Hi there I am a novice web coder and have recently designed and coded a site for a client. They asked that the form on the contact page include a file attachment upload feature. I am not too familiar with PHP, but I did some research and managed to find some coding online that I have implemented on my site to make this work. I have inserted my email as the receiver and tested the form out live and the attachment file is working properly allowing the file to come through :). However I seem to be getting an alert message in my email account (gmail) when the message comes through saying
"Be careful with this message. Similar messages were used to steal people's personal information. Unless you trust the sender, don't click links or reply with personal information."
My question is how can I avoid this alert? I do not want my client to have to deal with this alert once I change the email over to his account as the receiver. Also I have already received an email from a random person asking me to play a video game-spam? How can I avoid this? (I tried implementing a recaptcha but I am not a fan of these since they are often very hard to read)
Also why are the input fields asking for "name" and "email" not showing up in the email I receive? only the "message" field information is relayed to my email.
Any help is greatly appreciated. Thanks in advance.
Here is the PHP file I currently have in place which seems to be working to a certain degree;
<?php
if(isset($_POST['submit']))
{
//The form has been submitted, prep a nice thank you message
$output = '<h1>Thanks for your file and message!</h1>';
//Set the form flag to no display (cheap way!)
$flags = 'style="display:none;"';
//Deal with the email
$to = 'christianmelchiordesign@gmail.com';
$subject = 'a file for you';
$message = strip_tags($_POST['message']);
$name = strip_tags($_POST['name']);
$email = strip_tags($_POST['email']);
$attachment = chunk_split(base64_encode(file_get_contents($_FILES['file']['tmp_name'])));
$filename = $_FILES['file']['name'];
$boundary =md5(date('r', time()));
$headers = "From: netzeroliving.ca\r\nReply-To: netzeroliving.ca";
$headers .= "\r\nMIME-Version: 1.0\r\nContent-Type: multipart/mixed; boundary=\"_1_$boundary\"";
$message="This is a multi-part message in MIME format.
--_1_$boundary
Content-Type: multipart/alternative; boundary=\"_2_$boundary\"
--_2_$boundary
Content-Type: text/plain; charset=\"iso-8859-1\"
Content-Transfer-Encoding: 7bit
$message
--_2_$boundary--
--_1_$boundary
Content-Type: application/octet-stream; name=\"$filename\"
Content-Transfer-Encoding: base64
Content-Disposition: attachment
$attachment
--_1_$boundary--";
mail($to, $subject, $message, $headers);
}
?>
^^^I must note that the above PHP coding is placed outside of the body tags...not sure if this should be placed within the body tags or not^^^
<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF'];?>" method="post" <?php echo $flags;?>>
<p class="name">
<input type="text" name="name" id="name" />
<label for="name">Name</label>
</p>
<p class="email">
<input type="text" name="email" id="email" />
<label for="email">E-mail</label>
</p>
<p>
<label for="message">Message</label>
<textarea name="message" id="message" cols="20" rows="8"></textarea>
</p>
<p>
<label for="file">File</label>
<input type="file" name="file" id="file">
</p>
<p>
<input type="submit" name="submit" id="submit" value="send">
</p>
</form>
^^^the above coding is placed within the body tags^^^
