PHP form mail script

Just two files to create from the HTML and PHP code below.

Copy the HTML below and save as:
contact.html

<html>
<head>
<title>PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi form
mailers)</title>
<style>
BODY{color:#000000; font-size: 8pt; font-family: Verdana}
.button {background-color: rgb(128,128,128); color:#ffffff; font-size: 8pt;}
.inputc {font-size: 8pt;}
</style>
</head>

<body>

<form name="phpformmailer" action="contact.php" align="center" method="post">
<div align="center"><center><table bgcolor="#F2F2F2" width="528" cellspacing="6">
    <tr>
      <td width="159"><strong>Contact Us</strong></td>
      <td width="349"><a
      href="http://thedemosite.co.uk/phpformmailer/source_code_php_form_mailer_more_secure_than_cgi_form_mailers.php"><small>PHP
      Form Mailer - phpFormMailer <strong>- Source code</strong></small></a></td>
    </tr>
    <tr>
      <td align="right" width="159"><small>Your name:</small></td>
      <td width="349"><font face="Arial"><input class="inputc" size="29" name="name"></font></td>
    </tr>
    <tr>
      <td align="right" width="159"><font color="#000080" size="1">*</font><small> Your email
      address:</small></td>
      <td align="left" width="349"><font face="Arial"><input class="inputc" size="29"
      name="email"></font></td>
    </tr>
    <tr align="middle">
      <td align="right" width="159"><font color="#000080" size="1">*</font><small> Confirm email
      address:</small></td>
      <td width="349" align="left"><font face="Arial"><input class="inputc" size="29"
      name="email2"></font></td>
    </tr>
    <tr>
      <td align="right" width="159"><font color="#000080" size="1">*</font><small> Subject:</small></td>
      <td width="349"><font face="Arial"><input class="inputc" size="29" name="thesubject"></font></td>
    </tr>
    <tr>
      <td align="right" width="159"> <p><font color="#000080" size="1">*</font><small> Your
      request or query:</small></td>
      <td width="349"><textarea style="FONT-SIZE: 10pt" name="themessage" rows="7" cols="27"></textarea></td>
    </tr>
    <tr>
      <td width="159"></td>
      <td width="349"><script language="JavaScript"></script><input type="button" class="button"
      value="Send" name="B1" ONCLICK="javascript:validateForm()"><small> <small>You must fill in
      the fields marked with a *</small></small></td>
    </tr>
</table>
</center></div>
</form>
</body>
</html>

Copy the PHP below and save as:
contact.php
Ensure you change, as required, the variables: $valid_ref1, $valid_ref2 and $replyemail

<?php
/* PHP Form Mailer - phpFormMailer v2.1, last updated 30th Nov 2005 - check back often for updates!
   (easy to use and more secure than many cgi form mailers) FREE from:
                  <a href="http://www.TheDemoSite.co.uk" target="_blank">www.TheDemoSite.co.uk</a>
      Should work fine on most Unix/Linux platforms */

// ------- three variables you MUST change below -------------------------------------------------------
$valid_ref1="http://Your--domain/contact.html";// chamge "Your--domain" to your domain
$valid_ref2="http://www.Your--domain/contact.html";// chamge "Your--domain" to your domain
$replyemail="YOU@Your--domain";//change to your email address
// ------------------------------------------------------------

//clean input in case of header injection attempts!
function clean_input_4email($value, $check_all_patterns = true)
{
$patterns[0] = '/content-type:/';
$patterns[1] = '/to:/';
$patterns[2] = '/cc:/';
$patterns[3] = '/bcc:/';
if ($check_all_patterns)
{
$patterns[4] = '/\r/';
$patterns[5] = '/\n/';
$patterns[6] = '/%0a/';
$patterns[7] = '/%0d/';
}
//NOTE: can use str_ireplace as this is case insensitive but only available on PHP version 5.0.
return preg_replace($patterns, "", strtolower($value));
}

$name = clean_input_4email($_POST["name"]);
$email = clean_input_4email($_POST["email"]);
$thesubject = clean_input_4email($_POST["thesubject"]);
$themessage = clean_input_4email($_POST["themessage"], false);

$error_msg='ERROR - not sent. Try again.';

$success_sent_msg='<p align="center"><strong> </strong></p>
                   <p align="center"><strong>Your message has been successfully sent to us<br>
                   </strong> and we will reply as soon as possible.</p>
                   <p align="center">A copy of your query has been sent to you.</p>
                   <p align="center">Thank you for contacting us.</p>';

$replymessage = "Hi $name

Thank you for your email.

We will endeavour to reply to you shortly.

Please DO NOT reply to this email.

Below is a copy of the message you submitted:
--------------------------------------------------
Subject: $thesubject
Query:
$themessage
--------------------------------------------------

Thank you";

// email variable not set - load $valid_ref1 page
if (!isset($_POST['email']))
{
echo "<script language=\"JavaScript\"></script>";
exit;
}

$ref_page=$_SERVER["HTTP_REFERER"];
$valid_referrer=0;
if($ref_page==$valid_ref1) $valid_referrer=1;
elseif($ref_page==$valid_ref2) $valid_referrer=1;
if(!$valid_referrer)
{
echo "<script language=\"JavaScript\"></script>";
exit;
}
$themessage = "name: $name \nQuery: $themessage";
mail("$replyemail",
     "$thesubject",
     "$themessage",
     "From: $email\nReply-To: $email");
mail("$email",
     "Receipt: $thesubject",
     "$replymessage",
     "From: $replyemail\nReply-To: $replyemail");
echo $success_sent_msg;
/*
PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi form mailers)
   FREE from:

<a href="http://www.TheDemoSite.co.uk" target="_blank">www.TheDemoSite.co.uk</a> */
?>

When you have created the two files (contact.html and contact.php) upload to your web site into the root folder (or into a sub folder of your choice, changing the $valid_ref1 and $valid_ref2 variables as appropriate).

And thats all there is to it.