/formtoemailpro.php

Large files files are truncated, but you can click here to view the full file

<?php

error_reporting(E_ALL ^ E_NOTICE);

/*

Thank you for purchasing FormToEmail-Pro by FormToEmail.com

Version 3.8 August 18th 2010

COPYRIGHT FormToEmail.com 2006 - 2010 - All rights reserved.

You may not sell (or otherwise distribute) this script.  YOU ARE NOT PERMITTED TO POST THIS CODE IN A PUBLIC PLACE, such as a forum for example.  A single license entitles you to use this script on one website only.  A multiple license entitles you to use this script on any number of sites owned or maintained by you.

For support, please visit: http://formtoemail.com/support/

If you are new to this, have a look at the "form-to-email primer", here:

http://formtoemail.com/support/form_to_email_primer.php

DESCRIPTION
-----------

FormToEmail-Pro is a form processing script written in PHP. It allows you to place a form on your website which your visitors can fill out and send to you.  The contents of the form are sent to the email address (or addresses) which you specify below.  The form (code supplied below) allows your visitors to enter their name, email address and comments.  You can add additional fields to the form or use the script to process any other form, see below.

The script is very secure.  Your visitors (and spambots) cannot see your email address.  The script cannot be hijacked by spammers for using as a relay to send spam from.  It has a number of features to combat contact-form spam.

You can add additional fields to your form, which this script will also process without making any additional changes to the script.  You can also use it to process your own existing forms, if doing so, make sure your form action is correct, like so: <form action="formtoemailpro.php" etc>.  The script will handle the "POST" or "GET" methods.  It will also handle multiple select inputs and multiple check box inputs.  If using these, you must name the field as an array using square brackets, like so: <select name="fruit[]" multiple>.  The same goes for check boxes if you are using more than one with the same name, like so: <input type="checkbox" name="fruit[]" value="apple">Apple<input type="checkbox" name="fruit[]" value="orange">Orange<input type="checkbox" name="fruit[]" value="banana">Banana

** PLEASE NOTE **  If you are using the script to process your own forms (or older FormToEmail forms) you must ensure that the email field is named correctly in your form, thus: <input type="text" name="email">.  Note the lower case "email".  If you don't do this, you won't be able to see who the email is from and the script won't be able to check the validity of the email.  The autoresponse won't work either.  If you are using the form code below, you don't need to check for this.

The script will handle file uploads of any file type and send them as attachments to the email that is sent to you or upload them to your server.  There is no limit to the number of files you can upload.  To allow your form to uploaded files, you must put this enctype="multipart/form-data" in the form action and use the "post" method, like so: <form action="formtoemailpro.php" method="post" enctype="multipart/form-data">.  You must also use a file input <input type="file" name="whatever"> on your form, one for each file you wish the visitor to upload.  Give each one a different name.  You do not need to make any configuration changes to the script to allow file uploads to be sent as attachments, they will be detected automatically.  If you wish to save the uploaded files to your server instead of sending them as attachments then you must enable this in the configuration options below.

This is a PHP script.  In order for it to run, you must have PHP (version 4.1.0 or later) on your webhosting account, and have the PHP mail() function enabled and working.  If you are not sure about this, please ask your webhost about it.

SETUP INSTRUCTIONS
------------------

Step 1: Put the form code on your webpage (if not using an existing form)
Step 2: Enter your email address
Step 3: Configure the script (optional)
Step 4: Upload the files to your webspace

Step 1:
-------

Put the form code on your webpage (if not using an existing form).

If using an existing form, remember to change the action to: <form action="formtoemailpro.php" method="post">.  Remember also to use "email" lower case for the email input, like so: <input type="text" name="email">

The HTML code below is for the form that will appear on your form page.  This code makes a basic contact form with name, email and comments.  Copy the code as it is, and paste it into your webpage:

<form action="formtoemailpro.php" method="post">
<table border="0" style="background:#ececec" cellspacing="5">
<tr align="left"><td>Name</td><td><input type="text" size="30" name="name"></td></tr>
<tr align="left"><td>Email</td><td><input type="text" size="30" name="email"></td></tr>
<tr align="left"><td valign="top">Comments</td><td><textarea name="comments" rows="6" cols="30"></textarea></td></tr>
<tr align="left"><td>&nbsp;</td><td><input type="submit" value="Send"></td></tr>
</table>
</form>

Step 2:
-------

Enter your email address.

Enter the email address below to send the contents of the form to.  Like this for example: $my_email = "webmaster@example.com";   If desired, you can enter more than one email address separated by commas, like so: $my_email = "bob@example.com,sales@example.co.uk,jane@example.com";

*/

$my_email = "mktgnorwood@gmail.com, jmerrikin@gmail.com,dsmerrikin@gmail.com";

/*

The script will now work.  Everything below this line is optional.  If you wish, you can now proceed to Step 4 (Upload the files to your webspace).

Step 3:
-------

Configure the script (optional).

You can edit these options at any time.  If you do so, remember to save the file and upload it to your webspace.

Bcc email addresses.  The script can send a Blind Carbon Copy (BCC) of the email to the address(es) specified below.  Enter the address(es) between the quotes below, like this for example: $bcc = "support@example.com,mail@example.com";

*/

$bcc = "";

/*

Subject line.  The default subject line for the email that is sent to you, is shown below.  To change this, enter your own subject between the quotes.  Make sure that you use a subject that will get past any spam filters you might use.

*/

$subject = "Norwoodlandscape.com inquiry";

/*

From: email address.  Only do this if you know you need to.  By default, the email you get from the script will show the visitor's email address as the From: address.  In most cases this is desirable.  On the majority of setups this won't be a problem but a minority of hosts insist that the From: address must be from a domain on the server.  For example, if you have the domain example.com hosted on your server, then the From: email address must be something@example.com (See your host for confirmation).  This means that your visitor's email address will not show as the From: address, and if you hit "Reply" to the email from the script, you will not be replying to your visitor.  You can get around this by hard-coding a From: address into the script using the configuration option below.  Enabling this option means that the visitor's email address goes into a Reply-To: header, which means you can hit "Reply" to respond to the visitor in the conventional way.  (You can also use this option if your form does not collect an email address from the visitor, such as a survey, for example, and a From: address is required by your email server.)  The default value is: $from_email = "";  Enter the desired email address between the quotes, like this example: $from_email = "contact@example.com";  In these cases, it is not uncommon for the From: ($from_email) address to be the same as the To: ($my_email) address, which on the face of it appears somewhat goofy, but that's what some hosts require.

*/

$from_email = "";

/*

Continue link.  You have the option of presenting your visitor with a standard "thank you" message or automatically redirecting them to a "thank you" page (or any page of your choosing) after they have submitted the form.  The default is the standard "thank you" message.  If you are using the standard "thank you" message, they will be provided with a "continue" link to your homepage (or any page of your choosing) after submitting the form, which they can click on to continue.  Enter the continue link to offer the user.  If you do not change this, your visitor will be given a continue link to your homepage.  If you are using the automatic redirect option below, the $continue value is ignored.

If you do change it, remove the "/" symbol below and replace it with the address of the page to link to, eg: "mypage.htm" or "http://www.elsewhere.com/page.htm"

*/

$continue = "/";

/*

Automatic redirect.  If you would like the visitor to be automatically redirected to another page (or site) when they successfully submit the form (as opposed to getting the standard "thank you" message) change the value below to 1, like so: $auto_redirect = 1;

*/

$auto_redirect = 1;

/*

Enter the web address of the page that you would like the visitor to be automatically redirected to (between the quotes below).  You only need to do this if you have enabled the auto redirect above.  You can redirect them to any page on any site, it doesn't have to be a page on your own site.  It is advisable to write the full URL like so: $redirect_url = "http://example.com/thankyou.htm";

*/

$redirect_url = "thank_you.html";

/*

HTML template for the "thank you" message.  Instead of using the standard "thank you" message or redirecting to another page, you can use an HTML template to display a "thank you" message of your own design.  This "thank you" page will be displayed on the screen when the form is submitted successfully.  The biggest advantage of this method is that you can include submitted values from your form in the page, and you can make the page EXACTLY as you want it.  To use this option, you need to make an HTML template file, which you upload to your webspace, then enable the option below.  The HTML template file is a normal HTML file, with the addition of some, none, or all of the submitted form values in it.  If it suits your purpose, you can make the file without showing any of the submitted form values.  Write the file as you would any HTML page.  Where you want to show submitted form values in the file, use ff<form_field> (replace "form_field" with the name of the submitted form field you want to show).  Like this for example:

<p><b>State:</b> ff<state></p>

The above example will print your visitor's state as entered in the state input <input type="text" name="state"> on your form (for example).

Save the HTML template file by the name shown below in the $thank_you_message_template_filename option, then upload it to your webspace in the same directory/folder as the script (default location for it).

For more information on this, see the section below about using an email template, which works in the same way.

By default, this option is not enabled: $thank_you_message_template = 0;  To enable it, change the 0 to 1 below, like so: $thank_you_message_template = 1;

*/

$thank_you_message_template = 0;

/*

"Thank you" message template filename.  This option allows you to state a name and location for the HTML "thank you" message template file.  You must name your template file as stated below, and upload it to your webspace in the location stated below.  The default is: $thank_you_message_template_filename = "thank_you_message_template.php";  This means you need to save your HTML template file as "thank_you_message_template.php" and upload it to the same directory/folder as the script.  You can call the file by any name, and you can upload it to any location on your server.  If you are keeping the file in the same directory/folder as this script and would like to change the name of the file, you do not need to enter a path to the file, just change the name below, between the quotes, and save your template file by the same name.  If you are uploading your template file to a directory/folder other than the one the script is in, then you must state the path, like this for example: $thank_you_message_template_filename = "/home/bob/includes/thank_you_message_template.php";  This configuration is ignored if you have not enabled the $thank_you_message_template option above.

*/

$thank_you_message_template_filename = "thank_you_message_template.php";

/*

Pre-populate the form.  If enabled, a session will be created and the submitted values from the form will be stored in the session.  This means the values will be available to your form page should your visitor go back to your form after getting an error.  You can then display (pre-populate) the submitted values on the form.  To display the values, you need to add some code to your form page (the script can't do that for you) and enable the option below.  This prevents the visitor getting a blank form when they return to the form to correct any errors.  Such blank forms are caused by browser behaviour and settings (not the script).  Some browsers refresh the page when you hit "back" others don't.  If the form page is refreshed, the visitor gets a blank form and has to enter their information over again.  Enabling the option below and coding your form page to display the submitted values means your visitor won't be faced with a blank form if they have to return to it, they will get the values they submitted.

To display the submitted form values, your form page needs to be a PHP page, with a .php extension, like contact.php for example.  If it's an HTML page, just save it with a .php extension.

Add this code to your form page:

Put this at the top:

<?php

session_start();

if(isset($_SESSION['submitted_form_values'])){extract($_SESSION['submitted_form_values']);}

?>

To display the visitor's entered values on the form (instead of presenting a blank form) you need to put some PHP code into your HTML form code.  For each form input on your form (where you expect a visitor to enter data, not a hidden field for example) you need to have a piece of code like this:

<?php if(isset($form_field_name)){print stripslashes($form_field_name);}else{print "";} ?>

It is used to print a value in the form field.  $form_field_name is replaced with a variable that is EXACTLY the same name as the form field.  Here's an example.  Suppose you have an input on your form, like this:

<input type="text" name="Street_Address">

To show the visitor's entered value, put the above PHP code into a value for the field, like so:

<input type="text" name="Street_Address" value="<?php if(isset($Street_Address)){print stripslashes($Street_Address);}else{print "";} ?>">

Note that "$Street_Address" is used (two instances) in place of the generic "$form_field_name".  Do the same for all text inputs, replacing $form_field_name with the exact (case sensitive) variable name of the form field (the preceding dollar sign makes it a variable).

The above instructions give you the rudiments of it.  For more information about coding for drop-down lists, textareas, radio buttons, checkboxes and a sample basic form page (name, email, comments) correctly coded, please see this page on the support section:

http://formtoemail.com/support/pre_populate_form.php

Next, enable the option below.  Default value: $pre_populate_form = 0;  To enable the option, change the 0 below to 1, like so: $pre_populate_form = 1;

*/

$pre_populate_form = 0;

/*

Show errors on form page.  By default, the script will issue any error messages on the screen after the form is submitted.  The form is not shown, and the user has to hit "back" to get back to the form (the standard error message page can be customized, have a look at this page on the support section for more information: http://formtoemail.com/support/customizing_error_messages.php).

If you would like the user to be returned to your form page when errors occur and have the error messages shown along with the form, you will need to add some code to your form page to display the errors (the script can't do that for you).  You will also need to enable the $show_errors_on_form_page option, and enter a value for the $form_page_url variable below.  Your form page needs to be a PHP page, with a .php extension, like contact.php for example.  If it's an HTML page, just save it with a .php extension.  By displaying the errors on the form page, it will appear to the visitor that they have not left the page.

Add this code to your form page:

Put this at the top (if "session_start();" is not already there):

<?php

session_start();

?>

Then put this code on your page where you would like the errors to appear:

<?php

if(isset($_SESSION['formtoemail_form_errors']))
{

print "<div style=\"color:#ff0000\">";

foreach($_SESSION['formtoemail_form_errors'] as $form_error_value){print "<b>" . stripslashes($form_error_value) . "</b><br>";}

print "</div>";

unset($_SESSION['formtoemail_form_errors']);

}

?>

It is recommended that you enable the $pre_populate_form option above and add the appropriate code for it in your form page (see above).  This means the form values will be retained in the form in the event of an error.  Otherwise, a blank form will be shown.  You can get code for a basic contact form (name, email, comments) containing the above code to show the errors and the code for displaying the submitted form values.  See this page on the support section:

http://formtoemail.com/support/show_errors_on_form_page.php 

Next, enable the option below.  Default value: $show_errors_on_form_page = 0;  To enable the option, change the 0 below to 1, like so: $show_errors_on_form_page = 1;

*/

$show_errors_on_form_page = 1;

/*

Form page URL.  This value is only required if you have enabled the $show_errors_on_form_page option above (and have added the appropriate code to your form) otherwise it is ignored.  This is the URL of your form page.  Your visitors will be returned to it in the case of errors.  Default value: $form_page_url = "";  Enter the full URL below, between the quotes, like this example: $form_page_url = "http://example.com/contact.php";

*/

$form_page_url = "contact.php";

/*

You can compare two email address inputs to confirm the visitor's email address.  The visitor must correctly enter their email address in the two inputs, otherwise they will get an error and the email will not be sent.  If using this option, you must have two email inputs on your form named "email" and "email2", like this: <input type="text" name="email"> <input type="text" name="email2">.  By default, this is not enabled.  Default value: $confirm_email_address = 0;  To enable it, change the 0 below to 1 like so: $confirm_email_address = 1;

*/

$confirm_email_address = 0;

/*

Required fields.  You can choose to require specific fields on your form.  If these are empty when the form is submitted the user will be issued with a message to go back and enter a value.  The form will not be sent until the required fields are filled out.  If you do not enable required fields, the script will still issue an error if all fields are blank, and will not send an email.  To enable checking for required fields, change the value below from 0 to 1, like so: $required_fields_check = 1;

*/

$required_fields_check = 1;

/*

Specify which fields to require.  You only need to do this if you have enabled the checking for required fields above.  Enter the name of the field in quotes.  If you wish to require more than one field, separate them with commas.  Like this for example: $required_fields = array('name','comments');  The field name must be exactly as it appears on the form.  For example if you have this on your form: <input type="text" name="Zip_Code"> and you want to require the name and zip code you would do this: $required_fields = array('name','Zip_Code');  Please note, if you are using an array for an input name (e.g name="product[]") and you wish to make this a required field, enter the name below without the square brackets like so ('product').  The standard form has the three fields shown below.  If you have not enabled checking for required fields (above) you can leave the line below as it is, as it will be ignored.

*/

$required_fields = array('email');

/*

IP address display.  If you enable this, the email sent to you will have the sender's IP address shown at the bottom.  If you have enabled the option to write to a CSV file on the server or to attach a CSV file to the email, the Sender's IP address will be shown in these.  In all cases, the Sender's IP address is removed from the autoresponse email to the sender.  To enable this option, change the 0 to 1, like so: $show_ip = 1;

*/

$show_ip = 0;

/*

Check for banned IPs.  You can ban specific IP addresses or IP address classes from using your form.  To enable checking for these, change the value below to 1, like so: $banned_ips_check = 1;

*/

$banned_ips_check = 0;

/*

Banned IPs.  Make a list of the IP addresses (or classes) you would like to ban.  You must enable checking for banned IPs above, for this to work.  Enter the IP address in quotes.  For more than one address, separate them with commas as in this example: $banned_ips = array('44.22.233.21','82.24.56.1','224.130.87.113');

To ban an IP address class, enter the class like so (remembering to put a period at the end): $banned_ips = array('44.','82.24.','224.130.87.');  So looking at the last class in this example, any IP address in the range 224.130.87.0 to 224.130.87.255 will be banned.  In other words, any IP address beginning with 224.130.87. will be banned.

Here's an example of individual IP addresses and an IP class (they all go in the same array): $banned_ips = array('44.22.233.21','224.130.87.113','82.24.');

Please note, the IP addresses and classes shown in the above examples are fictitious.  There is virtually no limit to the number of IP addresses you can list here but the more you have the slower the script will run (as with any script) but you would need to have quite a large list to notice any difference.

The default value is: $banned_ips = array();  Enter the IP addresses (or classes) between the brackets, if required.

*/

$banned_ips = array();

/*

Banned IP message.  If the form is submitted from a banned IP address, the (contents of the form) email will not be sent to you.  The script will issue an error to the user.  You can edit the error message by changing the message between the quotes below.  If you don't want to reveal that the IP address is banned, you could have a message like "An error has occurred.  The form was not sent.".

*/

$banned_ip_message = "Your IP address is banned.  The form was not sent.";

/*

Cookie requirement.  If you enable this the script will first check for the existence of a cookie.  If the cookie does not exist, the script will exit, an error message will be issued and the email will not be sent.  This is a very useful feature as it will block some spam bots.  If this is enabled, the user (your website visitor) must have cookies enabled on their browser.  To use this feature you must set a cookie on the page that the form is on.  If it is on an HTML page you can set the cookie by putting this line in the <head></head> section: <meta http-equiv="Set-Cookie" content="formtoemailpro=1">

If the form is on a PHP page, you can set the cookie by entering this code on the page (before any output - usually near the top): setcookie('formtoemailpro',1);

To require a cookie, change the value to 1, like so: $require_cookie = 1;

*/

$require_cookie = 0;

/*

Referrer check.  By default the script will check for a referrer (referer) header to establish that the form is being submitted from your site.  To disable this, change the value to 0, like so: $check_referrer = 0;

*/

$check_referrer = 1;

/*

Word block.  You can block any word (rude or otherwise), character, string or phrase from being submitted.  If such an instance is detected the script will issue an error and the email will not be sent.  The script performs this check by default and checks all fields for the words.  The default value is: $word_block = 1;  To disable it, change the value below to 0, like so: $word_block = 0;

*/

$word_block = 1;

/*

Blocked words.  This is a list of words or characters that will be checked for if word block is enabled above.  You can add or remove words from the array below.  You can enter a single character or a string of characters or words (it is not case-sensitive).  Place each word (or phrase) in quotes and separate them with commas.  By default the script will not allow web addresses (URLs beginning with http:// or https://) to be posted.  If someone is trying to spam you, you can be fairly certain that they will include a web address in the comments or elsewhere.  If you expect your visitors to enter web addresses, then you should remove 'http://','https://' from the array (or disable word block above).  The line below is only used if word block is enabled, otherwise it is ignored.  Default value is: $blocked_words = array('http://','https://','viagra');

*/

$blocked_words = array('http://','https://','viagra', 'sex', 'porn');

/*

Gibberish check.  Frequently, contact form spam may consist of gibberish "words" like "YwfZCvLdDQYDTzGAH" or "MldMtrPAgZq" for example.  The gibberish check identifies such "words", blocks them and issues an error.  If an error is issued, the script will not send the email.  It looks for a series of consecutive consonants or consecutive vowels.  These "words" very often have a long series of consecutive consonants or consecutive vowels that you would not find in a normal word.  You can set a threshold (below) which will allow consecutive vowels or consecutive consonants up to the threshold limit.  This check only works for English alphabet vowels and consonants.  By default it is enabled.  The default value is $gibberish_check = 1;  To disable it, change the 1 below to a 0, like so: $gibberish_check = 0;

*/

$gibberish_check = 1;

/*

Gibberish threshold.  The gibberish threshold is used in conjunction with the gibberish check above.  It defines a threshold for the number of consecutive consonants or consecutive vowels you will allow in submitted words.  The default setting is $gibberish_threshold = 6;  This means that if any 6 (or more) consecutive vowels or any 6 (or more) consecutive consonants are present in a word, then it will be blocked.  Change the value to suit.  6 appears to be a good setting as there are not many English words that have six or more consecutive vowels or consonants.  This setting has no effect if the gibberish check is disabled above.

*/

$gibberish_threshold = 6;

/*

Gibberish, exclude fields.  You can exclude specified form fields from the gibberish check.  Any such excluded fields will not be checked for gibberish.  This is mainly to exclude email fields from the check as email addresses often contain gibberish "words" and would otherwise get blocked by the gibberish check.  Such fields are excluded by default ($gibberish_exclude_fields = 1;).  To disable this option, change the 1 to 0 like so: $gibberish_exclude_fields = 0;  You can list the fields to exclude in the next option below.

*/

$gibberish_exclude_fields = 1;

/*

Gibberish, fields to exclude.  List the field names below that you wish to be excluded from the gibberish check.  You must name the field(s) EXACTLY as they appear on your form.  Default is: $gibberish_fields_to_exclude = array('email','email2');  Separate the field names with quotes and commas, as shown in the default setting.  If you only have one field in the array, you don't need a comma, like this example: $gibberish_fields_to_exclude = array('email');  This list of fields is only referenced if $gibberish_exclude_fields is enabled above.

*/

$gibberish_fields_to_exclude = array('email','email2');

/*

Gobbledegook check.  You sometimes get spam consisting entirely of gobbledegook characters (� � � etc).  These occur when a spammer takes a guess at encoding and gets it wrong.  This check will prevent any messages getting through if gobbledegook is found.  By default this check is not done.  The default value is: $gobbledegook_check = 0;  To enable it, change the value to 1, like so: $gobbledegook_check = 1;

*/

$gobbledegook_check = 0;

/*

Securimage CAPTCHA.  This is a third-party CAPTCHA system, written by Drew Phillips from phpcaptcha.org .  It's a good system and it's easy to install.  It displays a CAPTCHA image on your form and an input box where your visitor verifies the code in the CAPTCHA image.  The script then tests the value of the entered code and gives an error if it is incorrect.

To install it, first you need to put the code for it in your HTML form code (to display the captcha on your form).  Here is some sample HTML code for a basic contact form (name, email, comments) including the code for the Securimage CAPTCHA:

<form action="formtoemailpro.php" method="post">
<table border="0" style="background:#ececec" cellspacing="5">
<tr align="left"><td>Name</td><td><input type="text" size="30" name="name"></td></tr>
<tr align="left"><td>Email</td><td><input type="text" size="30" name="email"></td></tr>
<tr align="left"><td valign="top">Comments</td><td><textarea name="comments" rows="6" cols="30"></textarea></td></tr>
<tr align="left"><td valign="top">Security code</td><td><img id="captcha" src="/securimage/securimage_show.php" alt="CAPTCHA Image"><br><a href="#" style="background:#ececec" onclick="document.getElementById('captcha').src = '/securimage/securimage_show.php?' + Math.random(); return false">Reload Image</a></td></tr>
<tr align="left"><td>Verify code</td><td><input type="text" name="captcha_code" size="10" maxlength="6"></td></tr>
<tr align="left"><td>&nbsp;</td><td><input type="submit" value="Send"></td></tr>
</table>
</form>

If you are using an existing form, here is the HTML code you need to add to it:

<img id="captcha" src="/securimage/securimage_show.php" alt="CAPTCHA Image"><br><a href="#" onclick="document.getElementById('captcha').src = '/securimage/securimage_show.php?' + Math.random(); return false">Reload Image</a><br><input type="text" name="captcha_code" size="10" maxlength="6">

You then need to make a directory/folder in your webspace called /securimage and upload the Securimage CAPTCHA files to it (note spelling of "securimage"...only one "e"!).  The directory would look like this example:

http://www.example.com/securimage/

You then need to download a zip file containing the Securimage CAPTCHA files.  Unzip the file and put all the files into your newly created /securimage folder/directory on your webspace.  You can get the zip file here:

http://formtoemail.com/securimage_captcha_files.zip

(Optionally, you can customize the CAPTCHA image, fonts, colors etc by editing the file /securimage/secureimage.php which is in the files you uploaded to the /securimage directory.  For support, see http://www.phpcaptcha.org/)

Then all you need to do is enable it below.  By default this option is not enabled ($Securimage_CAPTCHA = 0;).  To enable it, change the 0 below to 1, like so: $Securimage_CAPTCHA = 1;

*/

$Securimage_CAPTCHA = 0;

/*

reCAPTCHA system.  This is a third-party CAPTCHA system (more information here: http://recaptcha.net/).  reCAPTCHA is a claimed Trademark.  If you enable this option, the script will check the user input from the CAPTCHA.  To use this system, you first need to register with recaptcha.net and get a public and private key which you enter on your form and in this script (the public key goes in your form page, the private key gets entered in this script below).  The keys are only valid for the domain they were registered to (see recaptcha.net for more information).

To install it, first you need to put the code for it in your HTML form code (to display the captcha on your form).  Here is some sample HTML code for a basic contact form (name, email, comments) including the code for the reCAPTCHA system.  Copy the code below as it is, and paste it into your webpage (you will need to enter your reCAPTCHA public key where indicated, more information below):

<form action="formtoemailpro.php" method="post">
<table border="0" style="background:#ececec" cellspacing="5">
<tr align="left"><td>Name</td><td><input type="text" size="30" name="name"></td></tr>
<tr align="left"><td>Email</td><td><input type="text" size="30" name="email"></td></tr>
<tr align="left"><td valign="top">Comments</td><td><textarea name="comments" rows="6" cols="30"></textarea></td></tr>
<tr align="left"><td>&nbsp;</td><td>

<?php
require_once('recaptchalib.php');
$publickey = "enter your reCAPTCHA public key in here between the quotes";
echo recaptcha_get_html($publickey);
?>

</td></tr>
<tr align="left"><td>&nbsp;</td><td><input type="submit" value="Send"></td></tr>
</table>
</form>

If using your own form, then you need to paste in this code between the <form></form> tags:

<?php
require_once('recaptchalib.php');
$publickey = "enter your reCAPTCHA public key in here between the quotes";
echo recaptcha_get_html($publickey);
?>

Note that you have to enter your reCAPTCHA public key in the above code (same too if using the sample form code above).  Your form page MUST be a PHP page for the reCAPTCHA code to work.  i.e. your page must have a .php extension like "contact.php" for example.  You will also need to download the PHP zip file from recaptcha.net and put the file "recaptchalib.php" in the same directory/folder as the form page and script.  The zip file from recaptcha.net has several files in it but "recaptchalib.php" is the only one you need.  You can get it here: http://code.google.com/p/recaptcha/downloads/list?q=label:phplib-Latest

All the code you need is included in the script. You do not need to get any code from recaptcha.net. The only thing you need from them is your public and private keys and the zip file containing recaptchalib.php.

By default this option is not enabled ($reCAPTCHA = 0;).  To enable it, change the 0 below to 1, like so: $reCAPTCHA = 1;

*/

$reCAPTCHA = 0;

/*

Private key for the reCAPTCHA system.  Enter your reCAPTCHA private key between the quotes below.  You get this from recaptcha.net when you register with them, see above.  The key is only valid for the domain it was registered to.  This is only used if you have enabled the reCAPTCHA system above.  Default is: $privatekey = "";

*/

$privatekey = "";

/*

textCAPTCHA system.  textCAPTCHA is a third-party captcha system (more information here: http://textcaptcha.com/).  As the name implies, it is a text-based captcha system, presenting security questions in plain text, which the visitor must answer correctly to submit the form.  This is particularly useful for people who are visually impaired.  It presents logic questions like (for example): "The colour of a pink cake is?".

To use this captcha system on your form, you need to do the following:

1. Register with textCAPTCHA to get a unique API key.
2. Place some PHP code (including your unique API key) on your form to display the textCAPTCHA.
3. Enable the $textCAPTCHA option below.

In more detail:

1. To use textCAPTCHA you need a unique API key.  You get this by registering with them, here: http://textcaptcha.com/register  They will send your unique API key by email.

2. Place some PHP code on your form page to display the textCAPTCHA.  Your form page needs to be a PHP page with a .php extension, like "contact.php" for example.  If your form page has a .htm or .html extension, simply save it with a .php extension.  This system uses a session, so you need to have support for sessions on your PHP setup (you will have this by default).  You also need to have allow_url_fopen enabled, which you should also have by default.

Place this PHP code (between the asterisks) on your form page AT THE VERY TOP and ADD YOUR UNIQUE API KEY TO IT:

***
<?php

session_start();

$my_api_key = "enter your unique API key in here";

$textcaptcha_url = "http://textcaptcha.com/api/";

$textcaptcha = file_get_contents($textcaptcha_url.$my_api_key);

$textcaptcha = explode("</question>",$textcaptcha);

$textcaptcha_question = explode("<question>",$textcaptcha[0]);

$textcaptcha_question = str_replace("&apos;","'",$textcaptcha_question[1]);

$textcaptcha_answer = explode("</answer>",$textcaptcha[1]);

$answer = array();

foreach($textcaptcha_answer as $value)
{

$textcaptcha_answer2 = explode("<answer>",$value);

if(isset($textcaptcha_answer2[1])){$answer[] = $textcaptcha_answer2[1];}

}

$_SESSION['textcaptcha_answer'] = $answer;

?>
***

In the above code, enter your unique API key, like this example:

$my_api_key = "pb1sqjtpw1wgkk8808wc0osk8755pdjd";

Then, to show the security question and a text input for the visitor's answer on your form, use this code:

<?php print $textcaptcha_question ?><br><input type="text" size="30" name="textcaptcha">

...place the above line of code within your form code, between the <form action="formtoemailpro.php" method="post"></form> tags.

Here's a sample form using the above line of code:

<form action="formtoemailpro.php" method="post">
<table width="350" border="0" style="background:#ececec" cellspacing="5">
<tr align="left"><td>Name</td><td><input type="text" size="30" name="name"></td></tr>
<tr align="left"><td>Email</td><td><input type="text" size="30" name="email"></td></tr>
<tr align="left"><td valign="top">Comments</td><td><textarea name="comments" rows="6" cols="30"></textarea></td></tr>
<tr align="left"><td>&nbsp;</td><td><?php print $textcaptcha_question ?><br><input type="text" size="30" name="textcaptcha"></td></tr>
<tr align="left"><td>&nbsp;</td><td><input type="submit" value="Send"></td></tr>
</table>
</form>

Save your form page and upload it to your webspace.

3. By default this option is not enabled ($textCAPTCHA = 0;).  To enable it, change the 0 below to 1, like so: $textCAPTCHA = 1;

*/

$textCAPTCHA = 0;

/*

identiPIC photo CAPTCHA system.  This is a system whereby the visitor has to identify a picture or pictures on your form to proceed.  This is to stop spam bots.  To use this you need to have the correct code on your form and upload the required images to your webspace in the same directory(folder) as the webpage containing your form.  If enabled, the script will check the input and issue an error if the options selected do not match the solutions (below).  It is advisable to customize this to be unique to you.  See http://identipic.com for more information.

Here is sample HTML code for a basic contact form (name, email, comments) including the code for the identiPIC photo CAPTCHA.  Copy it and paste it into your webpage:

<form action="formtoemailpro.php" method="post">
<table border="0" style="background:#ececec" cellspacing="5">
<tr align="left"><td>Name</td><td><input type="text" size="30" name="name"></td></tr>
<tr align="left"><td>Email</td><td><input type="text" size="30" name="email"></td></tr>
<tr align="left"><td valign="top">Comments</td><td><textarea name="comments" rows="6" cols="30"></textarea></td></tr>
<tr><td>&nbsp;</td><td>
<table border="0">
<tr><td colspan="3">Security test.  Please identify the pictures:</td></tr>
<tr><td><img src="identiPIC_1.jpg" alt=""></td><td><img src="identiPIC_2.jpg" alt=""></td><td><img src="identiPIC_3.jpg" alt=""></td></tr>
<tr><td>
<select name="identiPIC_selected[1]">
<option value="">Click to identify</option>
<option>Apple</option>
<option>Cat</option>
<option>Clock</option>
<option>Dog</option>
<option>Flower</option>
<option>Fork</option>
<option>Hammer</option>
<option>Key</option>
<option>Ship</option>
<option>Tree</option>
</select></td><td>

<select name="identiPIC_selected[2]">
<option value="">Click to identify</option>
<option>Apple</option>
<option>Cat</option>
<option>Clock</option>
<option>Dog</option>
<option>Flower</option>
<option>Fork</option>
<option>Hammer</option>
<option>Key</option>
<option>Ship</option>
<option>Tree</option>
</select></td><td>

<select name="identiPIC_selected[3]">
<option value="">Click to identify</option>
<option>Apple</option>
<option>Cat</option>
<option>Clock</option>
<option>Dog</option>
<option>Flower</option>
<option>Fork</option>
<option>Hammer</option>
<option>Key</option>
<option>Ship</option>
<option>Tree</option>
</select></td></tr></table></td></tr>

<tr align="left"><td>&nbsp;</td><td><input type="submit" value="Send"></td></tr>
</table>
</form>

If you are using your own form you will need to add the HTML code for the identiPIC photo CAPTCHA to it.  Use this code and paste it into your existing HTML form code:

<table border="0">
<tr><td colspan="3">Security test.  Please identify the pictures:</td></tr>
<tr><td><img src="identiPIC_1.jpg" alt=""></td><td><img src="identiPIC_2.jpg" alt=""></td><td><img src="identiPIC_3.jpg" alt=""></td></tr>
<tr><td>
<select name="identiPIC_selected[1]">
<option value="">Click to identify</option>
<option>Apple</option>
<option>Cat</option>
<option>Clock</option>
<option>Dog</option>
<option>Flower</option>
<option>Fork</option>
<option>Hammer</option>
<option>Key</option>
<option>Ship</option>
<option>Tree</option>
</select></td><td>

<select name="identiPIC_selected[2]">
<option value="">Click to identify</option>
<option>Apple</option>
<option>Cat</option>
<option>Clock</option>
<option>Dog</option>
<option>Flower</option>
<option>Fork</option>
<option>Hammer</option>
<option>Key</option>
<option>Ship</option>
<option>Tree</option>
</select></td><td>

<select name="identiPIC_selected[3]">
<option value="">Click to identify</option>
<option>Apple</option>
<option>Cat</option>
<option>Clock</option>
<option>Dog</option>
<option>Flower</option>
<option>Fork</option>
<option>Hammer</option>
<option>Key</option>
<option>Ship</option>
<option>Tree</option>
</select></td></tr></table>

You next need to upload the identiPIC photo CAPTCHA images to your webspace.  Put them in the same directory/folder as your form page.  If using the sample code above, you will need three images: identiPIC_1.jpg, identiPIC_2.jpg and identiPIC_3.jpg . You can get them in a zip file, here:

http://formtoemail.com/identiPIC_images.zip

To enable this option, change the value below from 0 to 1, like so: $identiPIC_photo_CAPTCHA = 1;

*/

$identiPIC_photo_CAPTCHA = 0;

/*

identiPIC photo CAPTCHA solutions.  If you change a picture on your form and it has a new solution, enter the correct selection option for the picture below (if using the sample code and images above, leave these settings as they are).  The option must be written below exactly as it appears on the select option drop-down list for the appropriate picture on the web form.  Use alphanumeric characters (letters and/or numbers) you might get an error otherwise.  Spaces are ok but don't have any at the beginning or end of your words.  Suppose your first picture is a picture of a bicycle, the lines below would look like this:

$identiPIC[1] = "Bicycle";
$identiPIC[2] = "Flower";
$identiPIC[3] = "Fork";

IMPORTANT.  The number of lines must equal the number of identiPIC pictures on your form, otherwise the script will exit.  This is a security measure.  You can have as many pictures as you wish but there must be an accompanying solution for each one below and an accompanying drop-down list on your form, containing the correct solution.  So if (for example) you were to add an identiPIC picture of a ship to your form, making four pictures on your form, the lines would look like this:

$identiPIC[1] = "Apple";
$identiPIC[2] = "Flower";
$identiPIC[3] = "Fork";
$identiPIC[4] = "Ship";

The lines to edit are the lines below here:

*/

$identiPIC[1] = "Apple";
$identiPIC[2] = "Flower";
$identiPIC[3] = "Fork";

/*

Email template.  By default the script will send you an email in a standard format.  Be it plain text or HTML, you will get pretty much what the script gives you, style-wise.  You can make some adjustments/configurations to it, but if you want your email to look a certain way or include custom text, images, messages, styling, layout etc, then you can use an email template.  That way, the email you get from the script will be exactly as you want it.  To use a template, you need to enable the $email_template option below and make a template file which you must upload to your server/webspace.  You can make your email template plain text or HTML.  If using an HTML email template, you must also enable the $html_format option below.  The template is only used for the body of the email, you must set the subject above, as desired.  For information about making a template, please see this support page:

http://formtoemail.com/support/email_templates.php

This is the basics.  The email template file is a text file written in plain text or using HTML code.  The script reads it and uses the information to write the body of the email.  You write it just as you wish the email to be written.  You use ff<form_field> to get values from your form into the email (replace form_field with the form field name you wish to use).  You save the file by the name stated below and upload it to your webspace in the same directory/folder as this script.  Here's an example.  You have an input on your form called "first_name".  You could have this plain text code in your template:

Contact from ff<first_name>.

In the email you receive, ff<first_name> will be replaced by the name entered in the "first_name" field on your form by your visitor.

To make an HTML email template, just write the file as if it was an HTML page and use ff<form_field> to get values from your form.

To enable the email template option, change the 0 below to 1, like so: $email_template = 1;

Remember to enable the $html_format option below if you are using an HTML template.

*/

$email_template = 1;

/*

Email template filename.  This option tells the script the name of the email template file to use (if enabled above).  The default is this: $email_template_filename = "email_template.php"; but you can call the file by any name.  Enter the name below for your email template file if calling it by a different name.  Enter it between the quotes.  Otherwise, just keep the name as it is and use it for your template file.  If your template file is in the same directory/folder as this script, then you only need to enter the filename.  If your template file is in another directory/folder then write the full path and filename, like this example: $email_template_filename = "/home/bob/includes/email_template.php";

*/

$email_template_filename = "email_template.php";

/*

HTML formatting.  By default (if not using an email template) the script will send you an email in plain text but you can choose to have the output sent to you in HTML format.  This presents the output in a table with different colors and bold fonts which makes it very neat and easy to read.  You can customize it below.  Enabling this option also means that the autoresponder email (if enabled) will also be in HTML format.  If using an HTML email template, then you should also enable this option.  To enable HTML formatting change the value below to 1, like so: $html_format = 1;

*/

$html_format = 1;

/*

HTML output customizing.  Change the values below, as required, to customize the HTML output.  These values are only used if HTML formatting is enabled above, otherwise they are ignored.  These values are only applied to the HTML email produced by the script.  If using your own HTML email template (see above) these values are ignored.  You can use words (red, green) hexidecimal or RGB values for the colors.  The table outputs two columns.  The left one contains the keys (variables from your form fields) and the right one contains the values entered by your visitor.  Try it with the default settings first so you can see what it looks like.  The HTML format uses "old-fashioned" HTML (bgcolor, <font>) because some email readers have difficulty with CSS.

You can also change the font settings for the autoresponder message below (if enabled).

*/

$table_cellpadding = "5";
$table_cellspacing = "1";
$table_background_color = "#000000";
$table_left_column_color = "#ececec";
$table_left_column_font = "arial";
$table_left_column_font_size = "2";
$table_left_column_font_color = "#000000";
$table_right_column_color = "#ffffff";
$table_right_column_font = "arial";
$table_right_column_font_size = "2";
$table_right_column_font_color = "#000000";

$autoresponder_font = "arial";
$autoresponder_font_size = "2";
$autoresponder_font_color = "#000000";

/*

Character set.  Specify a character set (encoding) to be used in the output email and the built-in "thank you" message.  Only change this if you need to and you know the correct one to use.  Enter the desired value between the quotes.  Default: $character_set = "iso-8859-1";  Please also state the character set in the <head> of your form page.  So for example if you are using utf-8, the line in your form page would be: <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> and the variable below would be: $character_set = "utf-8";

*/

$character_set = "iso-8859-1";

/*

Encode From: name and subject line.  Apply encoding to the email From: name and the email subject line.  Only do this if you need to.  You will normally only need to do this if you are using exotic characters that are getting garbled in the From: name or subject line.  It uses the $character_set variable value above.  The default setting is disabled, thus: $encode_name_subject = 0;  To enable it, change the 0 to 1, like so: $encode_name_subject = 1;

*/

$encode_name_subject = 0;

/*

CSV attachment.  You can choose to have the form data included in a CSV (Comma Separated Value) file that is sent as an attachment to the email the script sends (you …

Large files files are truncated, but you can click here to view the full file