PHP联系表格来自管理员的电子邮件
I made a PHP Contact Form using this tutorial and it works great, but I've encountered one potential security risk / inconvenience. Each email I receive comes from my admin login name.
I added $headers as this thread instructed, but to no avail.
My Current PHP:
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$from = $_POST['email'];
$to = 'myClientsEmail@gmail.com';
$subject = 'Estimate Contact Form';
$headers = "From: $email
"; /* I added this */
$headers .= "Reply-To: $email
"; /* and this */
$body = "From: $name
Phone: $phone
E-Mail: $email
Message:
$message";
if ($_POST['submit']) {
if (mail ($to, $subject, $body, $from, $headers)) {
echo '<p>Your message has been sent!</p>';
} else {
echo '<p>Something went wrong, go back and try again!</p>';
}
}
?>
What exactly am I missing? Any help is greatly appreciated. Thank you!
我使用本教程它运行良好,但我遇到了一个潜在的安全风险/不便。 我收到的每封电子邮件都来自我的管理员登录名。 p>
我将 我当前的PHP: strong> p>
我到底错过了什么? 任何帮助是极大的赞赏。 谢谢! p>
div> $ headers code>添加为此主题指示,但无济于事。 p>
&lt;?php
$ name = $ _POST ['name'];
$ email = $ _POST ['email'];
$ phone = $ _POST ['phone'];
$ message = $ _POST ['message'];
$ from = $ _POST ['email'];
$ to ='myClientsEmail@gmail.com';
$ subject ='Estimate Contact Form';
$ headers =“From:$ email
”; / *我添加了这个* /
$ headers。=“回复:$ email
”; / *和这* /
$ body =“来自:$ name
电话:$ phone
电子邮件:$ email
消息:
$ message”;
if($ _POST ['submit']){
if(mail($ to,$ subject,$ body,$ from,$ headers)){
echo'&lt; p&gt;您的邮件已发送!&lt; / p&gt;' ;
}其他{
echo'&lt; p&gt;出了点问题,请回去再试一次!&lt; / p&gt;';
}
}
?&gt;
code> pre>
Your mail() function call has an extra parameter it looks like. The correct mail() call should be:
if (mail($to, $subject,$body,$headers)) {
....
}
So just remove the $from portion and it should be good.