Link to home
Start Free TrialLog in
Avatar of ram
ram

asked on

How to set php.ini variables in web.config file to make contact form work?

I have a contact form that I copied and altered a bit, and it uses php coding to verify and send user input using the mail function in php. I have tested the form both locally and on the web server but it doesn't seem to work since I am not receiving any emails.

After some reading, I found out that in order for the form to work, I have to configure some things in the php.ini file. I called my web server host and they told me that I don't have access to the php.ini file. But they did tell me that I can make changes in the web.config file, which I do have access to. Can anyone please help me set this up? I am a beginner in web development and I am not familiar with the server-side of things.
SOLUTION
Avatar of Ryan Chong
Ryan Chong
Flag of Singapore image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ram
ram

ASKER

Here is the PHP code:

<!-- Contact Form - START -->
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);>"id="contactform" style="right:-433px;">
<?php // Initialize variables to null.
$name =""; // Sender's Name
$organization =""; // Sender's organization
$email =""; // Sender's email ID
$phone =""; //Sender's phone number
$message =""; // Sender's Message
$nameError ="";
$organizationError ="";
$emailError ="";
$phoneError ="";
$messageError ="";
$successMessage =""; // On submittingform below function will execute.

if(isset($_POST['submit'])) { // Checking null values in message.
if (empty($_POST["name"])){
$nameError = "Please enter your full name.";
}
else {
$name = test_input($_POST["name"]); // check name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)){
    $nameError = "Only letters and white space allowed";
}
} // Checking null values inthe message.

if (empty($_POST["organization"])) {
$organizationError = "Please enter the name of your organization.";
}
else {
$organization = test_input($_POST["organization"]);
} // Checking null values in message.

if (empty($_POST["email"])) {
$emailError = "Please enter your email address.";
}
else {
$email = test_input($_POST["email"]);
} // Checking null values inmessage.

if (empty($_POST["phone"])) {
$phoneError = "Please enter your phone number.";
}
else {
$phone = test_input($_POST["phone"]);
} // Checking null values in message.

if (empty($_POST["message"])) {
$messageError = "Please enter your message.";
}
else {
$message = test_input($_POST["message"]);
} // Checking null values in the message.

if( !($name=='') && !($email=='') && !($organization=='') &&!($message=='') )
{ // Checking valid email.
if (preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
{
$header= "From: $email"; 
/* Let's prepare the message for the e-mail */
$msg = "Hello $name! Thank you for contacting us!
Name: $name
Organization: $organization
E-mail: $email
Phone: $phone
Message: $message
This is a contact confirmation email. We will contact you as soon as possible.";
$msg1 = "$name contacted us. Here is some information about $name.
Name: $name
Organization: $organization
E-mail: $email
Phone: $phone
Message: $message "; /* Send the message using mail() function */
if(mail($email, "Contact Confirmation", $msg, "From: someone@example.com" ) && mail("sometwo@example.com", "Web Inquiry", $msg1, $header  ))
{
$successMessage = "Message sent successfully.";
}
}
else
{ $emailError = "Invalid Email";
}
}
} // Function for filtering input values.

function test_input($data)
{
$data = trim($data);
$data =stripslashes($data);
$data =htmlspecialchars($data);
return $data;
}
?>

Open in new window


And here is the the HTML Code:

<div id="sidebar" onclick="open_panel()"><img src="images/Contact-Us.png"></div>
<div id="contactheader">
<h2>Contact Us</h2>
<p id="contactp">Please fill out the form below and we will contact you shortly.</p>
<input name="name" type="text" placeholder="Full Name" value="">
<span class="error"><?php echo $nameError;?></span>
<input name="organization" type="text" placeholder="Organization" value="">
<span class="error"><?php echo $organizationError;?></span>
<input name="email" type="text" placeholder="Email" value="">
<span class="error"><?php echo $emailError;?></span>
<input name="phone" type="text" placeholder="Phone Number">
<h4>Query type</h4>
<select>
    <option>General Query</option>
    <option>Query 1</option>
    <option>Query 2</option>
    <option>Query 3</option>
    <option>Query 4</option>
    <option>Query 5</option>
</select>
<textarea name="message" val="" placeholder="Message.."></textarea>
<span class="error"><?php echo $messageError;?></span>
<h4>How would you like to be contacted?</h4>
<select>
    <option>Phone</option>
    <option>Email</option>
</select>
<input class="submit" type="submit" name="submit" value="Submit" id="contactbutton">
<span class="success"><?php echo $successMessage;?></span>
</div>

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Julian Hansen
Julian Hansen
Flag of South Africa image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Ray Paseur
Ray Paseur
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ram
ram

ASKER

Thank you all for your help! I will definitely consider all of your suggestions.
Avatar of Ray Paseur
Ray Paseur
Flag of United States of America image
Here's my teaching example of a form-to-email script.  It contains the "action" script that processes the request from the form in lines 18-50.  It contains the "form" script (generated by a HEREDOC block) in lines 53-65.  There is a function that we use to clean up external input, too.  You might try installing it and running it "as-is" with only the changes noted in the comments at the top.  In my experience, this almost always works correctly in the standard PHP installation.
<?php // demo/form_to_email.php
/**
 * Use PHP to Send Email from an HTML Form
 */
error_reporting(E_ALL);


// REQUIRED VALUES ARE PREPOPULATED - CHANGE THESE FOR YOUR WORK
$from = 'NoReply@Your.org';
$subj = 'Contact Form';

// THIS IS AN ARRAY OF RECIPIENTS - CHANGE THESE FOR YOUR WORK
$to[] = 'You@Your.org';
$to[] = 'Her@Your.org';
$to[] = 'Him@Your.org';


// IF THE DATA HAS BEEN POSTED (AT LEAST SOMETHING IN THE EMAIL INPUT CONTROL)
if (!empty($_POST['e']))
{
    // CLEAN UP THE POTENTIALLY BAD AND DANGEROUS DATA
    $safe_mail = clean_string($_POST['e']);
    $safe_name = clean_string($_POST['n']);
    $safe_fone = clean_string($_POST['t']);
    $safe_idea = clean_string($_POST['i']);

    // CONSTRUCT THE MESSAGE THROUGH STRING CONCATENATION
    $content = NULL;
    $content .= "You have a New Query From $safe_name" . PHP_EOL . PHP_EOL;
    $content .= "Tel No: $safe_fone" . PHP_EOL;
    $content .= "Email: $safe_mail" . PHP_EOL;
    $content .= "Idea: $safe_idea" . PHP_EOL;

    // SEND MAIL TO EACH RECIPIENT
    foreach ($to as $recipient)
    {
        if (!mail( $recipient, $subj, $content, "From: $from\r\n"))
        {
            echo PHP_EOL . "<br/>MAIL FAILED FOR $recipient";
        }
        else
        {
            echo PHP_EOL . "<br/>MAIL WORKED FOR $recipient";
        }
    }

    // PRODUCE THE THANK-YOU PAGE
    echo '<p>THANK YOU</p>' . PHP_EOL;
    die('TASK COMPLETE');
}


// A FORM TO TAKE CLIENT INPUT FOR THIS SCRIPT
$form = <<<ENDFORM
<form method="post">
Please enter your contact information
<br/>Email: <input name="e" />
<br/>Phone: <input name="t" />
<br/>Name:  <input name="n" />
<br/>Ideas? <textarea name="i"></textarea>
<br/><input type="submit" />
</form>
ENDFORM;

echo $form;


// A FUNCTION TO CLEAN UP THE DATA - AVOID BECOMING AN OPEN-RELAY FOR SPAM
function clean_string($str)
{
    // IF MAGIC QUOTES IS ON, WE NEED TO REMOVE SLASHES
    $str = stripslashes($str);

    // REMOVE EXCESS WHITESPACE
    $rgx
    = '#'                // REGEX DELIMITER
    . '\s'               // MATCH THE WHITESPACE CHARACTER(S)
    . '\s+'              // MORE THAN ONE CONTIGUOUS INSTANCE OF WHITESPACE
    . '#'                // REGEX DELIMITER
    ;
    $str = preg_replace($rgx, ' ', $str);

    // REMOVE UNWANTED CHARACTERS
    $rgx
    = '#'                // REGEX DELIMITER
    . '['                // START OF A CHARACTER CLASS
    . '^'                // NEGATION - MATCH NONE OF THE CHARACTERS IN THIS CLASS
    . 'A-Z0-9'           // KEEP LETTERS AND NUMBERS
    . '"'                // KEEP DOUBLE QUOTES
    . "'"                // KEEP SINGLE QUOTES
    . '@&+:?_.,/\-'      // KEEP SOME SPECIAL CHARACTERS (NOTE ESCAPED HYPHEN)
    . ' '                // KEEP BLANKS
    . ']'                // END OF THE CHARACTER CLASS
    . '#'                // REGEX DELIMITER
    . 'i'                // CASE-INSENSITIVE
    ;
    $str = preg_replace($rgx, NULL, $str);

    // REMOVE EXCESSIVE INPUT
    $str = substr($str, 0, 255);

    return trim($str);
}

Open in new window