What are some best practices for handling form data and sending emails in PHP?

When handling form data in PHP, it is important to sanitize and validate the input to prevent security vulnerabilities such as SQL injection or cross-site scripting attacks. When sending emails in PHP, it is recommended to use a library like PHPMailer to handle email sending securely and efficiently.

// Sanitize and validate form data
$name = htmlspecialchars($_POST[&#039;name&#039;]);
$email = filter_var($_POST[&#039;email&#039;], FILTER_VALIDATE_EMAIL);
$message = htmlspecialchars($_POST[&#039;message&#039;]);

// Send email using PHPMailer
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;

require &#039;vendor/autoload.php&#039;;

$mail = new PHPMailer(true);

try {
    $mail-&gt;isSMTP();
    $mail-&gt;Host = &#039;smtp.example.com&#039;;
    $mail-&gt;SMTPAuth = true;
    $mail-&gt;Username = &#039;your@example.com&#039;;
    $mail-&gt;Password = &#039;yourpassword&#039;;
    $mail-&gt;SMTPSecure = &#039;tls&#039;;
    $mail-&gt;Port = 587;

    $mail-&gt;setFrom(&#039;from@example.com&#039;, &#039;Your Name&#039;);
    $mail-&gt;addAddress(&#039;recipient@example.com&#039;);
    $mail-&gt;isHTML(true);
    $mail-&gt;Subject = &#039;Subject&#039;;
    $mail-&gt;Body = $message;

    $mail-&gt;send();
    echo &#039;Message has been sent&#039;;
} catch (Exception $e) {
    echo &#039;Message could not be sent. Mailer Error: &#039; . $mail-&gt;ErrorInfo;
}

What are some best practices for handling form data and sending emails in PHP?

Related Questions