Jump to content

Free Contact Form for PW?

welski

By welski
in Getting Started

 Share

Recommended Posts

welski Newbie

welski

Posted
Posted

Is there a free way for me to add a contact form in my PW site?

As far as I know I should buy the form builder module for that? 

blynx Sr. Member

blynx

Posted
Posted

Or a custom Hanna Code approach ...

If you are into coding - Things surely need to be changed to fit your needs, I hope one gets the idea.

Hanna Code of one contact form:

<?php
$form = $modules->get("InputfieldForm");
$form->action = "{$page->url}"."#contact-form";
$form->method = "post";
$form->attr("id+name",'contact-form');

// create name field
$field = $modules->get("InputfieldText");
$field->label = "Name:";
$field->attr('placeholder', 'Enter name here please');
$field->attr('id+name','cf_name');
$field->required = 1;
$form->append($field);

// create email field
$field = $modules->get("InputfieldEmail");
$field->label = "E-Mail:";
$field->attr('placeholder', 'Enter E-Mail address here please');
$field->attr('id+name','cf_email');
$field->required = 1;
$form->append($field);

// create HONEYPOT email field
$field = $modules->get("InputfieldEmail");
$field->label = "Anti-Spam field! Dear screenreader user. Please leave this field out since it serves as spam detection. Otherwise your message will get lost!";
$field->attr('placeholder', 'Leave this field empty! Spam-protection!');
$field->attr('id+name','email');
$field->required = 0;
$form->append($field);

// create textarea field
$field = $modules->get("InputfieldTextarea");
$field->label = "Your Message:";
$field->attr('placeholder', '');
$field->attr('id+name','cf_text');
$field->required = 1;
$form->append($field);

// oh a submit button!
$submit = $modules->get("InputfieldSubmit");
$submit->attr("value","Senden");
$submit->attr("id+name","cf_submit");
$form->append($submit);

if ($input->post->cf_submit) {
    $form->processInput($input->post);
    // honeytrap
    if($form->get("email")->value != "") {
        echo "spam!spam!spam!";
        die();
    }
    if($form->getErrors()){
        echo $form->render();
    } else {
        $add_header = 'From: '.$form->get("cf_email")->value."\r\n".'Reply-To:'.$form->get("cf_email")->value."\r\n".'X-Mailer: PHP/'.phpversion();

        $mailmessage = "A message from: \n\n";
        $mailmessage .= $form->get("cf_name")->value."\n";
        $mailmessage .= $form->get("cf_email")->value."\n\n";
        $mailmessage .= $form->get("cf_text")->value;

        $mail_goes_to = "whereitgoes@somewhere.com";

        mail($mail_goes_to, "enter subject here", $mailmessage, $add_header);
        echo "<p id='contact-form'><span style='background:yellow;'>Message successfully sent!</span></p>";
    }
} else {
    echo $form->render();
}
  • Like 9
Pete Hero Member

Pete

Posted
Posted

The only thing I would add to blynx's approach would be to add a CSRF token to the form so it can only be submitted once rather than someone spamming the Submit button - more on that here: https://processwire.com/talk/topic/3633-prevent-form-resubmission/?p=35585

Other than that I use almost the exact same approach in some of my own forms.

EDIT: Oh, and so you don't get stuck with the default form styles/classes/markup: https://processwire.com/talk/topic/2089-create-simple-forms-using-api/?p=39436

  • Like 5
apeisa Hero Member

apeisa

Posted
Posted

The only thing I would add to blynx's approach would be to add a CSRF token

Also usage of wireMail() class instead of mail() function.

  • Like 5
Pete Hero Member

Pete

Posted
Posted

To partly contradict Pete's suggestion. Following to this post are arguments on why one shouldn't necessarily use the csrf field to prevent multiple submissions: https://processwire.com/talk/topic/3779-use-csrf-in-your-own-forms/?p=103334 But you should still use the field to prevent csrf attacks.

Yup - you're right. There are methods on the one I linked to (further up I think) to stop multiple submissions with JS: https://processwire.com/talk/topic/3633-prevent-form-resubmission/?p=35551 so not sure why I confused the issue with CSRF.

The main thing is to play it safe you should use CSRF to make sure the form is submitted securely as well as some code to stop multiple submissions (ideally client side and server side, but at the very least server side as obviously JS can be disabled in the browser).

  • 10 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...