How to handle your email address in a contact form?

[Name Trader]

I've looked at a lot of Flat Responsive templates recently looking primarily for a contact form which I can build a Domain For Sale website from, by basically keeping just the home and contact sections and deleting everything else like the about and portfolio sections, etc.

I've found something simple enough without lots of bells and whistles. Which is what I wanted, even if I'm not 100% happy with it. It's OK.

I have a couple of questions.

1. As far as I can tell, I need to put my email address (where the contact message is sent to) in the CSS file? I'm wondering, is this safe? Or should this be handled in some other, better way?

2. Every contact form in all the Flat Responsive templates I looked at (about 25-30), none of them used a Captcha. Should I add this to the template before going live?

Any other thoughts are welcome.

 

[carob]

If the Captcha is not there I would not bother adding it unless you later find you need it due to spam.

It's not clear what platform, language or CMS your contact form is in, or if it is just a dummy there for demo purposes in template. A proper contact form uses a scripting language such as PHP and does not at any time make the recipient's email address available to the site visitors. So to set the recipient address you'd either edit a file of code or use some sort of control panel or dashboard admin that controls the contact form. Is there one there?

A CSS file is not where you would insert the email address, no.

 

[Name Trader]

OK. A little more info. The form starts like this <form method="post" action="*"> So I need the code which will be put into a php file to replace the "*". It should take the completed form data (Name, Email, Subject, Message) and process it in a way which makes my email address unavailable on the web. I don't mind paying for a good solution, but of course, prefer free.

 

[carob]

Hi if you google free php contact form there are plenty... but then you either have a freestanding contact form you need to style to match your theme, or you need to integrate the script into your existing contact page.

If using a CMS it may have an inbuilt contact form, or contact plugin(s) available.

 

[N-A]

Hard code the recipient into the mail function and whack the unnecessary HTML.

 

[Name Trader]

@carob - I did that. I'm now starting to learn how to use PHPMailer

@David Walker - Could you be a bit more specific with what you are suggesting?

 

[NamePrime]

You can access your form fields value from your php file using $_POST, $_GET or $_REQUEST variables

 

[Name Trader]

I had my trial working (without captcha), but after some more tinkering it stopped working. So got to debug it again I definitely need the capture because I'm getting spam from my existing website, which this trial is replacing. So can anybody help by recommending an easy to install captcha. They all seem a tad difficult to install/get working.

 

[Name Trader]

Got my contact form working as I want. I'm actually quite pleased with it. But I still need an easy to install captcha recommendation before it goes live. All the captcha I've tried are all very complicated to install. Maybe it's just me

 

[Chicken]

You could use recaptcha, http://www.google.com/recaptcha/intro/. You need to signup to get a key though, it's pretty simple to implement.

https://developers.google.com/recaptcha/docs/php

Basically you would be adding,

require_once('recaptchalib.php');
$publickey ="your_public_key";// you got this from the signup page

To the head of your page and then

echo recaptcha_get_html($publickey);

To wherever you want the captcha displayed.

Then on the page that you're doing the processing and emailing you'd need to verify the captcha is right using this

<?php
  require_once('recaptchalib.php');
  $privatekey ="your_private_key";
  $resp = recaptcha_check_answer ($privatekey,
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);

  if(!$resp->is_valid){
    // What happens when the CAPTCHA was entered incorrectly
    die("The reCAPTCHA wasn't entered correctly. Go back and try it again.".
         "(reCAPTCHA said: ". $resp->error .")");
  }else{
    // Your code here to handle a successful verification
  }
  ?>

It would need to be modified but it's basically an additional if statement on the page.

 

[Name Trader]

Thanks, chicken. I got a captcha working by subcontracting the design out. But I will look into this alternative, since it's by Google and probably the most common captcha in use today. Thank you.

 

[Tia Wood]

You didn't leave your email addy in the code did you? In the PHP code or database is fine but definitely not the CSS or HTML as it can be easily harvested by spam bots.

Contact Form 7 with Really Simple CAPTCHA is a pretty good combo.

 

[Name Trader]

I used a graphic image of my email address. Is that ok? (probably not perfect). Can Contact Form 7 be extracted from WP and used on a PHP encoded website?

 

[Weber]

Why reinvent the wheel. Try something like codecanyon. They have dozens of freelance scripts for contact forms at reasonable prices. With most you can easily customize the forms to your needs. Cull the list (a must) with the provided feedback from buyers.

 

[Name Trader]

Well. Because I want it to match the rest of my website. But I did try that a while ago, and most of them didn't have a captcha.

 

[Tia Wood]

Oh, sorry! I assumed you were on Wordpress for some reason.

 

[Name Trader]

I know why But I really cannot get to grips with wordpress

 

[Weber]

Well. Because I want it to match the rest of my website. But I did try that a while ago, and most of them didn't have a captcha.

Gotcha. Just thought I'd throw it out there. You could be up and running in hours instead of days. You can customize just about any form and you may be able to stop the spam with a hidden field.

I used a graphic image of my email address. Is that ok? (probably not perfect). Can Contact Form 7 be extracted from WP and used on a PHP encoded website?

When using a php script to process a form, you don't need to display your email address. You enter the address (or addresses) you want the email to be sent to in the user-defined section of the script.
So, if the form is working, why display the email address?

 

[Name Trader]

Good thinking. I'll look into that. Thank you.

 

[Charles Sweeney]

Don't install a captcha. They are a pain for visitors and a barrier to communication (or whatever it is you want the form to do).

Never install recaptcha, it is a complete nightmare with mostly unreadable words and will certainly be a real obstacle to genuine users.

Why do you want a captcha? I've never used one, I've had some fairly busy sites, got a few sites just now, never had a problem with excessive spam.

Best way to block spam is to block "http://" if you can. There's a number of other things you can do if you get a good script.

I formed FormToEmail.com in 2003 (since sold it). I offered support for several captchas including recaptcha but never used any myself. I only offered them in response to customer demand, though I tried to discourage people from using them.