Skip to main content

Can you review my website "Email Contact Form" that uses PHP and - g-recaptcha

Data entered via Email Contact Form using g-recaptcha v.3 to create hidden token which is passed to form.php is not being displayed within emails received from local server. Can you help?

HTML Contact Form

<!-- Contact Section -->
        <div class="w3-container w3-padding-32 w3-card w3-light-grey " id="contact">
            <h3 class="w3-border-bottom w3-border-light-grey w3-padding-16">Contact</h3><hr>        
            
            <p>Lets get in touch and talk about your next project.</p>
            
            <form action="form.php " method="post"  target="_blank" >
                
                <input class="w3-input w3-border w3-text-red" type="text" placeholder="Enter Your First Name: ex. Mark (with no spaces, punctuations or symbols)" name="fname"  maxlength="32" pattern="[A-Za-z]{1,32}" required><br>
                
                <input class="w3-input w3-border w3-text-red" type="text" placeholder="Enter Your Last Name: ex. Wilson (with no spaces, punctuations or symbols)" name="lname"  maxlength="32" pattern="[A-Za-z]{1,32}" required>
                
                <input class="w3-input w3-section w3-border w3-text-red" type="text" placeholder="Enter Your Email: ex. yourname@domainname.com" name="email" pattern="^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$" required>
                <input class="w3-input w3-section w3-border w3-text-red" placeholder="Enter Your Phone Number: ex.(112)112-1112 or 1121121112" name="phone" pattern="^(\s*)?(\+)?([- _():=+]?\d[- _():=+]?){10,14}(\s*)?$" required>
                
                <textarea class="w3-input w3-section w3-border w3-text-red" placeholder="Please Place Your Comment Here"  name="comment"  rows="5" required></textarea>             

                         
                <i class="fa fa-paper-plane-o"></i> 
                <input type="submit" name="submit" value="SEND MESSAGE" class="w3-text-black"><br><br>
                
            </form> 

            <script>
            // when form is submit
                $('#comment_form').submit(function() {
                        // we stoped it
                        event.preventDefault();
                        var fname = $('#fname').val();
                        var lname = $('#lname').val();
                        var email = $('#email').val();
                        var phone = $('#phone').val();
                        var comment = $("#comment").val();
                        // needs for recaptacha ready
                        grecaptcha.ready(function() {
                            // do request for recaptcha token
                            // response is promise with passed token
                            grecaptcha.execute('My Site Key', {action: 'create_comment'}).then(function(token) {
                                // add token to form
                                $('#comment_form').prepend('<input type="hidden" name="g-recaptcha-response" value="' + token + '">');
                                    $.post("form.php",{fname: fname, lname: lname, email: email, phone: phone,comment: comment, token: token}, function(result) {
                                            console.log(result);
                                            if(result.success) {
                                                    alert('Thanks for posting comment.')
                                            } else {
                                                    alert('You have been identified as a spammer.  Your submitted comments have been blocked.')
                                            }
                                    });
                            });;
                        });
                  });
                </script>
            
            </div>    
        <div class = "w3-display-container w3-content w3-wide  w3-text-black w3-center w3-dark-blue w3-tiny" style="max-width:1300px;">
            <a>"Section 6"</a>
        </div>  
    </div>
<!-- End page content -->

form.php

<?php
  $fname; $lname;$email;$comment;$captcha;
  $fname = filter_input(INPUT_POST, 'fname', FILTER_SANITIZE_STRING);
  $lname = filter_input(INPUT_POST, 'lname', FILTER_SANITIZE_STRING);
  $email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
  $phone = filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_STRING);
  $comment = filter_input(INPUT_POST, 'comment', FILTER_SANITIZE_STRING);
  $captcha = filter_input(INPUT_POST, 'token', FILTER_SANITIZE_STRING);
  if(!$captcha){
    echo '<h2>Please re-check your information entered on the contact form.</h2>';
    exit;
  }
  $secretKey = "My Secrete Key";
  $ip = $_SERVER['REMOTE_ADDR'];

  // post request to server
  $url = 'https://www.google.com/recaptcha/api/siteverify';
  $data = array('secret' => $secretKey, 'response' => $captcha);

  $options = array(
    'http' => array(
      'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
      'method'  => 'POST',
      'content' => http_build_query($data)
    )
  );
  $context  = stream_context_create($options);
  $response = file_get_contents($url, false, $context);
  $responseKeys = json_decode($response,true);
  header('Content-type: application/json');
  if($responseKeys["success"]) {
    echo json_encode(array('success' => 'true'));
    
    
  } else {
    echo json_encode(array('success' => 'false'));
  }
  
        // Retrieve from HTML contact form section
        
           $fname = trim(strip_tags($_POST['fname']));
           $lname = trim(strip_tags($_POST['lname']));
           $email = trim(strip_tags($_POST['email']));
           $phone = trim(strip_tags($_POST['phone']));
           $comment = htmlentities($_POST['comment']);
  
        // Send to Default email, via the .PHP form
        
           $subject = "New Comments submitted through the PSMPC Contact Form!";
           $to = 'questions@pleasesavemypc.com';
           $body = <<<HTML
                First Name: &emsp;$fname <br> Last Name: &emsp;$lname <br> Email: &emsp;$email <br> Phone: &emsp;$phone<br> Comment: &emsp;$comment
            HTML;

           $headers = "From: $email\r\n";
           $headers .= "Content-type: text/html\r\n";

           // send the email
           mail($to, $subject, $body, $headers);

           //redirect afterwords, if needed
           header('Location: thanks.html');
  
  
?>

Screen Shots

enter image description here

enter image description here

enter image description here



source https://stackoverflow.com/questions/68170293/can-you-review-my-website-email-contact-form-that-uses-php-and-g-recaptcha

Comments

Popular posts from this blog

Confusion between commands.Bot and discord.Client | Which one should I use?

Whenever you look at YouTube tutorials or code from this website there is a real variation. Some developers use client = discord.Client(intents=intents) while the others use bot = commands.Bot(command_prefix="something", intents=intents) . Now I know slightly about the difference but I get errors from different places from my code when I use either of them and its confusing. Especially since there has a few changes over the years in discord.py it is hard to find the real difference. I tried sticking to discord.Client then I found that there are more features in commands.Bot . Then I found errors when using commands.Bot . An example of this is: When I try to use commands.Bot client = commands.Bot(command_prefix=">",intents=intents) async def load(): for filename in os.listdir("./Cogs"): if filename.endswith(".py"): client.load_extension(f"Cogs.{filename[:-3]}") The above doesnt giveany response from my Cogs ...

How to show number of registered users in Laravel based on usertype?

i'm trying to display data from the database in the admin dashboard i used this: <?php use Illuminate\Support\Facades\DB; $users = DB::table('users')->count(); echo $users; ?> and i have successfully get the correct data from the database but what if i want to display a specific data for example in this user table there is "usertype" that specify if the user is normal user or admin i want to user the same code above but to display a specific usertype i tried this: <?php use Illuminate\Support\Facades\DB; $users = DB::table('users')->count()->WHERE usertype =admin; echo $users; ?> but it didn't work, what am i doing wrong? source https://stackoverflow.com/questions/68199726/how-to-show-number-of-registered-users-in-laravel-based-on-usertype

Why is my reports service not connecting?

I am trying to pull some data from a Postgres database using Node.js and node-postures but I can't figure out why my service isn't connecting. my routes/index.js file: const express = require('express'); const router = express.Router(); const ordersCountController = require('../controllers/ordersCountController'); const ordersController = require('../controllers/ordersController'); const weeklyReportsController = require('../controllers/weeklyReportsController'); router.get('/orders_count', ordersCountController); router.get('/orders', ordersController); router.get('/weekly_reports', weeklyReportsController); module.exports = router; My controllers/weeklyReportsController.js file: const weeklyReportsService = require('../services/weeklyReportsService'); const weeklyReportsController = async (req, res) => { try { const data = await weeklyReportsService; res.json({data}) console...