PHP email form for dummies???

**katiebugla** · 09-01-2011, 04:22 PM

Thank you djr33 - check out gscapedesign.com (specifically the contact page)

It's not so much that there are credit card numbers or things of that ilk being passed around on this form, but the guy I am building this for is literally working outside in the heat everyday and doesn't need 20+ spam emails to bother him... if I can cut the traffic a little bit, that would be good.

Thoughts and critiques are welcome, but again it's a simple site with not a lot of room AND I am really new to this (essentially teaching myself web design and development).

**katiebugla** · 09-01-2011, 04:26 PM

MY (and I emphasize me as the source) problem with the captcha is that I don't really know php at all so I would need my hand held to customize it to what I need it to do... On the other hand, with this Are you human thing - I need help figuring out how to force people to write human or something like that before they can submit the form.

**JShor** · 09-01-2011, 04:27 PM

It looks good, although you might want to have the errors when a field isn't filled out on the same line.

I once saw a spam-check that read the following (it was a series of radio buttons, with #3 checked as the default):
Which one of these items do you prefer?
1. Ice cream.
2. A puppy.
3. A properly-formatted data file.

**katiebugla** · 09-01-2011, 04:30 PM

I think at the moment it's letting me submit without filling out human - thoughts? It tells you that that is not the valid word, but still lets you submit - I am working in Dreamweaver, how do I force that to happen???
I am leaning toward a text field because it takes up the least amount of space.

**djr33** · 09-01-2011, 04:32 PM

That should be enough to prevent the average "crawling" bots that just random send spam.

However, I don't think it's completely clear. I imagine that at least 1/10 people who tries to send a message will be confused by that.

Note that I may have just sent a blank email in testing this. I wanted to see if you have some sort of error correction. What I suggest is that when the form is submitted if the "human" term is NOT entered, you say "You must type human in the box!" so they can fix it.

There are, however, slightly easier ways to deal with this:
A simple checkbox can usually stop bots (at least 50% of the time). So I suggest something like this:
I am human: []

Or you could do radio buttons such as:
This is: ()spam ()not spam ()advertisement

It's certainly not that strong, but it will stop those 20 emails a day. Some spam may still come through, but it's probably from humans anyway. I can almost guarantee no one cares enough about that website to specifically program a bot to get around any security-- there's no advantage, because there are some many websites out there without any security.

One note: you should be careful to make sure that it is not possible to guess from the source code which option should be selected. If it is particularly clear then a bot might be able to guess, although it's unlikely. It would certainly help someone programming a bot though. It's better if there's no clue except what you say on the page. Bots can't be programmed to parse language (even basic language) very easily. Using a bit of variation can make it way too hard for a spammer to care about your page.

By the way, you can even do a silent captcha: Javascript doesn't (usually) work for bots, so you can just use JS to set a value automatically (silently) and that will cover the captcha. But you'd still need some method for users who don't have JS, such as what you already have, unless you don't want them to be able to access the page.
So, this would mean: add some JS to the page that: 1) makes the value of your textbox "human"; 2) hides the textbox and question.

**katiebugla** · 09-01-2011, 04:44 PM

Yes I did get the blank email

Ok, bear with me, I am really web blonde... If I did the checkbox option how do I force that the form (including that checkbox) is filled out before they can submit...
Also, I have like an intermediate understanding of HTML and CSS - I am really lost on everything else (php, javascript, etc.), so at the moment simpler is better (otherwise a lot of hand holding might be necessary).

**katiebugla** · 09-01-2011, 05:24 PM

While I have fields required, one can still submit the form without filling it out - sorry to be a pain in the ass... again... still.

**djr33** · 09-01-2011, 05:45 PM

What you will do is simple (I hope): in the PHP page that receives the form, check to see if a certain value is submitted (and whether it has a value that is valid). If it is valid (and only if it is valid), then send the email. Otherwise you can ignore it, or redirect to the form page, or display an error for the user, or do something else along those lines.

PHP Code:


if (isset($_POST['myfield']) && $_POST['myfield']=='human') {
    mail(); //send the email
}
else {
    echo 'Error!'; //alternative
}

**katiebugla** · 09-01-2011, 05:59 PM

ok, that worked (I think) - now if i want to customize it - do i need to change 'myfield' to the id of my form? Talking about a redirect, that would involve building another php page, right? OR (sorry) if they hit submit and nothing is filled out, shouldn't there be a way to have the form be "stopped" and show all the field required to fill out.

**katiebugla** · 09-01-2011, 06:09 PM

I apologize for dragging this thread out forever, what I really need is a tutor or a class - because I really have no idea what I am doing.

Thread: PHP email form for dummies???

Thread Tools

Search Thread

The Following User Says Thank You to djr33 For This Useful Post:

Bookmarks

Bookmarks

Posting Permissions