Send php email from contact form

Question

Hi i am a newbie to php and am following this tutorial

http://tutorialpot.com/2011/06/fancy-contact-form-with-inline-validation/#comment-1771

i am wondering where do i put in my email address so users can send a email to me

thanks in advance

 <?php 
function checkLen($str,$len=2) //&len definens the minimun length of the input fields
{
    return isset($_POST[$str]) && mb_strlen(strip_tags($_POST[$str]),"utf-8") > $len;
}
function checkEmail($str)
{
    return preg_match("/^[\.A-z0-9_\-\+]+[@][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $str);
}
foreach($_POST as $k=>$v)
{
$_POST[$k]=stripslashes($_POST[$k]);

$_POST[$k]=htmlspecialchars(strip_tags($_POST[$k]));
}
//session names must be same with that in contact form      
session_name("tpot_contact");
@session_start();
if (isset($_POST['send'])){ 
$err = array();
if(!checkLen('name'))
    $err[]='The name field is too short or empty!';
if(!checkLen('email'))
    $err[]='The email field is too short or empty!';
else if(!checkEmail($_POST['email']))
    $err[]='Your email is not valid!';
if(!checkLen('subject'))
    $err[]='You have not selected a subject!';
if(!checkLen('message'))
    $err[]='The message field is too short or empty!';
if((int)$_POST['captcha'] != $_SESSION['expected'])
    $err[]='Wrong security code!';
if(count($err))
{
        $_SESSION['errStr'] = implode('<br />',$err);
        header('Location: '.$_SERVER['HTTP_REFERER']);
        exit();
    }
    //submission data
        $IP=$_SERVER['REMOTE_ADDR'];
        $name=$_POST['name'];
        $email=$_POST['email'];
        $date=(gmdate(" Y/m/d "));
         $time = date('H:i:s');  
        $message=$_POST['message'];
            $from="noreply@tutorialpot.com";
            $subject =  " from ".$_POST['name']." | contact form";
            $headers = "From: ".$from."\r\n";
            $headers .= "Reply-to: ".$from."\r\n";
            $headers = 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; 
            //checks whether send to my email address is set
            if ($cc == 1) {
             $headers .= 'Cc:'. $_POST['email']."\r\n";
                          } 
        $msg =
          "<p><strong>Name: </strong>" .$name. "</p> 
          <p><strong>Email Address: </strong>" .$email. "</p> 
          <p><strong>Enquiry: </strong>" .$_POST['subject']. "</p> 
          <p><strong>Message: </strong>" .$message. "</p>
          <br/> <br/>
          <p>This message was sent from the IP Address:" .$ipaddress." on".$date. "at".$time."</p>";
             if(@mail($email, $subject, $msg, $headers))
             {
        $success=array();
        $success[]='Your message has been sent! | Thank you';
        $_SESSION['sent'] = implode('<br />',$success);
         header('Location: '.$_SERVER['HTTP_REFERER']);
         exit();
            }
    else{
    $err[]='your message could not be sent due to a network problem please try again.!';
    $_SESSION['errStr'] = implode('<br />',$err);
    header('Location: '.$_SERVER['HTTP_REFERER']);
    exit();
    }
}
?>

  <div class="fieldContainer"> 
    <label for="name" >*Name: </label>
    <input class="validate[required,minSize[3]] input1" id="name" name="name" type="text" autofocus="autofocus"  placeholder="NAME"/><br /><br />
    <label for="email">*Email</label>
    <input class="validate[required,custom[email]] input1" id="email" name="email" type="text"  placeholder="EMAIL"  /><br /><br />
      <label for="subect" >*Subject</label>
      <select  id="dropdown4" name="subject" class="validate[required] input1">
        <option  selected="selected" value="">--Choose--</option>
        <option value="Quote">Quote</option>
        <option value="Suggestion">Suggestion</option>
        <option value="Question">Question</option>
        <option value="Business Proposal">Business Proposal </option>
        <option value="Advertising">Advertising</option>
        <option value="Complaint">Complaint</option>
        <option value="Other">Other</option>
      </select><br /><br />
    <label for="message" >*Message</label>
    <textarea rows="10" cols="15" name="message" class="validate[required,minSize[3],maxSize[300]]  input1" id="message" placeholder=" MESSAGE CONTENTS"></textarea><br /><br />

      <legend>*Human Verification (HELP US FIGHT SPAM)</legend>
      <label for="captcha">25+9=</label>
    <input type="text" class="validate[required,custom[integer]] input1 " name="captcha" id="captcha" maxlength="2" placeholder="DO A LITTLE MATH" />
 <p> 
      <input type='checkbox' id='cc' name='cc' value='1'  />
      Send a copy to your email address
      </p>
  </div>
  <div class="signupButton">
 <input  name="send" type="submit" class="btnsubmit" id="btnsubmit" />
    <!--<input class="blackb" type="submit"  name="send"  id="submit"/>-->
  </div>

</form>

Answer 1

This tutorial seems to have a few mistakes (at least at a first glance).

It uses $cc however this variable is not defined anywhere.

It sends the message to $email, but $email = $_POST['email'] (line 42) so it sends that e-mail to the e-mail address provided in the form (?). You want to fix line 62 with:

if(@mail('yourem@il.com', $subject, $msg, $headers))

It is also not sanitising the inputs so you can inject headers into the e-mail message. More explained here.

Finally, if the CC functionality was properly implemented (i.e. $cc was defined), you would send a copy of the e-mail to the sender (CC) thus revealing your e-mail address (not good if you want to avoid spam). You should send a separate e-mail to the sender.

Answer 2

It is this section that sends the message as mail returns bool. The first paramters is the to address (see link)

if(@mail($email, $subject, $msg, $headers))

http://php.net/manual/en/function.mail.php

In the example the email will go to the address the user enters as seen as $email is populated with the posted value

$email=$_POST['email'];

but you can hardcode to what ever you want.

if(@mail('youremail@domain.com', $subject, $msg, $headers))