I was reading quite a few answers on how to build a php contact form here but without success since I am not sure what is wrong with my code. I am not sure if it is a server issue but my code is below and there is no email sent. Apologies but PHP is not my strong point. Can you let me know if there is a mistake in my code? If it doesn't work I was told it is better to use an SMTP
<?php
$name = $_POST['name'];
$visitor_email = $_POST['email'];
$telephone = $_POST['telephone'];
$request = $_POST['request'];
$book = $_POST['book'];
//Validate first
if(empty($name)||empty($visitor_email))
{
echo "Name and email are mandatory!";
exit;
}
if(IsInjected($visitor_email))
{
echo "Bad email value!";
exit;
}
$email_from = 'exampleemail@mail.com';//<== update the email address
$email_subject = "New Form submission";
$email_body = "You have received a new message from $name.\n".
"Telephone:\n $telephone\n ".
"Visitor Email: \n $visitor_email\n".
"Book checked: \n $book\n".
"Request checked: \n $request.\n";
$to = "example@mail.com";//<== update the email address
$headers = "From: $email_from \r\n";
$headers .= "Reply-To: $visitor_email \r\n";
//Send the email!
mail($to,$email_subject,$email_body,$headers);
//done. redirect to thank-you page.
header('Location: ../thank-you.html');
// Function to validate against any email injection attempts
function IsInjected($str)
{
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str))
{
return true;
}
else
{
return false;
}
}
?>
