div>"
</div>
</form>

Im a little confused about your question...
Are you wondering how to apply CSS to your form or are you asking why there isn't any message in the email?

Im a little confused about your question...
Are you wondering how to apply CSS to your form or are you asking why there isn't any message in the email?

Trying to figure out why its not sending any data

Trying to figure out why its not sending any data

Moved to the PHP forum.
Please make sure your questions are clear, and that you are posting in the proper forums. This question has nothing to do with CSS (you didn't even include any css in your post).

Your email body is empty because you didn't put anything in it:


$field_name = $_POST['cf_name'];
$field_email = $_POST['cf_email'];
$field_message = $_POST['cf_message'];

You should make sure you have error reporting enabled during development.
<?php
error_reporting( -1 );
ini_set( 'display_errors',1 );

All of those POST variables are undefined (and therefore empty). That's because your form isn't using the POST method - it's using GET. Try using POST:
<form method="POST" action="contact.php" id="form">


Also, you have a security vulnerability here:

$headers = 'From:'.$cf_email."\r\n";
$headers .= 'Reply-To: '.$cf_email."\r\n";

You assume that $cf_email is an email address, but you don't check. What if I wrote:

my@email.com\r\nCC: <spam-mailing-list>\r\n
?
You're a spam server!

You need to validate that the email I submitted is an email address. It's very simple:
if( ! filter_var( $cf_email,FILTER_VALIDATE_EMAIL ) ){
/* not a valid email! don't use it */
}

Moved to the PHP forum.
Please make sure your questions are clear, and that you are posting in the proper forums. This question has nothing to do with CSS (you didn't even include any css in your post).

Your email body is empty because you didn't put anything in it:


$field_name = $_POST['cf_name'];
$field_email = $_POST['cf_email'];
$field_message = $_POST['cf_message'];

You should make sure you have error reporting enabled during development.
<?php
error_reporting( -1 );
ini_set( 'display_errors',1 );

All of those POST variables are undefined (and therefore empty). That's because your form isn't using the POST method - it's using GET. Try using POST:
<form method="POST" action="contact.php" id="form">


Also, you have a security vulnerability here:

$headers = 'From:'.$cf_email."\r\n";
$headers .= 'Reply-To: '.$cf_email."\r\n";

You assume that $cf_email is an email address, but you don't check. What if I wrote:

my@email.com\r\nCC: <spam-mailing-list>\r\n
?
You're a spam server!

You need to validate that the email I submitted is an email address. It's very simple:
if( ! filter_var( $cf_email,FILTER_VALIDATE_EMAIL ) ){
/* not a valid email! don't use it */
}

Thank you so much and I am sorry for posting in the wrong topic! I am very new to this but I think I can figure it out now with this great help from you. Thanks again!

Thank you so much and I am sorry for posting in the wrong topic! I am very new to this but I think I can figure it out now with this great help from you. Thanks again!

no problem.

Post again if you need any further help.
If you find a solution to your problem, come back and mark your thread "Resolved."

Not sure if this is how I mark this resolved - I'll keep hunting in case its not~

It's a little hard to find that option: go to your first post, click edit, then go to advanced mode. Then you'll see a dropdown that will let you add a thread prefix of "Resolved".

The use of filter_var() is not a good solution. There are several things it doesn't do that are important, and there are several things it does wrong. It is not kept up-to-date and sooner than the version of php on the server changes, BTW. Safe and proper email filtering always involves several steps, and personally, I thing that doing a MX record look-up is well worth the time. I've posted a solution before, one of many possible. At least sanitize it, use the strip_tags(), use the htmlspecialcharacters() function, or something to prevent injection.....

The use of filter_var() is not a good solution. There are several things it doesn't do that are important, and there are several things it does wrong.
Care to be more specific?


It is not kept up-to-date and sooner than the version of php on the server changes, BTW.
Nothing in PHP is updated any sooner than PHP is updated.


... personally, I thing that doing a MX record look-up is well worth the time.
In some situations, yes, a lookup is well worth it.


At least sanitize it, use the strip_tags(), use the htmlspecialcharacters() function, or something to prevent injection.....
If the email passes FILTER_VALIDATE_EMAIL, you will know that there are no characters in it that will be affected by either of those two functions. Further, in emails, the characters that can lead to header injection are newlines - which neither of those functions remove/encode (but a valid email with a newline at the end does fail FILTER_VALIDATE_EMAIL).

No email validation can be perfect. It's a tradeoff. Personally I think filter_var() is so easy and accomplishes so much of the work that it's a good solution. There are other options and tradeoffs, but I don't see anything wrong with this on a practical level. And as traq said, the goal is just to sanitize the input for the form so that it's not used to send spam, etc.
In the end, there's almost no way at all (aside from sending an email to check) to know whether an email address is actually valid. You can check if the domain exists (or at least if it's currently responsive, which if so isn't proof that it can receive email or if not doesn't mean the server didn't just crash), but you can't check whether a particular email account exists.
Given that you can't get perfection, a simple and mostly effective strategy seems fine to me.

However, I would agree that the OP might want to look at what you've posted elsewhere (as have others) about checking whether the receiving domain is valid and so forth. There are times when that is useful.

Absolutely - and I really would like to hear your specific concerns. I am aware of a lot of those "trade-offs," but if there's something I hadn't considered before I'd like to know.