Simple PHP mail script

This script is not only educational, but also applicable for practical Web development. It allows you to place a simple form for sending emails on any HTML page. The script shows you how to gather user input, perform form validation with PHP, and send an email.

First, make the form page mail.html (you may call it whatever you like)…

<head><title>Mail sender</title></head>
<form action="mail.php" method="POST">
<input type="text" name="email" size=40>
<input type="text" name="subject" size=40>
<textarea cols=40 rows=10 name="message"></textarea>
<p><input type="submit" value=" Send ">

The form contains the necessary text fields Email, Subject, Message, and the Send button. The line

<form action="mail.php" method="POST">

tells the browser which PHP file will process the form and what method to use for sending data.

When the user fills in the form and hits the Send button, the mail.php file is called…

<head><title>PHP Mail Sender</title></head>

/* All form fields are automatically passed to the PHP script through the array $HTTP_POST_VARS. */
$email = $HTTP_POST_VARS['email'];
$subject = $HTTP_POST_VARS['subject'];
$message = $HTTP_POST_VARS['message'];

/* PHP form validation: the script checks that the Email field contains a valid email address and the Subject field isn't empty. preg_match performs a regular expression match. It's a very powerful PHP function to validate form fields and other strings - see PHP manual for details. */
if (!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/", $email)) {
  echo "<h4>Invalid email address</h4>";
  echo "<a href='javascript:history.back(1);'>Back</a>";
} elseif ($subject == "") {
  echo "<h4>No subject</h4>";
  echo "<a href='javascript:history.back(1);'>Back</a>";

/* Sends the mail and outputs the "Thank you" string if the mail is successfully sent, or the error string otherwise. */
elseif (mail($email,$subject,$message)) {
  echo "<h4>Thank you for sending email</h4>";
} else {
  echo "<h4>Can't send email to $email</h4>";

As you see, the script is simply one if … elseif … else statement. At first, it validates the required form fields. Note that PHP form validation is performed on the server, after sending all the data. Therefore, it would be a good idea to combine server-side form validation with PHP and client-side form validation with JavaScript in order to avoid unnecessary data sending.

If the email address is valid and subject isn’t empty, the script sends the mail and displays the corresponding message. Note how the variable $email is included into the output string.

You can also use this script to implement the safe “Contact Us” function on your website. Your visitors will be able to send you a message, but your email address won’t be displayed on the page and spam bots, that parse pages looking for potential email addresses, won’t get it.
Just remove the Email text field from the form and replace the first line of the script with something like…

$email = '';

And, of course, you don’t need to validate the email address in this case.