I have just done a php contact form for my website, but what I get is this:
https://gyazo.com/2f3c4faa5bc253a6e3ff94d78214867d
And the code I'm using is this:
<?php
include('***Contains private stuff***.php');
//Send mail function
function send_mail($to,$subject,$message,$headers){
return @mail($to,$subject,$message,$headers);
}
if($_POST) {
$to = "***PRIVATE MAIL***"; // Your email here
$subject = 'Message from my website'; // Subject message here
//MySQL
$query = "INSERT INTO contact (name, email, subject, message) VALUES ('$name', '$email', '$subject', '$message')";
$result = mysqli_query($connection, $query);
//Sanitize input data, remove all illegal characters
$name = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$email = filter_var($_POST['mail'], FILTER_SANITIZE_EMAIL);
$subject = filter_var($_POST['subject'], FILTER_SANITIZE_STRING);
$message = filter_var($_POST['message'], FILTER_SANITIZE_STRING);
//Send Mail
$headers = 'From: ' . $email .''. "
".
'Reply-To: '.$email.'' . "
" .
'X-Mailer: PHP/' . phpversion();
$sent = send_mail($to, $subject, $message . "
" .'Name: '.$name. "
" .'Email: '.$email, $headers);
if (! $sent) {
// log the error
error_log('Mail Error: Message to ' . $to . ' wasn\'t sent');
}
}
?>
And I just want to remove it, but can't really figure out the issue. Link to my friends website I'm using for the testing, and live view.
http://thomasmaneschijn.com/lukas/
And you should be able to see my html code on the site as well. Reason I marked the include section out is because there is some passwords and stuff that I don't want to leak.
