What are common pitfalls when creating a PHP mail form on a single page?

One common pitfall when creating a PHP mail form on a single page is not properly validating user input before sending the email. This can lead to security vulnerabilities such as injection attacks. To solve this, make sure to sanitize and validate all user input before processing the form.

// Example of sanitizing and validating user input before sending the email

$name = filter_var($_POST[&#039;name&#039;], FILTER_SANITIZE_STRING);
$email = filter_var($_POST[&#039;email&#039;], FILTER_SANITIZE_EMAIL);
$message = filter_var($_POST[&#039;message&#039;], FILTER_SANITIZE_STRING);

// Validate email format
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
    echo &quot;Invalid email format&quot;;
    exit;
}

// Send email
$to = &quot;recipient@example.com&quot;;
$subject = &quot;Contact Form Submission&quot;;
$headers = &quot;From: $email&quot;;
$mailBody = &quot;Name: $name\nEmail: $email\nMessage: $message&quot;;

mail($to, $subject, $mailBody, $headers);
echo &quot;Email sent successfully&quot;;

Keywords

PHP mail form single page validation security

What are common pitfalls when creating a PHP mail form on a single page?

Keywords

Related Questions