There are very strong reasons why you should use a contact form on your website, rather
than 'mailto' email links:
- Email addresses displayed on your website will be harvested by spam software, and your address
will be sold to spammers.
- Many people cannot click on a mailto email link anyway. This includes users of web-based
email services such as Hotmail, and anyone who is using a computer which is not their own –
for instance in a library or Internet cafe.
A form is therefore the best solution to make it easy for site visitors to contact you. This
page offers you code to easily construct a feedback form similar to that offered on all the
pages of this site. You can use it on your site, even if your other pages do not use PHP,
providing that PHP is enabled on your server (which is very likely – ask your host company).
PHP forms do not display the email address that they transmit to, so your address is
kept completely secure.
Unfortunately, these days there are also spam bots which can send spam via a form too. So it is important
to use a form which is designed to resist this.
Features
- When used as a single contact form page, with links to it from all your pages, (the normal protocol
is to include a 'contact us' link in the footer of every page), incoming emails to you will
show from which page the person is emailing you. This is very useful, as it sets the email in context.
The message might be confusing if you did not know which page it referred to.
- The script does this by grabbing the words within the
<title> tag in
the head of the referring page. Note: for this to work, the word 'title' enclosed in angle
brackets on referring pages must be lower case letters.
- In addition, as a backup because browser security sometimes prevents information on a
referring page being passed, the script will also display the URL of the referring page, but
only if:
a) that page is a PHP page
b) the link to the feedback form is written thus:
<a href="feedback.php?id=<? echo $_SERVER["SCRIPT_URL"];?>">Contact us</a>
This is ideal when your email address is contained in a footer which is also a PHP site-wide insert.
Alternatively, you can customize each link to the feedback page by handcoding the URL of that page (or some
other form of ID) into the link in this form:
<a href="feedback.php?id=thatpageurl.html">Contact us</a>
This will pass a page ID to the form even when the page concerned is not a PHP page.
- It sends an immediate acknowledgement email to the sender, which also includes a copy of
their message for reference.
- The sender's email address is checked for validity by Javascript when it is submitted.
- The sender's email address is also checked by a direct PHP lookup, and an alert is displayed if
the domain does not exist – i.e. they have mistyped it.
- The sender's email address is displayed visibly in a large red font on the confirmation page,
giving them a chance to check that it is not mistyped. (A surprising percentage of people will
mistype their email address on forms such as this.)
- An alert appears if the sender tries to send a message without including an email address,
or without entering a message.
- Error messages are displayed on the form itself. Completed areas of the
form are not wiped out, and the user can easily make corrections.
- A maximum of 800 characters is allowed in the message, preventing abuse of the form. This maximum is
controlled by both Javascript and PHP. When Javascript is enabled, a countdown displays the number
of characters still available to use. HTML coding, which might be used maliciously to insert
graphics or other active coding, is also removed.
- Automatic return to the originating page after the confirmation screen has been viewed.
- Small 'progress bar' confirms to users that the form is being processed.
- For visitors who do wish to use a mailto link (some prefer this so that they have a record of
the message in their own email program), the contact email address is also displayed visibly.
However, this is done using a powerful Javascript 'obfuscation' program and so spam harvesters
cannot read it. In addition, a noscript alternative for people with Javascript-disabled browsers
also displays the email address in a readable form but one which harvesters cannot grab.
You must create these links yourself if you need them.
Hiveware Enkoder
is highly recommended obfuscator. Use their converter to create a block of coding, and copy/paste into your page. The noscript alternative must also be customized with your own email address, and it is probably wise to include a small level of obfuscation even here: by
numerical character coding,
e.g. com creates com. But this level of encoding is not sufficient to obfuscate a
clickable mailto link.
- If your host company is running PHP on a Windows server, you may get error messages when
trying to run this script. Windows servers do not handle all PHP commands correctly.
In addition, the form may not work with other older versions of PHP either. One hosting company we heard
of has a policy of requiring at least one of the two emails sent by any PHP form such as this
being an email address they host themselves.
Check out
code changes/settings,
which may help. If you still have problems, please report them and
we will try to solve them, but cannot promise a solution!
CODE BEING UPDATED, SORRY. Please return soon.
Missing the message
There's nothing worse than finding we never picked up a message that was meant for us. Was it
important? Would it have been life-changing?
If you came to this page via a search engine link, you may have noticed that the site is,
sort of, God stuff. So we kinda think that God has some important messages for us, if only
we'd stop to listen. Probably worth opening the box?
Dictionaries
Save page to disk
