I have a tell a friend page done in PHP adnd I'd like to have it so that they can't edit/change the message only add their email & friend email...and not be able to add spam to it.
and I'm pretty new at PHP so Thanks in advance for any help!
here's the code I'm using for the Tell a Friend
[php]<?php
$FriendName = $_POST['FriendName'];
$FriendEmail = $_POST['FriendEmail'];
$Name = $_POST['Name'];
$Email = $_POST['Email'];
$emailtext = $_POST['emailtext'];
$string = "http://www.americanconsumerinstitute.org";
?>
<html><head>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_validateForm() { //v4.0
var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
if (val) { nm=val.name; if ((val=val.value)!="") {
if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
} else if (test!='R') { num = parseFloat(val);
if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
min=test.substring(8,p); max=test.substring(p+1);
if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
} } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
} if (errors) alert('The following error(s) occurred:\n'+errors);
document.MM_returnValue = (errors == '');
}
//-->
</script>
</head>
<body>
<?php
if (!$FriendEmail) {
?>
<br>
<form name="form1" onSubmit="MM_validateForm('Name','','R','Email','','RisEmail','FriendName','','R','FriendEmail','','RisEmail');return document.MM_returnValue" action="" method="POST">
<div align="center">
<table width="427" border="0" cellspacing="0" cellpadding="3">
<tr>
<td width="69" align="right" valign="top"> </td>
<td width="5"><font face="Verdana" size="2"> </font></td>
<td width="113"><font face="Verdana" size="2">Name: </font> </td>
<td width="216"> <font face="Verdana" size="2">E-mail:</font></td>
</tr>
<tr>
<td align="right" valign="top"><font face="Verdana" size="2"><b>You:</b></font></td>
<td> </td>
<td>
<font face="Verdana">
<input type="text" name="Name" size="15"><font size="2"> </font></font>
</td>
<td>
<font face="Verdana">
<input type="text" name="Email" size="20"><font size="2"> </font></font>
</td>
</tr>
<tr>
<td align="right" valign="top"><font face="Verdana" size="2"><b>Friend:</b></font></td>
<td> </td>
<td>
<font face="Verdana">
<input type="text" name="FriendName" size="15"><font size="2"> </font>
</font>
</td>
<td>
<font face="Verdana">
<input type="text" name="FriendEmail" size="20"><font size="2"> </font>
</font>
</td>
</tr>
<tr>
<td align="right" valign="top"><font face="Verdana" size="2"><b>Message:</b></font></td>
<td> </td>
<td colspan="2">
<font face="Verdana">
<textarea name="emailtext" cols="38" rows="6" style="font-family: Trebuchet MS; font-size: 10pt">
I found this great website and I believe you would be interested in it.
Here is the link to that page: <?php echo $string ?>
</textarea><font size="2"> </font></font>
</td>
</tr>
<tr>
<td align="right"> </td>
<td><font face="Verdana" size="2"> </font> </td>
<td>
<font face="Verdana">
<input type="submit" value="Send" name="Submit"><font size="2"> </font>
</font>
</td>
<td> </td>
</tr>
</table>
</div>
</form>
<?php
}
else {
if ($FriendEmail) { mail( $FriendEmail, "Message from $Name", "$FriendName, \n\n".$emailtext ."\n\n$Name", "From: $Email");
}
echo "<center><br><br><font face=Verdana size=2>Thank you <font color=red>$Name</font>. The email has been sent to <font color=red>$FriendName</font>. <br><br><a href='javascript
:window.close();'>Close this window</a></font><p>
<font face=Verdana size=2>powered by: <a href=http://www.americanconsumerinstitute.org/ target=new>Tell A Friend</a></font></p>";
}
?>
<p> </p>
</body>
</html> [/php]
Unsolved 
