Home > Articles > Security > Network Security

📄 Contents

  1. mail()
  2. Creating a Simple Feedback Page
  3. Finding More Information
  • Print
  • + Share This
From the author of

Creating a Simple Feedback Page

Feedback from users is always a good way to get input on your site and make improvements accordingly. While it is possible to set up a simple email link asking for feedback, this script keeps the user on your site and refrains from having the user's computer launch a separate app to send email. Plus, it's easy to code and integrate into existing Web pages.

feedback1.php

Listing 1 shows feedback1.php, which creates a feedback form so that users can submit feedback about your site. User fill out the short form with their comments. The data contained in the form is sent to you in an email, all nicely formatted.

Listing 1: feedback1.php

1. <html>
2. <head>
3. <title>Feedback</title>
4. </head>
5. <body>
6. <?
7. if(isset($submit)){
8.    $to = "webmaster@domain.com"; // Enter YOUR email here
9.    $subject = "Feedback for the Website!";
10.   $body = "A user has entered feedback on the site!\n";
11.   $body .= "Their feedback is:\n\n";
12.   $body .= $feedback;
13.   mail($to, $subject, $body);
14.   print("<h2>Thanks for your feedback!</h2>");
15. } else {
16. ?>
17. <form action="feedback.php" method="POST">
18. <h2>Please Send us your Feedback</h2>
19. <textarea cols=35 rows=15 name="feedback">
20. </textarea>
21. <br>
22. <input type="submit" name="submit" value="Submit">
23. </form>
24. <?
25. }
26. ?>
27. </body>
28. </html>

How the Script Works

Here's a rundown on what the lines in feedback1.php do:

1–5

This is normal HTML.

6

Here is the PHP start tag, which tells the Web server to start evaluating the page as PHP rather than HTML.

7

This line checks to see if the Submit button has been pushed. If it has, then the script continues with line 8. If it has not, then the script continues with line 15.

8–12

These lines set up the variables for the mail function.

13

This line mails the feedback to the email address specified in line 8.

14

This prints out a thank you to the user for providing feedback on the site.

15–17

If the Submit button was not pushed, the script escapes from PHP and prints out the feedback form.

18–23

These lines print out the feedback form.

24–26

These lines end the if/then/else statement started on line 7.

27–28

These lines close out the HTML for the page.


Feedback1.php works well if you have only one or two form elements that you need to include in your email, but what if you have a form that has 50 separate form elements that need to be sent? Your script would end up looking like this:

$body .= "Their feedback is:\n\n";
$body .= $feedback;

$body .= "\nTheir favorite color is:";

$body .= $favorite_color;

$body .= "\nTheir favorite food is:";

$body .= $favorite_food;

This is definitely not the way to go if you want to send an email from a form with a lot of elements. The easier way to do it is to use the $HTTP_POST_VARS variable. This variable contains all of the variable names and values sent by a form using the POST method.

feedback2.php

The script in Listing 2 demonstrates how to use the HTTP_POST_VARS variable to loop through all of the data returned from a form and email that data to the email address of your choice.

Listing 2: feedback2.php

1. <html>
2. <head>
3. <title>Form Submitted</title>
4. </head>
5. <? 
6. $to = "user@domain.com";
7. $subject = "New Form Submission";
8. $from = "WEB FORM SUBMISSION";
9. $message = "A new form has been submitted from the website:\n\n";
10. do {
11. $message .= key($HTTP_POST_VARS) . ": " . 
[ccc] $HTTP_POST_VARS[key($HTTP_POST_VARS)] . "\n";
12. } while(next($HTTP_POST_VARS));
13. mail($to, $subject, $message, "FROM: $from");
14. <body>
15. <h3>Thank you!</h3>
16. <p>Your information has been sent!
17. </body>

How the Script Works

Here's a line-by-line description of the code in Listing 2:

1–4

This is normal HTML

5

Here is the PHP start tag, which tells the Web server to start evaluating the page as PHP rather than HTML.

6

This line sets the $to variable. You should modify this line so that the $to variable equals your email address.

7

This line sets the $subject variable. You should modify this line so that the $subject variable equals the subject that you want to include in the email.

8

This line sets the $from variable. You should modify this line so that the $from variable equals the email address that you want any replies sent to.

9

This line is the first line in your email.

10

This line begins the do/while loop.

11

Here you generate a "slice" of the email message each time the do/while loop is executed.

12

This line ends the do/while loop.

13

This line sends the newly generated email.

14–17

These lines close out the script.


Now, the script in Listing 2 isn't very useful by itself. You need to create a form and point it at the script, as in this example:

<form action="feedback2.php" method="post">
<p>Name: <input type="text" name="name">
<br>Age: <input type="text" name="age">
<br>Favorite Color<input type="text" name="favorite_color">
<!—add as man form fields as you want -->
<br>Favorite Food: <input type="text" name="favorite_food">
</form>

Note that the action of the form (feedback2.php) points to our nifty script that loops through all the variables in the form. The form could have a hundred different entries, and each one would be included in the email by the script.

  • + Share This
  • 🔖 Save To Your Account