Skip to main content

Can you review my website "Email Contact Form" that uses PHP and - g-recaptcha

Data entered via Email Contact Form using g-recaptcha v.3 to create hidden token which is passed to form.php is not being displayed within emails received from local server. Can you help?

HTML Contact Form

<!-- Contact Section -->
        <div class="w3-container w3-padding-32 w3-card w3-light-grey " id="contact">
            <h3 class="w3-border-bottom w3-border-light-grey w3-padding-16">Contact</h3><hr>        
            
            <p>Lets get in touch and talk about your next project.</p>
            
            <form action="form.php " method="post"  target="_blank" >
                
                <input class="w3-input w3-border w3-text-red" type="text" placeholder="Enter Your First Name: ex. Mark (with no spaces, punctuations or symbols)" name="fname"  maxlength="32" pattern="[A-Za-z]{1,32}" required><br>
                
                <input class="w3-input w3-border w3-text-red" type="text" placeholder="Enter Your Last Name: ex. Wilson (with no spaces, punctuations or symbols)" name="lname"  maxlength="32" pattern="[A-Za-z]{1,32}" required>
                
                <input class="w3-input w3-section w3-border w3-text-red" type="text" placeholder="Enter Your Email: ex. yourname@domainname.com" name="email" pattern="^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$" required>
                <input class="w3-input w3-section w3-border w3-text-red" placeholder="Enter Your Phone Number: ex.(112)112-1112 or 1121121112" name="phone" pattern="^(\s*)?(\+)?([- _():=+]?\d[- _():=+]?){10,14}(\s*)?$" required>
                
                <textarea class="w3-input w3-section w3-border w3-text-red" placeholder="Please Place Your Comment Here"  name="comment"  rows="5" required></textarea>             

                         
                <i class="fa fa-paper-plane-o"></i> 
                <input type="submit" name="submit" value="SEND MESSAGE" class="w3-text-black"><br><br>
                
            </form> 

            <script>
            // when form is submit
                $('#comment_form').submit(function() {
                        // we stoped it
                        event.preventDefault();
                        var fname = $('#fname').val();
                        var lname = $('#lname').val();
                        var email = $('#email').val();
                        var phone = $('#phone').val();
                        var comment = $("#comment").val();
                        // needs for recaptacha ready
                        grecaptcha.ready(function() {
                            // do request for recaptcha token
                            // response is promise with passed token
                            grecaptcha.execute('My Site Key', {action: 'create_comment'}).then(function(token) {
                                // add token to form
                                $('#comment_form').prepend('<input type="hidden" name="g-recaptcha-response" value="' + token + '">');
                                    $.post("form.php",{fname: fname, lname: lname, email: email, phone: phone,comment: comment, token: token}, function(result) {
                                            console.log(result);
                                            if(result.success) {
                                                    alert('Thanks for posting comment.')
                                            } else {
                                                    alert('You have been identified as a spammer.  Your submitted comments have been blocked.')
                                            }
                                    });
                            });;
                        });
                  });
                </script>
            
            </div>    
        <div class = "w3-display-container w3-content w3-wide  w3-text-black w3-center w3-dark-blue w3-tiny" style="max-width:1300px;">
            <a>"Section 6"</a>
        </div>  
    </div>
<!-- End page content -->

form.php

<?php
  $fname; $lname;$email;$comment;$captcha;
  $fname = filter_input(INPUT_POST, 'fname', FILTER_SANITIZE_STRING);
  $lname = filter_input(INPUT_POST, 'lname', FILTER_SANITIZE_STRING);
  $email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
  $phone = filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_STRING);
  $comment = filter_input(INPUT_POST, 'comment', FILTER_SANITIZE_STRING);
  $captcha = filter_input(INPUT_POST, 'token', FILTER_SANITIZE_STRING);
  if(!$captcha){
    echo '<h2>Please re-check your information entered on the contact form.</h2>';
    exit;
  }
  $secretKey = "My Secrete Key";
  $ip = $_SERVER['REMOTE_ADDR'];

  // post request to server
  $url = 'https://www.google.com/recaptcha/api/siteverify';
  $data = array('secret' => $secretKey, 'response' => $captcha);

  $options = array(
    'http' => array(
      'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
      'method'  => 'POST',
      'content' => http_build_query($data)
    )
  );
  $context  = stream_context_create($options);
  $response = file_get_contents($url, false, $context);
  $responseKeys = json_decode($response,true);
  header('Content-type: application/json');
  if($responseKeys["success"]) {
    echo json_encode(array('success' => 'true'));
    
    
  } else {
    echo json_encode(array('success' => 'false'));
  }
  
        // Retrieve from HTML contact form section
        
           $fname = trim(strip_tags($_POST['fname']));
           $lname = trim(strip_tags($_POST['lname']));
           $email = trim(strip_tags($_POST['email']));
           $phone = trim(strip_tags($_POST['phone']));
           $comment = htmlentities($_POST['comment']);
  
        // Send to Default email, via the .PHP form
        
           $subject = "New Comments submitted through the PSMPC Contact Form!";
           $to = 'questions@pleasesavemypc.com';
           $body = <<<HTML
                First Name: &emsp;$fname <br> Last Name: &emsp;$lname <br> Email: &emsp;$email <br> Phone: &emsp;$phone<br> Comment: &emsp;$comment
            HTML;

           $headers = "From: $email\r\n";
           $headers .= "Content-type: text/html\r\n";

           // send the email
           mail($to, $subject, $body, $headers);

           //redirect afterwords, if needed
           header('Location: thanks.html');
  
  
?>

Screen Shots

enter image description here

enter image description here

enter image description here



source https://stackoverflow.com/questions/68170293/can-you-review-my-website-email-contact-form-that-uses-php-and-g-recaptcha
Labels:

Comments

Post a Comment

Popular posts from this blog

Confusion between commands.Bot and discord.Client | Which one should I use?

Whenever you look at YouTube tutorials or code from this website there is a real variation. Some developers use client = discord.Client(intents=intents) while the others use bot = commands.Bot(command_prefix="something", intents=intents) . Now I know slightly about the difference but I get errors from different places from my code when I use either of them and its confusing. Especially since there has a few changes over the years in discord.py it is hard to find the real difference. I tried sticking to discord.Client then I found that there are more features in commands.Bot . Then I found errors when using commands.Bot . An example of this is: When I try to use commands.Bot client = commands.Bot(command_prefix=">",intents=intents) async def load(): for filename in os.listdir("./Cogs"): if filename.endswith(".py"): client.load_extension(f"Cogs.{filename[:-3]}") The above doesnt giveany response from my Cogs ...
Post a Comment
Read more

How to show number of registered users in Laravel based on usertype?

i'm trying to display data from the database in the admin dashboard i used this: <?php use Illuminate\Support\Facades\DB; $users = DB::table('users')->count(); echo $users; ?> and i have successfully get the correct data from the database but what if i want to display a specific data for example in this user table there is "usertype" that specify if the user is normal user or admin i want to user the same code above but to display a specific usertype i tried this: <?php use Illuminate\Support\Facades\DB; $users = DB::table('users')->count()->WHERE usertype =admin; echo $users; ?> but it didn't work, what am i doing wrong? source https://stackoverflow.com/questions/68199726/how-to-show-number-of-registered-users-in-laravel-based-on-usertype
Post a Comment
Read more

Why is my reports service not connecting?

I am trying to pull some data from a Postgres database using Node.js and node-postures but I can't figure out why my service isn't connecting. my routes/index.js file: const express = require('express'); const router = express.Router(); const ordersCountController = require('../controllers/ordersCountController'); const ordersController = require('../controllers/ordersController'); const weeklyReportsController = require('../controllers/weeklyReportsController'); router.get('/orders_count', ordersCountController); router.get('/orders', ordersController); router.get('/weekly_reports', weeklyReportsController); module.exports = router; My controllers/weeklyReportsController.js file: const weeklyReportsService = require('../services/weeklyReportsService'); const weeklyReportsController = async (req, res) => { try { const data = await weeklyReportsService; res.json({data}) console...
Post a Comment
Read more