PHP contact form is used to communicate the site owner with customers. The site owner can know the thought of customers regarding their service with the contact form. We have created simple contact form using HTML and PHP. The webmaster can easily pluck this contact form in the new or existing web pages.
Process of contact form:
- The contact form should have the basic fields like name, email, contact number, message.
- Once user filled the information, the submitted form is validated by PHP backend program.
- If there is any validation issue exists then redirect the user into contact form with validation issues mentioned.
- If there is no validation issue then send the mail to site owner with the submitted data.
Required files:
- php_contact_form.php
- php_contact_form_submit.php
PHP functionalities used:
- session
- global function
- PHP function
- XSS prevention
- Header function
php_contact_form.php
Create the PHP file named “php_contact_form.php” and save the file in your desired folder, we have placed the file in the path of /demo/php_contact_form.php. This file is used for the frond-end process page as well as result/output page which contain both HTML and PHP coding. HTML is used for designing the page and PHP is used for dynamic process handling.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
<?php session_start(); // declare required fields $error_msg = ''; $success_msg = ''; $session_response = ''; // check if response exists if( isset($_SESSION['response']) ) { $error_msg = ($_SESSION['response']['status'] == 0) ? $_SESSION['response']['msg'] : ''; $success_msg = ($_SESSION['response']['status'] == 1) ? $_SESSION['response']['msg'] : ''; $session_response = $_SESSION['response']; unset($_SESSION['response']); } // get the error message block for the field if exists function get_error_block($field) { global $session_response; $block = ''; if($session_response) { if( isset($session_response['issue_fields'][$field]) ) { $block = '<br><div class="error">' . $session_response['issue_fields'][$field] . '</div>'; } } return $block; } ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>PHP Contact Form</title> <style> .error { color:red; } .success { color:green; } </style> </head> <body> <fieldset> <legend><h1>PHP Contact Form</h1></legend> <?php if($error_msg):?> <h2 class="error"><?php echo $error_msg;?></h2> <?php endif;?> <?php if($success_msg):?> <h2 class="success"><?php echo $success_msg;?></h2> <?php endif;?> <form action="php_contact_form_submit.php" method="post"> Name:<br> <input type="text" name="name" value=""> <?php echo get_error_block('name');?> <br><br> Email:<br> <input type="text" name="email" value=""> <?php echo get_error_block('email');?> <br><br> Contact Number:<br> <input type="text" name="contact_number" value=""> <?php echo get_error_block('contact_number');?> <br><br> Message:<br> <textarea name="message" rows="5" cols="22"></textarea> <?php echo get_error_block('message');?> <br><br> <input type="submit" value="Submit"><br><br> </form> </fieldset> </body> </html> |
When user click the Submit button, the form action page “php_contact_form_submit.php” (<form action="php_contact_form_submit.php" method="post">
) will be executed, that is the backend process for php_contact_form.php.
php_contact_form_submit.php
Create the PHP file named “php_contact_form_submit.php” and save the file in the same folder, in our case the file path is /demo/ php_contact_form_submit.php. This file is used for the backend process against user input form fields. Where we have to do the process of validation, XSS prevention and send mail to site owner.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
<?php if($_POST) { // Get the posted values $name = $_POST['name']; $email = $_POST['email']; $contact_number = $_POST['contact_number']; $message = $_POST['message']; // prevent XSS attacks $name = htmlspecialchars($name, ENT_QUOTES, 'UTF-8'); $email = htmlspecialchars($email, ENT_QUOTES, 'UTF-8'); $contact_number = htmlspecialchars($contact_number, ENT_QUOTES, 'UTF-8'); $message = htmlspecialchars($message, ENT_QUOTES, 'UTF-8'); // validation $response = array('status' => 0, 'msg' => 'Please correct all the fields', 'issue_fields' => []); $issue_fields = []; if($name == '') { $issue_fields['name'] = 'Name is required'; } if($email == '') { $issue_fields['email'] = 'Email is required'; } if($contact_number == '') { $issue_fields['contact_number'] = 'Contact number is required'; } if($message == '') { $issue_fields['message'] = 'Message is required'; } $response['issue_fields'] = $issue_fields; // no issue found if(empty($issue_fields)) { $response['status'] = 1; $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; $msg = '<br /> <table> <tr> <td>Name</td> <td>'.$name.'</td> </tr> <tr> <td>E-mail</td> <td>'.$email.'</td> </tr> <tr> <td>Contact number</td> <td>'.$contact_number.'</td> </tr> <tr> <td>Message</td> <td>'.$message.'</td> </tr> </table>'; // send mail @mail('admin@jiscript.com', 'New Contact Us Query Received', $msg, $headers); $response['msg'] = 'Mail sent successfully. Our staff will contact you shortly. Thank you.'; } session_start(); $_SESSION['response'] = $response; } header('Location: php_contact_form.php'); ?> |
If the input values pass the validation then we will send email and redirect the user to the previous page php_contact_form.php with the success message. Otherwise we will redirect the user to the previous page with the error message. Both success and error messages are handled by PHP at php_contact_form.php.
Click the below button to see the demo.
Demo