I made a PHP Contact Form using this tutorial and it works great, but I've encountered one potential security risk / inconvenience. Each email I receive comes from my admin login name.
I added $headers as this thread instructed, but to no avail.
My Current PHP:
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$from = $_POST['email'];
$to = 'myClientsEmail@gmail.com';
$subject = 'Estimate Contact Form';
$headers = "From: $email
"; /* I added this */
$headers .= "Reply-To: $email
"; /* and this */
$body = "From: $name
Phone: $phone
E-Mail: $email
Message:
$message";
if ($_POST['submit']) {
if (mail ($to, $subject, $body, $from, $headers)) {
echo '<p>Your message has been sent!</p>';
} else {
echo '<p>Something went wrong, go back and try again!</p>';
}
}
?>
What exactly am I missing? Any help is greatly appreciated. Thank you!
