Welcome Guest, Register to Remove this Message!

[Joe]

As you may have seen around the internet, most sites have a contact page ... and at some point or another you may have wanted one yourself. Well this tutorial aims to show you how to create your own contact form.

The first thing we need to do is set up our configuration file ... this will store your email address, email subject and error domain.


config.php

PHP

<?php

function SafeHTML($string) {
   $string = stripslashes($string);
   $string = htmlspecialchars($string);
   return nl2br($string);
}

/*
The function 'SafeHTML' helps to protect you from being sent HTML emails
via your contact form.

http://us2.php.net/manual/en/function.htmlspecialchars.php

* & (ampersand) becomes &amp;
* " (double quote) becomes &quot;
* ' (single quote) becomes '
*< (less than) becomes &lt;
*> (greater than) becomes &gt;
*/

function ValidateEmail($Email){
   $result = ereg("^[^@ ]+@[^@ ]+\.[^@ \.]+$", $Email);
      if ($result){
         return true;
      } else {
         return false;
      }
}

/*
The 'ValidateEmail' function checks to see if the email provided is that of the
structure of a real email address (something@somewhere.com).  It doesn't
check if the email address is a REAL address ... it just checks the format.
*/

$ErrorDomain = "http://www.joe2torials.com/test4/contact.php?error=1";

/*
The '$ErrorDomain' variable stores the URL the browser should re-direct to
should any errors be encountered.  Whatever you change the URL to, make
sure you keep '?error=1' at the end.
*/

$to  = "Your Name<you@your-domain.com>";
$subject = "Contact Form";

/*
'$to' is your email address, where the form shall be sent to.
'$subject' is the subject of the email.
*/

?>

The next step is to create our form. In this tutorial I will have the basic 3 fields;

• Name
• Email Address
• Questions / Comments

Very basic, but it'll do.


contact.php

PHP

<?php session_start();
$ses_id = session_id();        // DO NOT REMOVE THIS LINE!
$_SESSION['ses_id'] = $ses_id;    // OR THIS ONE!
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
    <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
    <meta name="keywords" content="" />
    <meta name="description" content="" />

    <title>Contact Form</title>

<style type="text/css">
body {
    margin: 0px;
    padding: 100px;
    background: #fafafa;
    font-family: verdana, Arial, sans-serif;
    font-size: 11px;
    line-height: 18px;
}

#Wrapper {
    margin: 0 auto;
    padding: 10px;
    width: 500px;
    background: #fff;
    border: 1px solid #999999;
}

fieldset {
    margin: 0px;
    padding: 0px;
    border: 0px;
}

legend {
    display: none;
}

input, textarea {
    margin: 0px;
    padding: 1px;
    font-family: Courier, monospace;
    font-size: 11px;
    border: 1px solid #999999;
}

span.cursor {
    cursor: pointer;
}

p#Error_msg {
    color: red;
}
</style>
</head>
<body>

<div id="Wrapper">
<?php
$Error = $_GET['error'];
if(isset($Error)) {
echo '<fieldset><legend>Contact Form</legend>'."\n";
echo '<form action="thank_you.php" method="post">'."\n";
echo '<p><label for="name"><strong>Name :</strong></label><br />'."\n";
echo '<input type="text" name="name" id="name" tabindex="1" size="40" value="'.$_SESSION['name'].'" /></p>'."\n\n";

echo '<p><label for="email"><strong>E-mail address :</strong></label><br />'."\n";
echo '<input type="text" name="email" id="email" tabindex="2" size="40" value="'.$_SESSION['email'].'" /></p>'."\n\n";

echo '<p><label for="comment"><strong>Questions / Comments :</strong></label> (<span class="cursor" onclick="document.getElementById(\'comment&#092;').rows += 5;" title="Increase The Textarea">increase</span> &raquo; <span class="cursor" onclick="document.getElementById(\'comment\').rows -= 5;" title="Decrease The Textarea">decrease</span>)<br />'."\n";
echo '<textarea cols="50" rows="5" name="comment" id="comment" tabindex="3">'.$_SESSION['comment'].'</textarea></p>'."\n\n";

echo '<p id="Error_msg">'.$_SESSION['errormsg'].'</p>'."\n\n";

echo '<p><input type="submit" name="submit" value="submit" class="submit" tabindex="4" /> <input type="reset" value="reset" class="submit" tabindex="5" /></p>'."\n";
echo '</form>'."\n";
echo '</fieldset>'."\n";
} else {
?>
<fieldset><legend>Contact Form</legend>
<form action="thank_you.php" method="post">
<p><label for="name"><strong>Name :</strong></label><br />
<input type="text" name="name" id="name" tabindex="1" size="40" /></p>

<p><label for="email"><strong>E-mail address :</strong></label><br />
<input type="text" name="email" id="email" tabindex="2" size="40" /></p>

<p><label for="comment"><strong>Questions / Comments :</strong></label> (<span class="cursor" onclick="document.getElementById('comment').rows += 5;" title="Increase The Textarea">increase</span> &raquo; <span class="cursor" onclick="document.getElementById('comment').rows -= 5;" title="Decrease The Textarea">decrease</span>)<br />
<textarea cols="50" rows="5" name="comment" id="comment" tabindex="3"></textarea></p>

<p><input type="submit" name="submit" value="submit" class="submit" tabindex="4" /> <input type="reset" value="reset" class="submit" tabindex="5" /></p>
</form>
</fieldset>
<?php } ?>
</div>

</body>
</html>

And for the last step, the page which will actually process all the data;


thank_you.php

PHP

<?php session_start();

include 'config.php';

$ses_id2 = session_id();
if(!$ses_id2 == $_SESSION['ses_id']) {
    $ErrorMsg = 'Error, session ID mismatch.';
    $_SESSION['errormsg'] = $ErrorMsg;
    header('Location: '.$ErrorDomain.'');
    exit();
}

$Name = $_POST['name'];
$Email = $_POST['email'];
$Comment = $_POST['comment'];

$_SESSION['name'] = $Name;
$_SESSION['email'] = $Email;
$_SESSION['comment'] = $Comment;

if (($Name == NULL)  || ($Email == NULL) || ($Comment == NULL)) {
    $ErrorMsg = 'Error, please make sure all fields are filled in.';
    $_SESSION['errormsg'] = $ErrorMsg;
    header('Location: '.$ErrorDomain.'');
    exit();
}

if (!ValidateEmail($Email)) {
    $ErrorMsg = 'Error, invalid email address supplied.';
    $_SESSION['errormsg'] = $ErrorMsg;
    header('Location: '.$ErrorDomain.'');
    exit();
}

$time = time();
$datetime = date("D, M jS Y / g:ia", $time);
$ip = $_SERVER["REMOTE_ADDR"];
$message = '
<html>
<head>
<title>'.$subject.'</title>
</head>

<body>
<p><strong>Name:</strong> '.$Name.'</p>
<p><strong>E-mail:</strong> '.$Email.'</p>

<p><strong>Comment / Question:</strong></p>
<p>'.SafeHTML($Comment).'</p>

<p><strong>Sent on:</strong> '.$datetime.'</p>
<p><strong>Logged IP Address:</strong> '.$ip.'</p>
</body></html>';

$headers  = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "From: $email\r\n";
mail($to, $subject, $message, $headers);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
    <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
    <meta name="keywords" content="" />
    <meta name="description" content="" />

    <title>Contact Form - Thank You</title>
<style type="text/css">
body {
    margin: 0px;
    padding: 100px;
    background: #fafafa;
    font-family: verdana, Arial, sans-serif;
    font-size: 11px;
    line-height: 18px;
}

#Wrapper {
    margin: 0 auto;
    padding: 10px;
    width: 500px;
    background: #fff;
    border: 1px solid #999999;
}
</style>
</head>
<body>
<div id="Wrapper">

    <h1>Thank You</h1>
<p>Thank you <?=$Name?>, your comment/question has been received.  The following information has been sent;</p>
<p><strong>Name:</strong> <?=$Name?></p>
<p><strong>E-mail:</strong> <?=$Email?></p>
<p><strong>Comment / Question:</strong></p>
<p><?=SafeHTML($Comment)?></p>

</div>
</body>
</html>

Ok, so maybe now your looking at this code and you don't understand how it works. Allow me to go into detail.

Why have I told you not to remove two of the top lines in the contact form page?

PHP

$ses_id = session_id();        // DO NOT REMOVE THIS LINE!
$_SESSION['ses_id'] = $ses_id;    // OR THIS ONE!

This is simple, recently there have been a vunerability with contact forms where members have been bypassing the actual form completely and sending mail VIA the processing page ... this leads to serious spamming. So we put session_id() into a session to carry onto the process page. session_id() is basically a random value each user is given on each visit to the page ... these are quite unique. We put the value into a session and carry it through to the process page for the following reason;

PHP

$ses_id2 = session_id();
if(!$ses_id2 == $_SESSION['ses_id']) {
    $ErrorMsg = 'Error, session ID mismatch.';
    $_SESSION['errormsg'] = $ErrorMsg;
    header('Location: '.$ErrorDomain.'');
    exit();
}

Here we grab the session_id() again, then we check to see if the current session from the process page matches that of the contact form page ... if you have sent mail via the form then they will of course match ... but if your bypassing the form and you try to send mail you won't be able to ... you'll get an error. Stopping all chances of spamming

On the contact page, when you view it you'll see that the actual form is;

CODE

<fieldset><legend>Contact Form</legend>
<form action="thank_you.php" method="post">
<p><label for="name"><strong>Name :</strong></label><br />
<input type="text" name="name" id="name" tabindex="1" size="40" /></p>

<p><label for="email"><strong>E-mail address :</strong></label><br />
<input type="text" name="email" id="email" tabindex="2" size="40" /></p>

<p><label for="comment"><strong>Questions / Comments :</strong></label> (<span class="cursor" onclick="document.getElementById('comment').rows += 5;" title="Increase The Textarea">increase</span> &raquo; <span class="cursor" onclick="document.getElementById('comment').rows -= 5;" title="Decrease The Textarea">decrease</span>)<br />
<textarea cols="50" rows="5" name="comment" id="comment" tabindex="3"></textarea></p>

<p><input type="submit" name="submit" value="submit" class="submit" tabindex="4" /> <input type="reset" value="reset" class="submit" tabindex="5" /></p>
</form>
</fieldset>

But, should the processing page encounter any errors then I'll send you back to this page with '?error=1' set and you'll see the other form;

PHP

echo '<fieldset><legend>Contact Form</legend>'."\n";
echo '<form action="thank_you.php" method="post">'."\n";
echo '<p><label for="name"><strong>Name :</strong></label><br />'."\n";
echo '<input type="text" name="name" id="name" tabindex="1" size="40" value="'.$_SESSION['name'].'" /></p>'."\n\n";

echo '<p><label for="email"><strong>E-mail address :</strong></label><br />'."\n";
echo '<input type="text" name="email" id="email" tabindex="2" size="40" value="'.$_SESSION['email'].'" /></p>'."\n\n";

echo '<p><label for="comment"><strong>Questions / Comments :</strong></label> (<span class="cursor" onclick="document.getElementById(\'comment\').rows += 5;" title="Increase The Textarea">increase</span> &raquo; <span class="cursor" onclick="document.getElementById(\'comment\').rows -= 5;" title="Decrease The Textarea">decrease</span>)<br />'."\n";
echo '<textarea cols="50" rows="5" name="comment" id="comment" tabindex="3">'.$_SESSION['comment'].'</textarea></p>'."\n\n";

echo '<p id="Error_msg">'.$_SESSION['errormsg'].'</p>'."\n\n";

echo '<p><input type="submit" name="submit" value="submit" class="submit" tabindex="4" /> <input type="reset" value="reset" class="submit" tabindex="5" /></p>'."\n";
echo '</form>'."\n";
echo '</fieldset>'."\n";

This second form uses SESSIONS to show the error message of what went wrong during processing and if any data was entered into form it'll be back in the form due to the values of the form elements.

So what possible errors could we get?

PHP

if (($Name == NULL)  || ($Email == NULL) || ($Comment == NULL)) {
    $ErrorMsg = 'Error, please make sure all fields are filled in.';
    $_SESSION['errormsg'] = $ErrorMsg;
    header('Location: '.$ErrorDomain.'');
    exit();
}

If any of the form fields were left empty ... this would cause an error.

PHP

if (!ValidateEmail($Email)) {
    $ErrorMsg = 'Error, invalid email address supplied.';
    $_SESSION['errormsg'] = $ErrorMsg;
    header('Location: '.$ErrorDomain.'');
    exit();
}

If the email provided isn't of valid syntax ... this would cause an error also.

If all goes well, the mail is sent Feel free to download the *ZIP file with the pre built script. If you like this script, would like to see more features, know of anything I missed or anything else, please don't hesite to post

If you want to see a working demo of this script click here;
http://forum.weborum.com/joe/contact/contact.php

*Note* This form does not send any mail.

This post has been edited by joe2kiss: Sep 17 2005, 07:15 PM

Attached File(s)

 Joe2Torials_Contact_Form.zip ( 3.31K ) Number of downloads: 168

 

[sjthomas]

Hey Joe, I thought I'd just point out that there seems to be a bit of a hole in your code that would allow a spammer to inject some headers in there. Basically, people will inject a BCC/CC bit which will allow them to send emails to loads of people via your server. I can't see anything that would block them doing it.

You need to get an array of restricted text (like content-type etc) and check against it to block the spammers. Just a heads up before your host thinks you've started selling the highest quality RONEX watches that make you perform better in bed while inheriting millions from a de-throned nigerian prince....

[Joe]

Really? Thanks for the heads up Si. Do you have a list of headers that should be blocked? Or can you recommend anything?

[sjthomas]

Hey Joe, this is from the PHP site:

CODE

<?php
array("Content-Type:",
                     "MIME-Version:",
                     "Content-Transfer-Encoding:",
                     "bcc:",
                     "cc:");
?>

My mailing script is broken at the moment anyway but I'm trying to figure out a clever way of fitting it in. I'll post up some anti-spammer code when I'm done

[Joe]

Nice one, cheers

[Waleed]

Has the code been updated for the problem si pointed out yet joe?

[Joe]

Nope, I haven't yet had time to create a new version including Si's addition. I will get it done as soon as I have some spare time.

[Waleed]

okie. but please be sure to post it as soon as possible.

[Waleed]

I have one question. In contact.php, we have this,

CODE

<?php session_start();
$ses_id = session_id();        // DO NOT REMOVE THIS LINE!
$_SESSION['ses_id'] = $ses_id;    // OR THIS ONE!
?>

...to validate sessions, right? But then, after this has been added, any other links on contact.php also have a sessionid attached to them. Is this okay? And is there a way of removing session ids for any links?

edit: oh, wait. this only happens on contact.php?error=1.

......

edit: now it's not happening at all. strange.

This post has been edited by Waleed Zuberi: Dec 21 2005, 03:11 PM

[Joe]

That code is to generate a session ID and store it within a session called ses_id ... to check that the user has come from the form to the sendform script, just an additional check to stop some forms of mail hacks.

There is a way to remove the sesid from links, but that would involve going through php.ini ... not recommended unless you know what your looking for (which I don't).

[Waleed]

aaaaaah, it doesn't matter. the session id on links comes and goes. I'll act like I don't know what the heck is going on....hahahehe

[karinne]

Hey Joe or who ever else can help me on this,

I'm using your contact script for a client of mine. It works great except for one thing.

When I type in the info on the contact page and send it, it sends an email to whoever I specify (kl@karinnelegault.com) and to the person who sent (karinne@karinne.net) the message? Is that correct? I can't find where in the code you say to do that?

Also, when I view the message in Thunderbird, the person who sent (Karinne <karinne@karinne.net) it doesn't show. Seems like the From field doesn't work?! And when I hit reply, to reply to that email, it puts the email I specified (kl@karinnelegault.com).

Weird stuff! I really need this sorted out tonight or tomorrow as this is a rush job!

TIA

Oh here's my thank-you.php code

CODE

<?     
    session_start();

    include 'config.php';

    $ses_id2 = session_id();
    if(!$ses_id2 == $_SESSION['ses_id']) {
        $ErrorMsg = 'Error, session ID mismatch.';
        $_SESSION['errormsg'] = $ErrorMsg;
        header('Location: '.$ErrorDomain.'');
        exit();
    }
    
    $name = $_POST['name'];
    $email = $_POST['email'];
    $address1 = $_POST['address1'];
    $address2 = $_POST['address2'];
    $city = $_POST['city'];
    $state = $_POST['state'];
    $zip = $_POST['zip'];
    $footage = $_POST['footage'];
    $location = $_POST['location'];
    $otherdetails = $_POST['otherdetails'];
    $privacy = $_POST['privacy'];

    $_SESSION['name'] = $name;
    $_SESSION['email'] = $email;
    $_SESSION['address1'] = $address1;
    $_SESSION['address2'] = $address2;
    $_SESSION['city'] = $city;
    $_SESSION['state'] = $state;
    $_SESSION['zip'] = $zip;
    $_SESSION['footage'] = $footage;
    $_SESSION['location'] = $location;
    $_SESSION['otherdetails'] = $otherdetails;
    $_SESSION['privacy'] = $privacy;

    if (($name == NULL)  || ($email == NULL)) {
        $ErrorMsg = 'Error, please make sure all fields are filled in.';
        $_SESSION['errormsg'] = $ErrorMsg;
        header('Location: '.$ErrorDomain.'');
        exit();
    }

    if (!ValidateEmail($email)) {
        $ErrorMsg = 'Error, invalid email address supplied.';
        $_SESSION['errormsg'] = $ErrorMsg;
        header('Location: '.$ErrorDomain.'');
        exit();
    }    
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">

<head>

    <title>CTC - Commercial Team Construction</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
    <link rel="stylesheet" type="text/css" href="../css/styles.css" />

</head>

<body>
<!-- wrapper -->
<div id="wrap">

<!-- logo and banner -->
<div id="logo"><img src="../i/ctc-logo.jpg" width="775" height="139" alt="CTC - Commercial Team Construction" /></div>
<div id="banner">
<!-- menu -->
<div id="menu">
    <ul>
        <li><a href="../index.html" class="home"><span>home</span></a></li>
        <li><a href="../about-us/index.html" class="aboutus"><span>about us</span></a></li>
        <li><a href="../services/index.html" class="services"><span>services</span></a></li>
        <li><a href="../commercial/index.html" class="commercial"><span>commercial</span></a></li>
        <li><a href="../faq/index.html" class="faq"><span>faq</span></a></li>
    </ul>
</div>
<!-- END OF menu -->
</div>
<!-- END OF logo and banner -->

<!-- main content area -->
<div id="pagetitle"><img src="../i/page-titles/faq.jpg" width="110" height="20" alt="FAQ" /><h1>FAQ</h1></div>

<div id="contenttop"></div>
<div id="content">

<?
$time = time();
$datetime = date("D, M jS Y / g:ia", $time);
$ip = $_SERVER["REMOTE_ADDR"];
$message = '
<html>
<head>
<title>'.$subject.'</title>
</head>

<body>
<p><strong>Name:</strong> '.$name.'</p>
<p><strong>E-mail:</strong> '.$email.'</p>

<p><strong>Address:</strong></p>
<p>'.$address1.'<br />
'.$address2.'<br />
'.$city.'<br />
'.$state.'<br />
'.$zip.'</p>

<p><strong>SQ. footage of building:</strpmg> '.$footage.'</p>
<p><strong>Location of property:</strong> '.$location.'</p>

<p><strong>Other Details:</strong></p>
<p>'.SafeHTML($otherdetails).'</p>

<p><strong>Privacy Policy</strong> '.$privacy.'</p>

<p><strong>Sent on:</strong> '.$datetime.'</p>
<p><strong>Logged IP Address:</strong> '.$ip.'</p>
</body></html>';


$headers  = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "From: $email\r\n";
mail($to, $subject, $message, $headers, "Reply to: $email\r\n");
?>

    <h1>Thank You</h1>
<p>Thank you <?=$name?>, your comment/question has been received.  The following information has been sent;</p>
<p><strong>Name:</strong> <?=$name?></p>
<p><strong>E-mail:</strong> <?=$email?></p>
<p><strong>Address:</strong></p>
<p><?=$address1?><br />
<?=$address2?><br />
<?=$city?><br />
<?=$state?><br />
<?=$zip?></p>

<p><strong>SQ. footage of building:</strpmg> <?=$footage?></p>
<p><strong>Location of property:</strong> <?=$location?></p>

<p><strong>Other Details:</strong></p>
<p><?=SafeHTML($otherdetails)?></p>

<p><strong>Privacy Policy</strong> <?=$privacy?></p>

</div>
<div id="contentbottom"></div>
<!-- END OF main content area -->

<br style="clear: both;" />
</div>
<!-- END OF wrapper -->

<!-- footer -->
<div id="footer">
    <div id="fleft">Copyright © Commercial Team Construction</div>
    <div id="fright"><a href="../index.html">Home</a> | <a href="../about-us/index.html">About Us</a> | <a href="../services/index.html">Services</a> | <a href="../commercial/index.html">Commercial</a> | <a href="../faq/index.html">FAQ</a> | <a href="../contact-us/index.php">Contact Us</a> | <a href="../site-map/index.html">Site Map</a></div>
</div>
<!-- END OF footer -->

</body>
</html>

and my config.php

CODE

<?

function SafeHTML($string) {
   $string = stripslashes($string);
   $string = htmlspecialchars($string);
   return nl2br($string);
}

/*
The function 'SafeHTML' helps to protect you from being sent HTML emails
via your contact form.

[url=http://us2.php.net/manual/en/function.htmlspecialchars.php]http://us2.php.net/manual/en/function.htmlspecialchars.php[/url]

* & (ampersand) becomes &
* " (double quote) becomes "
* ' (single quote) becomes '
*< (less than) becomes <
*> (greater than) becomes >
*/

function ValidateEmail($email){
   $result = ereg("^[^@ ]+@[^@ ]+.[^@ .]+$", $email);
      if ($result){
         return true;
      } else {
         return false;
      }
}

/*
The 'ValidateEmail' function checks to see if the email provided is that of the
structure of a real email address (something@somewhere.com).  It doesn't
check if the email address is a REAL address ... it just checks the format.
*/

$ErrorDomain = "../contact-us/index.php?error=1";

/*
The '$ErrorDomain' variable stores the URL the browser should re-direct to
should any errors be encountered.  Whatever you change the URL to, make
sure you keep '?error=1' at the end.
*/

$to  = "Karinne Legault <kl@karinnelegault.com>";
$subject = "Contact Form";
$from = $email;

/*
'$to' is your email address, where the form shall be sent to.
'$subject' is the subject of the email.
*/

?>

This post has been edited by karinne: Mar 17 2006, 11:29 PM

[Joe]

When I type in the info on the contact page and send it, it sends an email to whoever I specify (kl@karinnelegault.com) and to the person who sent (karinne@karinne.net) the message? Is that correct? I can't find where in the code you say to do that?

The 'CC' button, which you have removed did the carbon copy of the email, that sent a copy of the email to the sender aswell as the recepient.

Just an IF statement to see if the 'cc' button was checked, which just sent another email to the senders email address containing all the same details.

I think this is where your problems are coming from Karinne.

[karinne]

So ... what do I have to add and where?!?

[Joe]

What does your form look like? Do you still have the 'CC' button?

... actually, looking at my script, I don't have the CC button part there

CODE

<input type="checkbox" name="cc" value="cc" tabindex="6" /> Send me a <abbr title="Carbon Copy">CC</abbr>

And the server side;

[php]$CC = $_POST['cc'];

if($CC) {
$ccto = "$Name<$Email>";
$ccsubject = "CC Copy - Joe2Torials.com Contact Form";
$ccmessage = '
<html>
<head>
<title>'.$subject.'</title>
</head>
<body>

<p>Here is your requested carbon copy of your comment / question from Joe2Torials.</p>

<p><strong>Name:</strong> '.$Name.'</p>
<p><strong>E-mail:</strong> '.$Email.'</p>

<p><strong>Comment / Question:</strong></p>
<p>'.nl2br($Comment).'</p>
</body></html>';

$ccheaders = "MIME-Version: 1.0\r\n";
$ccheaders .= "Content-type: text/html; charset=iso-8859-1\r\n";
$ccheaders .= "From: $Email\r\n";
mail($ccto, $ccsubject, $ccmessage, $ccheaders);
}[/php]