Created
April 23, 2019 05:37
-
-
Save zourite/c4dc42f8c65c6f7ddcbbf19c67e4e2fe to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* PHPMailer simple contact form example. | |
* If you want to accept and send uploads in your form, look at the send_file_upload example. | |
*/ | |
//Import the PHPMailer class into the global namespace | |
use PHPMailer\PHPMailer\PHPMailer; | |
require 'vendor/autoload.php'; | |
if (array_key_exists('to', $_POST)) { | |
$err = false; | |
$msg = ''; | |
$email = ''; | |
//Apply some basic validation and filtering to the subject | |
if (array_key_exists('subject', $_POST)) { | |
$subject = substr(strip_tags($_POST['subject']), 0, 255); | |
} else { | |
$subject = 'No subject given'; | |
} | |
//Apply some basic validation and filtering to the query | |
if (array_key_exists('query', $_POST)) { | |
//Limit length and strip HTML tags | |
$query = substr(strip_tags($_POST['query']), 0, 16384); | |
} else { | |
$query = ''; | |
$msg = 'No query provided!'; | |
$err = true; | |
} | |
//Apply some basic validation and filtering to the name | |
if (array_key_exists('name', $_POST)) { | |
//Limit length and strip HTML tags | |
$name = substr(strip_tags($_POST['name']), 0, 255); | |
} else { | |
$name = ''; | |
} | |
//Validate to address | |
//Never allow arbitrary input for the 'to' address as it will turn your form into a spam gateway! | |
//Substitute appropriate addresses from your own domain, or simply use a single, fixed address | |
if (array_key_exists('to', $_POST) and in_array($_POST['to'], ['sales', 'support', 'accounts'])) { | |
$to = $_POST['to'] . '@example.com'; | |
} else { | |
$to = 'support@example.com'; | |
} | |
//Make sure the address they provided is valid before trying to use it | |
if (array_key_exists('email', $_POST) and PHPMailer::validateAddress($_POST['email'])) { | |
$email = $_POST['email']; | |
} else { | |
$msg .= "Error: invalid email address provided"; | |
$err = true; | |
} | |
if (!$err) { | |
$mail = new PHPMailer; | |
// $mail->isSMTP(); | |
// $mail->Host = 'localhost'; | |
// $mail->Port = 2500; | |
$mail->CharSet = 'utf-8'; | |
//It's important not to use the submitter's address as the from address as it's forgery, | |
//which will cause your messages to fail SPF checks. | |
//Use an address in your own domain as the from address, put the submitter's address in a reply-to | |
$mail->setFrom('contact@example.com', (empty($name) ? 'Contact form' : $name)); | |
$mail->addAddress($to); | |
$mail->addReplyTo($email, $name); | |
$mail->Subject = 'Contact form: ' . $subject; | |
$mail->Body = "Contact form submission\n\n" . $query; | |
if (!$mail->send()) { | |
$msg .= "Mailer Error: " . $mail->ErrorInfo; | |
} else { | |
$msg .= "Message sent!"; | |
} | |
$db = new PDO('mysql:host=mysql;dbname=web;charset=utf8mb4', 'web', 'pass'); | |
} | |
} ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment