What are some best practices for PHP developers when implementing form mailers on websites?
When implementing form mailers on websites, PHP developers should always sanitize and validate user input to prevent SQL injection and cross-site scripting attacks. They should also use a secure method like PHP's built-in mail() function or a trusted third-party library to send emails from the form.
<?php
// Sanitize and validate user input
$name = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
$message = filter_var($_POST['message'], FILTER_SANITIZE_STRING);
// Check if all required fields are filled
if (!empty($name) && !empty($email) && !empty($message)) {
// Send email using PHP's built-in mail() function
$to = 'youremail@example.com';
$subject = 'Contact Form Submission';
$headers = 'From: ' . $email;
if (mail($to, $subject, $message, $headers)) {
echo 'Email sent successfully!';
} else {
echo 'Failed to send email. Please try again later.';
}
} else {
echo 'All fields are required.';
}
?>
Keywords
Related Questions
- What are the common pitfalls when creating thumbnail images in PHP?
- How can one ensure that all keys and values are read when loading a JSON file into an array using file_get_contents in PHP?
- Are there alternative methods to displaying category lists without constant page reloading, especially when dealing with applets?