I've been trying to make a php form, so users can send email. But due to my lack of php knowledge at this point, this is a bit hard to solve. So i've gathered some finished snippets of code, but it still does not work.
Heres the php code that i have in a file named "submit.php"
<?php
if(isset($_POST['submit'])){
$to = "example@example.com"; // this is your Email address
$from = $_POST['email']; // this is the sender's Email address
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$subject = "Form submission";
$subject2 = "Copy of your form submission";
$message = $first_name . " " . $last_name . " wrote the following:" . "
" . $_POST['message'];
$message2 = "Here is a copy of your message " . $first_name . "
" . $_POST['message'];
$headers = "From:" . $from;
$headers2 = "From:" . $to;
mail($to,$subject,$message,$headers);
mail($from,$subject2,$message2,$headers2); // sends a copy of the message to the sender
echo "Mail Sent. Thank you " . $first_name . ", we will contact you shortly.";
// You can also use header('Location: thank_you.php'); to redirect to another page.
}
?>
And heres the "form.php" that i have the html form in
<?php include('submit.php') ?>
<div class="main-wrapper">
<section class="contact-form">
<form action="" method="POST">
<h1>Contact</h1>
<fieldset>
<input maxlength="30" type="text" name="first_name" placeholder="John" required><br>
<input maxlength="30" type="text" name="last_name" placeholder="Smith" required><br>
<input maxlength="30" type="email" name="email" placeholder="john_doe@example.com" required>
</fieldset>
<fieldset>
<textarea maxlength="300" placeholder="Write your text here...." id="message" name="message" cols="40" rows="6" required></textarea>
<button name="submit" type="submit">Send Message</button>
</fieldset>
</form>
</section>
And also someone told me that there is no security for the form, "because it does not strip html tag"
And how to i fix that?