PHP Contact Form v.2.0 Released

Posted October 3rd, 2006 by Mike Cherim

This has been long overdue — almost a year — but I have finally reworked my old contact form completely and I’m extremely pleased to re-release it as my all-new Secure and Accessible PHP Contact Form v.2.0. I made a vast number of improvements to enhance its accessibility, usability, and most notably its security. To get the full picture about its features, and to download it for yourself, please see this official download page, and if you want, you may also check out the working demo form. I have slaved over this for more than a week adding fourteen fifteen sixteen security features and myriad enhancements. My main goal was to make it spam-proof. It’s not, there are no absolutes, but it should be very resistant. Think of it as you would a waterproof watch. Sure, it won’t be ruined when you go swimming, but at around 2000 feet it’s going to implode. Anyway, I’m really pleased with the results and hope you like it too.

To date, this “Secure and Accessible PHP Contact Form v.2.0″ has been downloaded 35111 times since its release on: Oct. 3rd, 2006.

Attention: There is a new post for form support. Please use it to post your comments, questions or suggestions. Please, however, review the comments herein first to see if your question or concern has been addressed already. Thank you.

256 Responses to: “PHP Contact Form v.2.0 Released”

  1. Harmen Janssen responds:
    Posted: October 4th, 2006 at 4:31 am

    Hello Mike,

    great script! I will surely study your anti-spam measurements.

    I just wanted to point out an error in gbcf_config.php: on line 28, the first entry in the $gb_options array is followed by a semicolon instead of a comma.

    Keep up the good work, I enjoy your scripts :)

  2. Anthony Brewitt responds:
    Posted: October 4th, 2006 at 7:35 am

    I loved your first version as you know, and cant wait to play with this one! - I just wish it was a WP plugin! Maybe v3?

  3. Harmen Janssen responds:
    Posted: October 4th, 2006 at 7:24 pm

    Glad to be of help, Mike! :)
    Keep em coming!

  4. Rachel Turner responds:
    Posted: October 5th, 2006 at 9:05 pm

    Nice work Mike! (I’ve signed up for your fan club ;-) )

    Less than 1/4 hour to install, configure the email address and stuff, and it works right out of the box. Tweak the CSS to suit your site and you’re ready to rock and roll. I ended up shifting the formhead out of the flow using a negative absolute position because I’d already got a heading announcing the form on the page (which meant putting a new class that I called formhead_results in gbcf_form.php on line 259 with the original styling for formhead so the results heading didn’t go west too, but then I just like making things difficult. ;-)

    Just one teeny tiny typo on the CSS on line 8 on the div#gb_form_dv - should be div#gb_form_div - it doesn’t affect the demo form because it’s not styled.

    Valid, accessible and secure all rolled into one though - a vision of loveliness! You’ve done it again Mike. Kudos.

    All bow down to the Green Beastie Man!

  5. Adam Messinger responds:
    Posted: October 17th, 2006 at 6:54 pm

    Hi Mike,

    This is probably one of the best PHP contact form scripts I’ve ever come across. There are a small handful of possible problems with it, however. I’ll be the first to admit that I’m far from an expert PHP programmer, but here’s what I’ve found and/or thought of:

    1) Use of isset() and empty() to test variables — I don’t understand the reason for using both of these functions to test the same variables, since they seem to do the same things. Also, I can imagine situations in which “0″ would be a valid value for a field in a contact form. By using empty() to test field values, this becomes impossible. You might consider using if ( strlen($variable) == 0 ) instead.

    2) No abstraction of logic from presentation — Because of the way it’s built, the script is difficult to customize. For example, to pick and choose your own fields to display and/or make required, you have to dig through the gbcf_form.php file for the right things to alter and know enough PHP to do so. This is probably a version 3.0 thing, but you might consider scrapping gbcf_form for a gbcf_functions file. Instead of including an all-inclusive prefab contact form, people could call PHP functions to create new form fields and use arguments to specify the validation parameters.

    3) Inline styles — This is more of a personal pet peeve, since I try to avoid them as much as possible. It would be nice to see the inline styles moved entirely to gbcf_styles.css.

    None of these suggestions are meant to diminish the great work you’ve done on this script. You’ve paid special attention to the most important things: security and spam prevention. That’s a lot more than can be said for 90% of the contact forms floating around the Internet. My hope is only that suggestions like mine might make future versions even better.

  6. Adam Messinger responds:
    Posted: October 18th, 2006 at 3:30 pm

    Hello again,

    I have a suggestion that might provide additional spam protection. I noticed that your script uses the variable $gb_email_address to provide an alternate contact method when one is needed. While it’s great to give site visitors another way to reach my clients if they have form trouble, a clever spam script will scrape error pages like this for e-mail addresses that can be added to spammers’ lists.

    To preserve the alternate contact feature, but maintain a high level of spam protection for my clients, I added the following lines to the config file (hope this formats right…):

    // Enter your alternate contact info (for form problems)
        // EXAMPLE: $gb_alt_contact = "(321) 555-1036";
        // EXAMPLE: $gb_alt_contact = "bob [at] mycompany [dot] com";
        $gb_alt_contact = "me [at] myhost [dot] com";

    This allows me to add stuff like the following to error messages:

    If you think you’ve received this message in error, please contact '.$me_or_us.' at '.$gb_alt_contact.' to report the problem.

    I thought I’d pass this along to you, in case you felt like incorporating it into future versions. Thanks again for the excellent script.

  7. Adam Messinger responds:
    Posted: October 18th, 2006 at 7:35 pm

    Your e-mail hiding script looks like it would do the trick, but the hassle about filtering based on user agent is being comprehensive enough. For example, I’m not sure your script would work for Lynx or Flock (one of your tests for “mozilla” might catch Flock, though).

    A future version of the contact form might incorporate the e-mail hider as a function. You could then add something like this to the section near the top, where you make all the config variables lowercase:

    if ( ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})", "$gb_alt_contact") ) { $gb_alt_contact = getSafeEmail($gb_alt_contact); }

  8. Garrett responds:
    Posted: October 20th, 2006 at 6:46 pm

    Thanks so much for the online PHP form explanation.

  9. Peter Barrett responds:
    Posted: October 25th, 2006 at 8:21 am

    Hello Mike
    First off, like Adam Messinger, I’ll simply echo ‘This is the most intelligent and capable contact form script I’ve come across yet !‘; :-) pun intended !
    I hope you’ll accept a couple of comments though from someone who is also no PHP guru but I’ve been around :-
    1. Concerning the carbon copy $_POST[’gbcc’] variable. You obviously know this is going to give trouble else you wouldn’t attempt to suppress the potential errors it could give rise to. Eg. $gbcc - undefined index if cc. is not requested. This is OK but if you run your PHP installation with an error log, you will always get an unnecesary log post to this effect everytime a non cc. request is made. As this is the default option - probably most of them. I edited your code in gbcf_form.php as follows, which resolves this issue :

    // Next conditional necessary because $_POST[’gbcc’] is NOT set unless gbcc checkbox is checked which would result in $gbcc being undefined.

    if (isset($_POST[’gbcc’])) {
    $gbcc = $_POST[’gbcc’];
    } else {
    $gbcc = ‘nocc’;

    2. Given our ‘global society’ why not junk messing around with time offsets and the date() function in favour of adopting a standard with the gmdate() function. This latter function also doesn’t keep coming up with ‘don’t trust the timezone’ warnings like date() does. This is even better for the error log !

    all the very best from England

    Pete Barrett

  10. Secure and accessible PHP contact form for WORDPRESS - Blue Anvil Journal responds:
    Posted: October 25th, 2006 at 10:09 am

    […] Based on the PHP contact forms by Mike Cherim, Mike and I have developed a fully configurable, spam-proof, wordpress contact form plugin. […]

  11. Peter Barrett responds:
    Posted: October 25th, 2006 at 11:04 am

    Hi Mike
    OK I hear where you’re coming from with this and hey, it’s your script so I really don’t want to upset anything and certainly anybody at all but I guess you must have a reason for suppressing the error on $_POST[’gbcc’] ? In your code $gbcc is only used as a comparison against the string ‘gbcc’ which is the value of the $_POST[’gbcc’] variable if, and only if, the gbcc checkbox is checked. If the gbcc checkbox is unchecked, not only is there no value involved but crucially there is no $_POST[’gbcc’] variable created as part of the $_POST array to hold that value. Hence when you assign it to $gbcc it causes the error because it doesn’t exist. Checking the $_POST array will confirm all of this and I suspect it’s the reason for the error suppression in the script.
    As far as I’m aware, the default installation of PHP runs with the lowest error category ‘warnings’ turned off. If anybody runs like that (that I would think would be just about every hosting provider) then if you had no error log, it wouldn’t be seen.
    As for ‘nocc’ well, that string can be anything (as long as it is 4 characters or less) because you’re only testing against ‘gbcc’ and to take it a stage further, the else part of the if construct I previously posted actually isn’t programmatically required because I’m only checking to see if $_POST[’gbcc’] is actually set, which it isn’t if no cc. is requested.
    Hope that’s as clear as mud :-)

    best wishes always

    Pete Barrett

  12. Peter Barrett responds:
    Posted: October 25th, 2006 at 1:32 pm

    Hi Mike
    You simply come across as a guy who has laboured long and hard to produce a truly useful and capable contact form script alongside some pretty impressive web development. This point I’m making about error suppression ie. the ‘@’ on that variable is somewhat academic anyhow. If anyone wants to do what I suggested then OK but it’s definitely not essential because the script is excellent without it. There maybe someone out there who can clarify it better than me, so until then …

    all the best

    Pete Barrett

  13. Penny responds:
    Posted: December 6th, 2006 at 8:20 pm

    Hi Mike-
    Again great script. Anytime spent on standards based projects that actually work in the real world is fantastic! Good on you, I can’t wait until I am at the stage where I can contribute to the world out there.
    Something that might concern you, (as it does me) is MySQL injection attack, where a user can insert MySQL into a form field, and drastically change any of your databases. I put in some non-invasive MySQL statements (just selecting data, didn’t want to stuff up anything) But i didn’t receive an error about it.

    Just thought I should let you know!

  14. Andrew responds:
    Posted: January 2nd, 2007 at 6:46 am

    I have the form working on my site and when I include the file I keep getting the Anti-Spam Trap 1 Field Populated:

    I’ve changed the $form_location variable and no difference.

    When I try and access the forrm direct at I then get the Referrer Missing or Mismatch: error

    Now I am totally lost

    Also I wish to change the url field to a zip code field and add a couple of other fields as well. I’m ok but not the best at debugging things as you’ve guessed. Is there any notes about making changes.

  15. - WordPress-Ready Contact Form v.2.0WP by Mike Cherim responds:
    Posted: January 13th, 2007 at 2:34 pm

    […] On October 3rd I announced that I released my Secure and Accessible PHP Contact Form v.2.0. It was also requested at that time that it made available for use with WordPress. Well, now it is. I teamed up with Mike Jolley and together we took my form script and made a WordPress plugin that you can download on the Official v.2.0WP Download Page (see WordPress Version Demo). Check it out. (Also see Mike Jolley’s Official Page.) I think you’re going to be very pleased. […]

  16. Karen responds:
    Posted: January 20th, 2007 at 8:09 am

    Thanks for making a great AND accessible form. The word “accessible” is what sold me instantly! :-)

    Suggestion: Change charset in wp-gbcf_form.php from iso-8859-1 to utf-8. I live in Denmark and just received a comment in Danish that distorted the Danish letters. I wasn’t sure where to start bugtracking, because my site is utf-8. I found the culprit in this .php file. Once I changed that, everything was perfect. This wouldn’t affect any US users, but for all international users, it might be an advantage to have utf-8 in there already. Just an idea I wanted to share. Just a sure tip I picked up at a while back. Cheers! And thanks again for a great plug-in.

  17. darrell responds:
    Posted: March 1st, 2007 at 10:49 pm

    Hi, I keep getting the error
    “Results: Whoops! Error Made!

    Anti-Spam Trap 1 Field Populated: You populated a spam trap anti-spam input so you must be a spambot. Go away!”

    I followed the instructions carefully, but I’m still stuck with this error. Any ideas on what’s going on?

    Nice script, by the way. I use it for wordpress plugins also and it works great. Thanks to you, Mike.


  18. darrell responds:
    Posted: March 2nd, 2007 at 8:20 am

    Thanks Mike. It works now. One of these days I’m going to learn that these things are very specific. One comma or semi-colon missing, and it’s a disaster.

    I do have one other question - how do i either remove the line around the form or squeeze it in to fit in a smaller (like one side) part of a page? Which function on the css? Sorry for the silly questions - still learning.

    Thanks again!

  19. darrell responds:
    Posted: March 3rd, 2007 at 2:40 am

    Thanks Mike! That worked out just fine. I was also able to change the width to 50%.

  20. Sam responds:
    Posted: March 13th, 2007 at 9:06 pm

    Hi Mike
    I have just found your script and it’s simple, powerful, and does exactly what is required in terms of SPAM.
    I have configured the form and having it working now, however i wonder is there a way to not utilise the “Required Contact Reason” - or is this integral to its functionality. The config file says it is an “optional”, or maybe this just references the fact that you can add/edit your own. I would ideally not want to use this drop select box on my form. Be greatful if you could post someinfo on this.

    Anyhow, thanks for making this script available it is much appreciated. regards Sam

  21. DrDiesel responds:
    Posted: March 16th, 2007 at 2:05 am

    I can’t seem to get the textarea to enlarge. I changed the cols to 95 to make it obvious that it was changing but this did nothing. Additionally I noticed that the textarea box (as the one I am typing this into) doesn’t line up with the “Enter your message” text above it.

    No where in the styles could I find anything that would be keeping the logical fixes from working.

    Besides this current issue, I think you have done a WONDERFUL job with the form, very nice work!

  22. DrDiesel responds:
    Posted: March 16th, 2007 at 12:20 pm

    Ah ha!
    It was my style sheet overwriting yours, that has been rectified, thank you tons.

    The XHTML issue was an oversight and will be fixed, thanks for that too.

    The —Index— is of course fine, this is just a staging site and not yet ready for prime-time, but once again, thanks for looking at the details that weren’t even related to my question, it *is* appreciated.

    This is a great form, I have passed this around to all my developer friends and co-horts, well done!

  23. Sam responds:
    Posted: March 18th, 2007 at 11:16 pm

    Hi Mike, i am wanting to collect a couple of additional fields on the Contact Form. Can you tell me if this is do-able, and how i would go about this please. Best regards again from Auckland, New Zealand.

  24. Thomas responds:
    Posted: March 29th, 2007 at 3:20 am

    Hello I am getting the “Spam Trap 1″error. I made the suggested changes (or think I did). Nonetheless, I am having little success.

    In the following line, does “yourpage.php” refer to the contact page we made or the gbcf_form.php?:
    $form_location= "";

    This is what I have:

    // $form_location= "http://".$_SERVER['HTTP_HOST']."".@$_SERVER['REQUEST_URI']."";

    $form_location= "";

    I also tried:

    $form_location= "";

  25. : The good things - Immediate needs and financial priorities list responds:
    Posted: April 4th, 2007 at 8:12 pm

    […] If you are interested in sponsoring this Blog please get in touch with me. You can contact me easily now. I created a contact page thanks to an article on Lorelle’s Blog that pointed me to a great contact plugin by Mike Cherim. Note to self - Donate to the plugin creator via paypal today. Done. […]

  26. mads responds:
    Posted: April 17th, 2007 at 1:12 pm

    Thanks :) This form is great.

  27. Clint Foster responds:
    Posted: April 25th, 2007 at 11:17 am

    Hi Mike,
    Thanks again for you offline help. The script is working great, but wanted to point out that, in order to get it to work on my Win2K server, I had to make the following adjustments to gbcf_form.php:

    $ip = getenv("REMOTE_ADDR");
    $hr = getenv("HTTP_REFERER");
    $hst = gethostbyaddr( $_SERVER['REMOTE_ADDR'] );

    my code:

    $ip = $_SERVER['REMOTE_ADDR'];
    $hr = $_SERVER['HTTP_REFERER'];
    $hst = $_SERVER['REMOTE_HOST'];


  28. : Revisiting the Needs and Priorities List to practice positive self talk and hand coding - Striking Out responds:
    Posted: April 26th, 2007 at 9:41 pm

    […] If you are interested in sponsoring this Blog? please get in touch with me. You can Contact me. easily now. I created a contact page And thanks to an article on Lorelle’s Blog that pointed me to a great contact plugin by Mike Cherim. Note to self - Donate to the plugin creator via paypal today. Done. Thank you, Lorelle and Mike. […]

  29. Neal responds:
    Posted: April 29th, 2007 at 7:47 am

    The plugin works fine except that no matter what I do none of the styles will apply. Has anyone experienced this problem? Blog is at:

  30. kReEsTaL responds:
    Posted: May 7th, 2007 at 5:00 pm

    Hi Mike :)

    I’m trying to install the PHP form after I successfully intalled the WP version on my blog.

    But I have a problem: although I get the “success!” message, I do get no email. I’m desperate! I spent a few hours trying all the tips you gave here and there, changing the form location etc. but it doesn’t change anything. I also tried to install it on another server to check whether the main one is down, but it doesn’t change anything either.

    The current form location is as follow:
    $form_location= "";

    The thing is the form works perfectly on my blog, despite me using the WP version and not that PHP version.

  31. kReEsTaL responds:
    Posted: May 7th, 2007 at 5:04 pm

    Oh and is this normal:
    $me_or_us = "me";;

    in gbcf_form.php, line 22 ?

  32. kReEsTaL responds:
    Posted: May 7th, 2007 at 7:18 pm

    Hi Mike, thanks for your quick reply!

    - I’m trying to install the PHP form on an independent website. Nothing to do with Wordpress at all this time! :)
    - I’m using the very last version of the PHP form that can be downloaded on your site (the one that has been obviously modified on April, 14th). I can’t understand what makes you say I’m using a very old version? I’m confused.
    - My question about the code was not about using the personal or organisation settings, but about the two semicolons you can fin after “me”:
    $me_or_us = "me";;

    Anyway, I deleted all my form folder, re-downloaded it all from your site, changed the settings, and I have the same problem: despite the form being sent without any problem (I get the “Success!” message), I do not get any email in my mailbox once the form has been validated. I’ve tried all afternoon long, at least 50 times, eh, and I still haven’t got any email. :-S I don’t know where this problem it could come from? As though there was a problem with the “action” that is involved when the input button is pushed. Any clue what that might be?

    You can still test the form here. The form files are contained here.

  33. kReEsTaL responds:
    Posted: May 8th, 2007 at 12:38 pm

    It’s all fixed now! Obviously it was my host who held my messages for some unknown reasons, and sent them to me only this morning (so I got about 36 in a row! lol). So it works smoothly now. :)

    The two semi-colons were in your original file.

    Thanks for your help!! ^^

  34. LolitochkaBC responds:
    Posted: May 10th, 2007 at 3:09 am

    Ааанц-уа ребятки голосуем!!!

    Прижнавайтесь проказпики и владельцы сайта ))))

    ЧТО вы удете делать этим летом?!

  35. Catia responds:
    Posted: May 10th, 2007 at 3:10 pm

    Is there any way to enable logging? I’d like to be able to see both the successful and blocked email. (Along with reason blocked, IP and if possible what they were trying to send.)

    Great form even without this feature, but this would make it amazing! I’m just a bit worried I may be blocking more than I want, or worse missing injection problems.

  36. Nicole responds:
    Posted: May 11th, 2007 at 2:14 pm


    Great site and awesome form! I’m a novice when it comes to web design and scripting, but I’m giving it a go! One of the most annoying forms of spam I get is link spam. Is there a way to disallow this in the form?


  37. Khurram Ali responds:
    Posted: May 14th, 2007 at 10:48 pm


    Nice Form, does really work the way it is supposed to work. Thanks for the effort,

    I appreciate it.

    Keep up the good work.

  38. ross responds:
    Posted: May 16th, 2007 at 10:31 pm

    Any ideas on how to radio buttons?
    I’ve had a go editing the php, but can’t get it right. Any help would be much appreciated.

  39. ross responds:
    Posted: May 16th, 2007 at 11:11 pm

    Thanks Mike, I was over complicating things as usual. Seems to work fine now. Thanks for the quick response and fantastic form.

  40. Paul responds:
    Posted: May 25th, 2007 at 5:33 pm


    Thanks for making this available! I have a problem with my install of the form in that it ALWAYS gives me the following error…

    Results: Whoops! Error Made!
    Anti-Spam Trap 1 Field Populated: You populated a spam trap anti-spam input so you must be a spambot. Go away!

    What is causing this? I’m certain it’s something I have failed to do!

    The form is at

    Kind regards


  41. Paul responds:
    Posted: May 26th, 2007 at 3:25 am


    This worked perfectly. Thank you very much. I’l now work on the appearance of the form so it matches my site and I’ll be sure to turn the “credit option” on.



  42. Paul responds:
    Posted: May 26th, 2007 at 6:35 pm

    Hi again

    I’ll have to back-step a little…

    It worked once and now gives me the same message as it did before.


  43. Mike responds:
    Posted: May 27th, 2007 at 12:29 am

    I’ve got the form installed and it works great except for not sending out the form email. I get the confirmation page after submitting the form, but I get no email. My ISP PHP FAQ says this about PHP mail (It’s from 2005, so likely things have changed):

    Due to the way email works in PHP for Windows, you must use ini_set() to set the From: address correctly or else it will send out email using From: php@localhost and most mail servers will reject that immediately. To set the From: using ini_set(), you would do something like ini_set(‘sendmail_from’, ‘’); before you try to use mail().

    I know next to nothing about PHP, so any suggestions before I submit a ticket to my ISP would be helpful. I also replaced the $form_location… line with

    $form_location= “”;

    to avoid the referrer mismatch error. The form link is


  44. Mike responds:
    Posted: May 27th, 2007 at 12:11 pm

    Thanks, no trouble. However, this isn’t working either. So, looks like I’ll have to contact my ISP. I also commented out the line

    mail(”$gb_email_address”, “[$gb_website_name] Contact from $name”, $gb_content, $gb_email_header);

    because there was an error message (below) and I thought the ini_set lines and the mail($gb_email…) lines were trying to do the same thing

    PHP Warning: mail(): Failed to connect to mailserver at “” port 25, verify your “SMTP” and “smtp_port” setting in php.ini or use ini_set() in D:\Webserver\\www\gbcf_form.php on line 227

    I don’t have access to php.ini on my server. Removing the mail(”$gb_emailaddress….) line removed the PHP Warning message, resulted in a Success! message, but still no returned form.

  45. Wilbur responds:
    Posted: May 28th, 2007 at 10:09 am

    Excellent script! Thank you for sharing!


  46. Mike responds:
    Posted: May 28th, 2007 at 1:54 pm

    Thanks, Mike. Got the script running via specific server info from my ISP. A couple more questions:

    1. I would like the “From” line to read the sender’s email address not mine. Can this be done in the line:


    to replace the “” with the email placeholder to return the sender’s email from the form?

    2. The random question feature doesn’t seem to be working. Is there a switch I need to turn on to make that active?

    Thank you!

  47. Mike responds:
    Posted: May 29th, 2007 at 10:38 am

    Mike, ok that makes sense. Also, on the “random” question (says so in the comments section) I re-read the comment and now understand that it is not *random*, but that there are miscellaneous questions from which to select as the “question of the day”. Now I just need to match the form to my website. Thanks for the script!

  48. Mike responds:
    Posted: May 29th, 2007 at 10:44 am

    One other thing. The title on the contact form page is “Contact Form2″ instead of “Contact Form”. I cannot locate where the “2″ is coming from. It doesn’t show in the form code where “Contact Form” is listed or in the config.php

    class=”main_formhead”> Contact Form

    Any thoughts?

  49. Mike responds:
    Posted: May 29th, 2007 at 8:05 pm


    That fixed it. Thanks! No more questions, I think I’m good to go. Thanks for your help.

  50. Dan responds:
    Posted: June 18th, 2007 at 7:44 am

    Thanks for the fantastic Contact Form and updates, they work a treat. I’ve been using it for a few months now and haven’t had one piece of Spam (touch wood).

    I’ve recently implemented some Mod Rewrite rules, and the form returned a SpamTrap Error 1.
    Thanks very much for updating your code, it made it an effortless transition

    // Comment out the existing string by placing two forward slashes in front of it
    // $form_location= “http://”.$_SERVER[’HTTP_HOST’].”".@$_SERVER[’REQUEST_URI’].”";
    // If you have Apache mod_rewrite rules in effect, it will look something like this:
    $form_location= “”;

    Many thanks


  51. Dan responds:
    Posted: June 18th, 2007 at 10:17 am

    Certainly did, I was expecting to have to rip apart the code, but on my first search found this page and the explanation… some days are just grand; thanks again for the great script and hard work. Dan :)

  52. James responds:
    Posted: June 21st, 2007 at 2:16 am

    My host does not allow the mail() function. Can anyone help me how i can specific an SMTP server and username + password? I looked at the above comments and tried adding the ini set stuff but i’m still not having any joy.

    Anyone got any tips?

  53. Colin responds:
    Posted: June 28th, 2007 at 4:07 am

    Great job Mike. Thought I might suggest a little addition to auto-randomize your Q&A section (RANDOM QUESTIONS CONFIG PART 3 of 8) . If anyone has a more efficient methodology feel welcome to add your thoughts.

    // little function to shuffle and slice associative array
    function ass_array_shuffle ($array) {
    while (count($array) > 0) {
    $val = array_rand($array);
    $new_arr[$val] = $array[$val];
    return array_slice($new_arr, 0, 1);

    // question/answer array
    $questions = array(
    ‘Is fire hot or cold?’ => ‘hot’,
    ‘What color is the sky?’ => ‘blue’,
    ‘What color is grass?’ => ‘green’,
    ‘Two plus two equals?’ => ‘four’,
    ‘What color is mars?’ => ‘red’,
    ‘Spell SPAM backwards’ => ‘maps’,
    ‘Is water wet or dry?’ => ‘wet’,
    ‘Monkeys eat what?’ => ‘bananas’,
    ‘Anteaters eat what?’ => ‘ants’,
    ‘Spell team backwards’ => ‘meat’,
    ‘Spell smart backwards’ => ‘trams’,

    // shuffle and slice $questions to get a single question
    $question = ass_array_shuffle($questions);

    // set variable for question and answer
    $gb_randomq = array_shift(array_keys($question));
    $gb_randoma = array_shift(array_values($question));

    Thanks again Mike

  54. Colin responds:
    Posted: June 28th, 2007 at 8:12 am

    Hi Mike,
    My bad. You are right of course. It did fail. If I can think of a way, without a session, I’ll let you know.

  55. griter responds:
    Posted: June 28th, 2007 at 8:02 pm

    Probably it’s a kind of stupid question - but why Enter doesn’t work in textarea? It’s a bit annoying when you wanna break the line and nothing happens… Anyway - nice piece of code!

  56. griter responds:
    Posted: June 28th, 2007 at 8:23 pm

    It’s a bit strange - now everything works perfect… I’m using Fireofx 2.0 - when I posted here the Enter really didn’t work. Then I’ve closed FF and opened it again - the Enter worked fine…

    Sorry for the mess - I’m confused a bit, so please delete my first post. Thanks!

  57. Darryl responds:
    Posted: July 6th, 2007 at 12:25 am

    Hi Mike,

    I just installed this on a new site…It’s truly awesome….BUT, (and it’s a biggie), it works flawlessly in Firefox - mail is sent/recieved etc. But I cannot for the life of me get it to display in an IE browser…at all!

    Any thoughts?


  58. Darryl responds:
    Posted: July 6th, 2007 at 1:11 am I must be missing the smallest thing!!


  59. Darryl responds:
    Posted: July 6th, 2007 at 1:40 am

    Holy shit!! lol See what ya get when a network admin ventures off his beaten path!?!?!?! I’ll have a look …thanks.

    Feel free to remove that link from here if you’d like.

    I’ll report back once I apply band-aids!

    Thanks Mike.

  60. griter responds:
    Posted: July 10th, 2007 at 7:16 pm

    Is it possible to add another field (input type=”file”) to your form so as to make e-mail attachement? If yes, then how it should be done properly? Thanks in advance!

  61. 10 Essential Plug-ins for WordPress Version 2.1 - PHP Contact Form | responds:
    Posted: July 12th, 2007 at 9:42 am

    […] This is the seventh post in our series detailing essential plug-ins for WordPress version 2.1. Today we will be discussing "PHP Contact Form" plug-in, which can be downloaded here. […]

  62. Steph responds:
    Posted: August 11th, 2007 at 11:50 pm

    I love your contact form script. I just used on a clients website now and it’s unbelievable - I’m now going to be using it all my sites :)

  63. Lee Sai Fon responds:
    Posted: August 15th, 2007 at 5:13 pm

    This is really cool but I have one question - if a data input error occurs, why do you explain it on a new page and force the user to click their back button and recall the error or errors they made in order to correct them. Why not deliver the error details above the form itself? This is what most forms on the web do?

  64. Nathan responds:
    Posted: August 17th, 2007 at 1:52 am

    Great form…quick question…

    Do you see any way to implement this into a Joomla powered site…

    I created a mysiteform folder with your files in it then pasted the java and php lines into a content page but it is not working…

    Any thoughts would be appreciated.


  65. Rose responds:
    Posted: August 22nd, 2007 at 6:55 pm

    hi mike, thanks for this script, it is definitely very accessible!
    i have had no trouble embedding it in my site, and styling it to suit.
    I am wondering if there is a way to make the form submit to my specified email address from the enquirers email address. At the moment i am getting emails from myself, what i would like to have happen is receive the emails from my clients so that i can hit reply and their email address is automatically in the ‘to:’ field, so that it retains the information they submited and i dont have to keep cutting and pasteing.


  66. Grizzly responds:
    Posted: August 26th, 2007 at 11:52 am


    Got to say this is a fantastic script, I have little to no knowledge of CSS or PHP and this script installed a treat. The only big issue I seem to have is the carbon copy function, running a number of tests before the contact form goes live on my site I don’t seem to be getting a copy of the email to the creators email address even though the tick box is propagated on the form.

    any ideas would be much appreciated.


  67. Rose responds:
    Posted: August 28th, 2007 at 7:03 pm

    Hi mike,
    i can see where you’ve put the “reply-to” programming, and i can see that it should work. but ive tried several tests, with different email addresses. And when i hit “reply” its still my own email that fills in that field. Ive tried it with a couple of different email hosts including Gmail and a local NZ web provider, but niether work like they should… im not sure what else to do

  68. Rose responds:
    Posted: August 30th, 2007 at 7:17 pm

    wicked! the first time i tried i was using the same address as submitter and i thought all was sweet… silly me. then i was using two different addresses.
    anyways, taking out the “from” part in the email header section of the config file makes it work. now i am getting an email from the actual hosting server,and it replies to the enquirer. YaY!!
    just a question though, what happens if the server is down?

  69. Steel Froggy responds:
    Posted: September 8th, 2007 at 12:08 pm

    This is perfect, exactly what I’ve been looking for.

    The only other thing is you should make it (if possible) so you can only send 1 mail per IP, per day.

    That way my limited amount of mails I can send won’t be wasted by somebody who thinks they’re funny…

    Let me know about this, asap.

  70. Steel Froggy responds:
    Posted: September 8th, 2007 at 12:09 pm

    Oh, Thanks. :)

  71. Adnan responds:
    Posted: September 9th, 2007 at 6:10 pm

    Hello, thank you very much for script…really well done job. I have a question…i put my page on server, and add your script to it. It says that mail is sent, but i dont get anything on mail that i put in config file. I put my hotmail mail. Do i need to put some smtp infotmations somwhere, or soething else..i just put my adress in config file and
    $form_location= “”;
    please answer as soon as possible…i am in troubel:)

  72. Adnan responds:
    Posted: September 9th, 2007 at 6:43 pm

    ok i will contact them tomorrow..thank you on fast replay! Greeting from Sarajevo

  73. Adnan responds:
    Posted: September 9th, 2007 at 6:49 pm

    i have informations i needed i saw that u suggested to put few line of codes in gbfc config
    ini_set(”sendmail_from”,””) to avoid php.ini customization. (i would like to do this because support of my hosting is not so kind:))
    so is this reliable, and in this “sendmail_from, i put mail where i will receive all comments….

  74. Adnan responds:
    Posted: September 9th, 2007 at 7:43 pm

    Unfortunately i get this :
    “Referrer Missing or Mismatch: It looks like you’re trying to post remotely or you have blocked referrers on your user agent or browser. Using your “Back” button, please go back and try again or use our regular email, [email removed], to circumvent Referrer Mismatch.

    Attention Site Admin: Be sure to double check the last section in the form’s configuration file and edit accordingly. If “Form Location” is manually entered, make sure it matches the page URL exactly — as seen on your browser’s address bar. A misconfigured URL is typically the cause of this error. “..sorry for being boring…

  75. responds:
    Posted: September 14th, 2007 at 1:58 am

    I am using WP 2.2.3 here and I installed your plugin. Whenever I try to reach configuration page, it shows an error:

    Fatal error: Cannot access empty property in //wp-includes/functions.php on line 283

  76. Layla responds:
    Posted: September 16th, 2007 at 12:39 pm

    Hi Mike,

    I’m a total PHP newbie, and have never installed a script until today. I love the form and your instructions are brilliant.

    I’ve been playing around with the code and have two questions:

    1) I didn’t want the heading at the top, so i’ve deleted it. But I now have the heading size number showing up in place of that heading. What do I do to rectify this?

    2) I attemped to change the colours (borders, text). I had some success when I changed some things to either black or white using the .css file. My main problem came when I wanted to change some things to differnt colours. My question is, does php coding or .css files use different colour codes to html? The html colour codes I tried to use did not work.

    LOL, don’t know if that sounds like I’m having a ‘blonde moment’ to any of you techies, but I am a newbie, and am pretty stoked that I actually installed the script and it worked, all on my very first go! : )

    Thanks in advance for your help!

  77. Russ responds:
    Posted: September 18th, 2007 at 3:30 pm

    Hello Mike,

    Great PHP form. I looked around for a good form script and yours was the nicest looking form and the easiest to install and modify. However, I am having one small problem I’ve been unable to fix. And after spending half a day trying to correct the problem, I’m giving up. I’m not really a code guy. While the form displays beautifully, the error and success pages don’t space properly between lines. Everything, except for the result title, is single spaced–giving it a rather crammed together look. I imagine it’s a css problem (my css I’m sure), but one I’ve been unable to identify. I’ve not incorporated the form yet into my website, but I’ve created a practice page to work with it. Here it is:

    If you could give it a quick look, I’d certainly appreciate it. Thanks

    Befuddled and frustrated,

    Russ Melrose

  78. Russ responds:
    Posted: September 18th, 2007 at 5:26 pm

    Thank you Mike,

    That worked perfectly and is exactly what I was trying to accomplish. Again, great script.


  79. Sam responds:
    Posted: September 26th, 2007 at 6:12 am

    After upgrading to WordPress 2.3 I see the following error:
    Fatal error: Cannot access empty property in /[real server path]/wp-includes/functions.php on line 255

    Any ideas?

  80. Sam responds:
    Posted: September 26th, 2007 at 8:38 am

    Thanks Mike, that was very helpful: I ended up cleaning out (drop) all the old ‘utw’ records in wp_options. Soon as I finished, I could hear a symphony playing as a monkey swung a femur bone around like a club (and your plugin worked again ;’).

  81. Susan responds:
    Posted: October 16th, 2007 at 9:05 am


    I’ve heard great things about this contact form, but I’ve never taken the time to actually install and use. I’ve just done so today, and I’m so glad I did! Excellent work!!

    I do have one question. Is it possible for me to easily create another form with custom fields using this script? For example, I have the default contact form installed on my contact page, but now I’d like to create a new form for potential clients to fill in when requesting a quote and I need the form to ask for various other information from them.


  82. Susan responds:
    Posted: October 16th, 2007 at 10:14 am

    Okay, thanks so much for your reply. I will reconsider and probably just use the one contact form for all my needs.

    I am so happy with this form. I’ve been dealing with lots of spam recently and it was high time to make the change.

  83. Secure and Accessible PHP Contact Form « Security News responds:
    Posted: October 17th, 2007 at 7:54 am

    […] read more | digg story […]

  84. Tom responds:
    Posted: October 22nd, 2007 at 6:58 pm

    Hi Mike,

    I installed your form and it works when going to the contact page from another blog page. The issue I am having is that I am also wanting to use the same form on a static home page which is the first page that users come into.

    I get the referrers are blocked whoops error when trying to use it on another page, but it works fine if I nav through to the contact page.

    I can get the form to display fine on any other page using the same block that I put into the contact page, I just can’t get it to accept the form. I tried it on a number of pages other than the static and it does the same thing.

    Is there anything I can do to indicate referrers somehow within the php code for these pages so the form would work on them too?


  85. roger myles responds:
    Posted: October 27th, 2007 at 7:36 am

    Looking for an accessible and secure form and this seems ideal. BUT not a php coder. I have a site where the page I want to include this form on has a SHTML extension. How do I configure the system to get PHP and SHTML together.

  86. Mike responds:
    Posted: November 7th, 2007 at 6:10 pm


    I am not a coder, so please forgive my ignorance. I want to use your script, but I got caught up when the instructions called for:

    1. “…using a php include function….” What I did was to copy example 1 below the body tag. It put a little php marker on the page.

    2. “…using a javascript link within the head….” This ended my attempt to add your script. I found an editable spot within the head and pasted example 2. However, the page to which I tried to add this code gave me an error message telling me that this would require a change to the template and that changes would be discarded.

    Is my ignorance worth your time to respond?

    It’s the best looking contact us form I’ve seen. I hope I’m able to use it.


  87. Mike responds:
    Posted: November 8th, 2007 at 10:21 am

    For some reason I’m getting only the text “<!--gb_contact_form-->” to appear in the form using WP 2.3. Everything is set correctly as is the page URL. I used both permalinks and without them. Anyone else have this problem? Looks like PHP / WP is not recognizing the tag.

  88. Mohammed responds:
    Posted: November 9th, 2007 at 10:19 am

    Hello! This is just an awesome script. I like it very much.
    I saw the “multiple email addresses” above, and was wondering: is it possible to choose to send messages to separate addresses? Thanks a lot.

  89. Hugues responds:
    Posted: November 12th, 2007 at 10:35 am

    Before all, thanks for sharing this awesome form!
    I’m currently integrating it to my new Website and while I was doing tests on browsers compatibility, I’ve noticed that Safari (Windows) users can’t enter text in the last 2 fields, i.e. message and antispam (there’s no problem with previous fields).

    It’s a minor problem, but I wanted to let you know…

  90. Hugues responds:
    Posted: November 12th, 2007 at 10:40 am

    To be more precise, in Safari, after having chosen a reason for the message, I can’t access the message box with a mouse click, but I have to use the TAB key… Seems that the focus stays on the reason list if I don’t use the TAB key.

  91. dejavu news » Blog Archive » Secure and Accessible PHP Contact Form responds:
    Posted: November 13th, 2007 at 1:30 pm

    […] Decent security and high accessibility married and rolled into one PHP contact form. I did this more out of need than want, because cotact form spammers, like comment spammers waste my time. It’s free for you to use if you share this more | digg story […]

  92. Thomas responds:
    Posted: November 16th, 2007 at 9:27 am


    i have the Secure and Accessible PHP Contact Form v.2.0 in use on a webserver, it works very good but i have a problem with (Check this box if you want a carbon copy of this email.). I don´t become a copy of the mail. Please help me


  93. Sharon responds:
    Posted: November 19th, 2007 at 9:51 pm


    I am working on modifying this to read the questions and answers from a database, so that I can use a number of different questions to keep those spammer robots confused. I also am not a php guru, more like a newbie. I am having no difficulty reading the database and build randomq and randoma and keeping them static. I can echo them out all over the place, and they are fine; but the minute I click on the Submit button, I get an error message that shows another random question (no particular order to it). Would you know what part of the form.php code would rebuild randoma and randomq? I am not finding it. If you email me, I will send you the link so you can see what I mean.

    Take Care, Sharon

  94. Vini responds:
    Posted: November 21st, 2007 at 8:31 am

    Im having problems getting the form to work on my domain,

    I’ve modified the form to my liking, and also tried an original virgin copy of the script, both give the same error. Any ideas?

  95. Alan responds:
    Posted: November 23rd, 2007 at 5:53 am

    Hey great work Mike! Keep it up. Just got a question though, how do I change the font size of the anti-spam question? That is “echo('’.$gb_randomq.'’);”

  96. Alan responds:
    Posted: November 23rd, 2007 at 5:57 am

    Nevermind I got it

  97. Sharon responds:
    Posted: November 23rd, 2007 at 11:50 pm

    Mike, Have you tried an array of questions and then assigned a random set to $gb_randomq and $gb_randoma?

    Thanks and take care, Sharon

  98. Sarah responds:
    Posted: November 27th, 2007 at 1:15 pm

    There is a small error in the stylesheet, on line 77:

    input.short:hover, input.short:hover,

    should read

    input.short:hover, input.short:focus,

  99. michael responds:
    Posted: November 30th, 2007 at 12:46 am

    i’ve been using your form on about 4 or 5 sites for a while and it’s really great.

    i’ve tried adding a filed such as ’subject’ and using _GET to try to pass the subject from the referring page.

    of course i get spam trap 1 error. so the question is, is there a way i can drop the whole referrer checking or a way to add the the url after the “?” to the referrer. (you know ) with regex or is there a php way to do this?

  100. michael responds:
    Posted: November 30th, 2007 at 5:34 am

    hey thanks for the quick reply, i can’t ‘pick a reason’ from a predefined list as the idea was to have people to click on product links and have that product name passed to the form. now i could populate that reason list from the database, but the client proposed that he would have around 1000 products at some point. so my array of reasons would be too big :D

    um now maybe i need to download this again, but i have version 2.0 and i don’t have anything near 1200 lines long

    maybe i’ll start over from scratch for this client as i think i’ve modded this quite a bit already


  101. michael responds:
    Posted: November 30th, 2007 at 5:31 pm

    well i was just trying <a href="contact.php?regarding=$product_description">product questions</a> where contact.php has your form on it and then in gbcf_form.php just adding a $regarding = $_GET['regarding']; at the top and then in a new form field

    anyway i’m still playing around with it, but with a variable in the url it doesn’t work

    i’ll take another look at commenting out the trap1 (but i’m not exactly which lines to comment out), but what i’ve tried so far has thrown other errors at me. i’m not going to ask you to work on anything special for me, but if there’s a simple solution you could post that’s great. otherwise i’ll probably just write myself a less secure form myself from scratch :D

    thanks again

  102. michael responds:
    Posted: November 30th, 2007 at 11:33 pm

    well yes or no i was thinking in php and forgot my \’s, how about thisecho "<a>product questions</a>";


    my above comment dropped some of my code, but it doesn’t matter you got the idea.

    in the end my url looks like

    here’s what i get if i comment out the trap 1 lines
    Form ID Value Mismatch: The submitted ID does not match registered ID of this form which means you’re trying to post remotely so this mean you must be a spambot. Go away

    so i comment that out and get
    referrer missing or mismatch: it looks like you’re trying to post remotely or you have blocked referrers on your user agent or browser. using your “back” button, please go back and try again

    then i comment that bit out and it works

    any reason (other than the obvious lessening of security) not to do this ?

  103. michael responds:
    Posted: November 30th, 2007 at 11:33 pm

    more code got stripped above :(

  104. Wordpress PHP Contact Form v.2.0 error resolved - - My Investing Blog responds:
    Posted: December 2nd, 2007 at 7:05 pm

    […] Wordpress PHP Contact Form v.2.0 error resolved - Add Completely unrelated to my blog (aside from the fact I use the “contact” form -  but I figured I’d toss it out because I did some searching Google that a couple people posted concerning this error and my answer wasn’t in there - […]

  105. SWiz responds:
    Posted: December 4th, 2007 at 6:15 pm

    Hi Mike,

    I have tried to find some info about this errormessage.

    Referrer Missing or Mismatch: It looks like you’re trying to post remotely or you have blocked referrers on your user agent or browser. Using your “Back” button, please go back and try again or use our regular email,, to circumvent Referrer Mismatch.

    What to do?

    Best / SWiz

  106. SWiz responds:
    Posted: December 4th, 2007 at 6:30 pm

    Hi again Mike,

    I just found out what was wrong.
    Had change from a windows-sever to a unix, without updating your script.

    Best / SWiz

  107. gofree responds:
    Posted: December 5th, 2007 at 2:16 pm

    No, how hard i tried I still got this while testing:

    Results: Whoops! Error Made!

    Referrer Missing or Mismatch: It looks like you’re trying to post remotely or you have blocked referrers on your user agent or browser. Using your “Back” button, please go back and try again or use our regular email, [email removed], to circumvent Referrer Mismatch.

    please email me.

  108. Gunnar responds:
    Posted: December 9th, 2007 at 3:22 pm

    Thank you for sharing this plug-in. It’s so nice to not wake up with 20 spam comments in moderation any more. One minor issue: I’m using the k2 theme ( and I have to turn off its nifty AJAX Live Commenting feature because if the user types in the wrong spam answer, hitting the back button goes back to the page they were on before the post page (usually the blog’s main page) and they lose their comment draft. I just discovered that the “awaiting moderation” message to the user doesn’t appear with the AJAX thing turned off (which seems to be a bug with k2), so I’m faced with a choice between two annoyances for the user. Any thoughts? Thanks, Gunnar

  109. Noam Eppel responds:
    Posted: December 9th, 2007 at 3:22 pm

    Hello Mike,

    Great script.

    My sendmail configuration was specifying a Return Path on all emails of To specify a Return path I made the following modifications to gbcf_form.php v.2.0:

    Line 106: // Email header
    Line 107: $gb_return_path = “-f” . $gb_email_address;
    Line 108: $gb_email_header = “From: $gb_email_address\n”.”Reply-To: $email\n”.”MIME-Version: 1.0\n”.”Content-type: text/plain; charset=\”utf-8\”\n”.”Content-transfer-encoding: quoted-printable\n\n”;

    Line 221: mail(”$gb_email_address”, “[$gb_website_name] Contact from $name”, $gb_content, $gb_email_header, $gb_return_path);

    The Return Path is now set to the From address.

  110. Gunnar responds:
    Posted: December 9th, 2007 at 3:50 pm

    @Mike Cherim: Woops. I really should go eat breakfast, my brain must be low on sugar. That comment should have gone to Mike Jolley’s site for wp-comment-spam-stopper. Now that I’m here, there is a similar problem with the back button on the PHP Contact Form, using k2 and Safari 3.0.4 on Mac. If the spam question isn’t answered, or if the answer is wrong, it says to hit the back button. If I do, it shows the same contents again. If I hit it again, it goes back to the blog main page. However, I can go forward and get to the form as it was before submitting the message.

    An aside: I was surprised during this testing that my real email address gets exposed, as a commenter mentioned above. I’ll be ripping that out as soon as I figure out how. ;) The whole point of the contact form for me was to avoid revealing my email address.

  111. Gunnar responds:
    Posted: December 10th, 2007 at 3:59 pm

    @Mike Cherim Thanks for the reply. I was surprised Safari 3.0 didn’t fix that problem. Oh well. Thanks for working on it for the next release.

    RE: Exposing the email address. I saw the discussion earlier about bots not tripping it, so that is reassuring. But I still don’t want to expose my real email address even to humans unless I really want to. It’s very nice for the user how you err on the side of letting them contact you no matter what; I get why you designed it that way. Once someone has abused having your email address you become less generous in that regard. Ideally this would be a user configurable option.

    Just a suggestion for a future version. It’s still a great plug-in. I’ll dig through the guts and see if I can comment out the relevant parts.

  112. Jasco responds:
    Posted: December 14th, 2007 at 10:41 pm

    I’m a complete n00b at this. I currently have no form on my site, but I want to put one there. My contact page is named contact.html. I notice in the instructions (yes, I’m reading them) that I need to place this code in a php page file. I’m not using php files, but html files. How can I make this work inside an html file?

    Thank you.

  113. Michael Erb responds:
    Posted: December 16th, 2007 at 2:36 am

    Hi, thank you for such a fantastic script! I hope I can get it working but right now I’m having some problems. I use CMSmadesimple ( on my CMSmadesimple site.

    I followed your install directions and created a directory “form_files_directory” I then placed the three files in there including the css file. In CMSmadesimple, I created a user defined tag titled “contactForm” to contain the php code (you call the php code to pages via a global content block using a smarty tag {contactForm} )

    When I went to the actual contact page on the site, the form was displayed just fine. I filled it out in a valid fashion and submitted it. I did not get any confirmation message of any sort and was delivered to the home page of my site. I did notice that the URL had a “#results” appended to it however. I never got the emails either. To the best of my knowledge I put in the correct values in the config file.

    So any ideas why this isn’t working for me in my CMSmadesimple installation?

  114. Carey responds:
    Posted: December 17th, 2007 at 2:50 am

    Great plug-in guys,
    Worked a charm - except for my mistake with the Wordpress maning conventions.. But the amazing thing is - when I sent a note for help and support, I got feedback and a solution right away..that is incredible!!! I have not had this kind of service from “paid-for” software; let alone with free software…. you definitely get a donation from us.

    Best secure contact plug-in for Wordpress

  115. Michael Erb responds:
    Posted: December 17th, 2007 at 12:59 pm


    Your suggestion works. Brilliant! I never would have deduced the solution so thank you very much. I plan to tell the CMSMS community about your fantastic form script. It’s hands-down the best script out there for forms that I’ve seen!

  116. Michael Erb responds:
    Posted: December 17th, 2007 at 1:35 pm

    I’m now having a bit of a formatting issue. When I look at your demo form, it looks great.
    But when I look at my just installed form, the formatting is all squished together.
    I’ve put the css path into the contact form page so I’m not sure why this is happening. Is it possible that another css style is overriding your css or what?

  117. Michael Erb responds:
    Posted: December 17th, 2007 at 1:40 pm

    Yes, I see that the css for the template page is overriding your css. So how exactly do I allow the css for the CMSMS temlate to still work and at the same time include the css for the form? I’ve tried adding it at the bottom of the original template css file and it does the same thing.

  118. Michael Erb responds:
    Posted: December 17th, 2007 at 2:27 pm

    Mike, I’m pretty green when it comes to CSS. Are you saying that I need to go into the gbcf_styles.css file to add these padding values to the form elements? What padding and margin value would you suggest? How many instances of this change would I have to make?

    Sorry for all the questions, but I’m sure you can do this stuff blindfolded, with your hands tied behind your back while being asleep, whereas I can barely spell my name :-)

  119. Michael Erb responds:
    Posted: December 17th, 2007 at 2:39 pm

    Mike, I’ve gone into the gbcf_styles.css file and made numerous changes just to see the result and absolutely nothing happens. It’s as if the stylesheet were being ignored completely. I guess I’ll have to figure out why this is happening.

  120. Michael Erb responds:
    Posted: December 17th, 2007 at 4:47 pm

    Mike, I think I’ve got things ironed out for the most part. I appreciate your help.

    I’m wondering about the feature whereby when the anti-spam question is answered incorrectly, it shows an error screen that offers my email address for the person to request assistance. Can this be turned off? It seems to me that this totally defeats the purpose of using a contact form in the first place, if ultimately my email address -is- shown and available for abuse by whoever is seeing it. Maybe I’m missing something?

  121. Michael Erb responds:
    Posted: December 17th, 2007 at 4:58 pm

    Mike, I think I’ve answered my own question. I just went into the gbcf_form.php and deleted the part that contained my email address and the appropriate text that mentioned emailing for support. Maybe that wasn’t the best way to do it, but it works for me.

  122. Michael Erb responds:
    Posted: December 17th, 2007 at 6:47 pm

    Mike, I gave your form a nice plug in the CMSMS forums…

  123. don-got-no-avitar responds:
    Posted: December 21st, 2007 at 2:56 am

    First, THANKS for creating this form. I have just (minutes ago) installed it and am ready to start testing prior to hacking.

    First attempt didnt work… coulsn’t see the form:
    Your “Readme” says:
    5. Using the PHP include function, include the file gbcf_form.php
    in any *.php page file where you want it to be. It must be
    below the tag and preferably below the main heading.
    I recommend placing it in the main content area.
    See Example 1, below.
    Example 1

    BUT, I had to use the following in my html:

    (my .htaccess calls for XBitHack on)

    Should you add: “include virtual” as an option in your readme… or did I miss an important comment elsewhere?


  124. don-got-no-avitar responds:
    Posted: December 21st, 2007 at 3:00 am

    sorry for my typos and also not stating that I inserted your form into a HTML page file NOT php. Maybe that’s why the problem. Will the form function properly from within a html page?

  125. don-got-no-avitar responds:
    Posted: December 21st, 2007 at 4:48 pm

    Hi Mike;

    Fighting the “Spam Trap 1″ error. Tried your fix; no joy.

    Here is the only place where I found the term “$form_location”:
    line 116 (in my editor) says:
    // Modify referrer to counter bogus www/no.www mismatch errors
    $form_location = strtolower(trim(rtrim(str_replace(array(”http”, “www”, “&”, “/”, “#”, “\\”, “:”, “%”, “|”, “^”, “;”, “@”, “?”, “+”, “$”, “.”, “~”, “-”, “=”, “_”, ” “,), ‘’, $form_location))));

    $form_location = “”;

    I read the comment about changes for a v3; but wonder if you could publish a method to REMOVE the “Spam Trap 1″ feature.

    the no-avitar guy

  126. don-got-no-avitar responds:
    Posted: December 21st, 2007 at 6:16 pm

    Thanks, Mike;
    Interesting… it worked… I guess I need RTFM lessons (as in reading for “understanding”).

  127. Nick responds:
    Posted: January 12th, 2008 at 12:23 pm

    hi mike,

    I’m using an aol email address and aol requires smtp auth. I don’t see smtp auth in config. please help!

  128. Nick responds:
    Posted: January 14th, 2008 at 4:18 pm

    somehow it works now.


  129. ryan responds:
    Posted: February 6th, 2008 at 5:55 am

    Cant get it to work, its says i have populated a spam field (I didnt)

    I have change the for location to the exatact address (i.e the url in the add bar) ! Still no success !

    Any tips ? ta.

  130. alexandru singeorsanu responds:
    Posted: February 15th, 2008 at 5:50 am

    Hello Mike!

    It looks like you’re trying to post remotely or you have blocked referrers on your user agent or browser. Using your “Back” button, please go back and try again or use my regular email, [email removed], to circumvent Referrer Mismatch.

    I am receiving this message when using Firefox but not in IE6….
    At the same time it happens only on my pc.

    Do you know what the problem might be? In the configuration section of Wordpress the site address is set as


  131. Seamus responds:
    Posted: March 3rd, 2008 at 1:18 pm

    Hi Mike

    I too seem to have this issue with blocked refferer, etc….

    I’ve tested on FF, IE7 and Safari - and they give the result. I can’t seem to find the setting to turn “referer logging” on in any of the browsers listed above. I must be blind to something that I’m sure you are going to tell me is obvious - well I hope.

    Thanks for all the great work.

  132. Hi Mike responds:
    Posted: March 3rd, 2008 at 6:12 pm

    Thanks that did the trick!

    FYI I’ve really looked hard for those browser settingson ie7 and FF and to no avail. If anybody out there knows where they are please post and let us know.

  133. Mark Golledge responds:
    Posted: April 16th, 2008 at 10:54 am


    I’m having problems with the contact form (v2.0). I’ve integrated it into Wordpress fine and users can successfully submit a question using the contact form. However, I don’t get anything delivered to my email. I haven’t changed anything on php.ini - do I need to do so?

    My email address has been setup using my DNS Registry (123 Reg). This directs to my Googlemail account (I can still send using my non-Googlemail email address).

    If I am to edit my php.ini file which settings do I need to include?


  134. African Safari responds:
    Posted: April 26th, 2008 at 3:50 am

    Hi Mike,

    Thanks so much for the support you as providing the users of you script.

    This question was asked by someone eariler but they asked you to email them so there is no trace of how to fix the error. i’m getting this error

    Results: Whoops! Error Made!

    Referrer Missing or Mismatch: It looks like you’re trying to post remotely or you have blocked referrers on your user agent or browser. Using your “Back” button, please go back and try again or use our regular email, [email removed], to circumvent Referrer Mismatch.

    How do i solve it? my contact form is “on our promise to you” page.

    Please answer it here so it may help others too.

  135. Dan responds:
    Posted: May 22nd, 2008 at 10:26 am

    Hi Mike,
    I have installed version 3 of this fantastic script and it is working great. I would however like to remove a few fields - namely address, city/town, state/province and zip/postal code. I would also like to make the message field optional (sounds strange I know, but hey).
    I can’t seem to find anywhere that describes either of these things. Is this because it is only available as a paid-for service?


  136. Dan responds:
    Posted: May 22nd, 2008 at 12:04 pm

    Oh, how strange - I am not entirely sure how it is that I ended up in the v2 section. I’m sorry about that.
    Anyway, back to the issue at hand. I have studied the instructions from start to finish and I have already removed company/organisation, website and the optional select menu, as shown below:

    $get_org = “no”; // Or “no”

    $get_phone = “yes”; // Or “no”

    $get_website = “no”; // Or “no”

    $get_address = “yes”; // Or “no”

    $get_optmenu = “no”; // Or “no”

    But I can’t for the life of me see anywhere to remove the fields that I listed in the previous post and removing the subject menu from the CONFIG file manually results in a blank page showing where the form should be.

    Thank you for the lightning fast reply by the way.


  137. Dan responds:
    Posted: May 22nd, 2008 at 1:14 pm

    OK great, I’ve done that. I don’t know why I didn’t do it before actually.
    The form is now showing after removing the subject code from CONFIG, but the subject field is still showing…only there are no subjects in the menu, which is good in a way, as I don’t want any subjects. But I also don’t want an empty menu there.
    Thanks again,

  138. James S. Huggins responds:
    Posted: June 6th, 2008 at 9:35 pm

    I visited this page some time ago and used your great insights in trying to improve my small project … a parameter driven script to process some forms. My acknowledgments page at references your great contribution. I also include this acknowledgment in the manual. And, I just update the acknowledgement to reference your “recent” post at Thank you again.

    James S. Huggins

  139. daan responds:
    Posted: December 11th, 2008 at 10:48 am

    My contact form ist working :(

    This is the error:
    Referrer Missing or Mismatch: It looks like you’re trying to post remotely or you have blocked referrers on your user agent or browser. Using your “Back” button, please go back and try again or use my regular email

    What can i do??
    Someone please?

  140. daan responds:
    Posted: December 11th, 2008 at 12:32 pm

    Hey Mike,
    Thanks for your rapid reply,

    I have another quenstion for you now that my form works..
    I have quickshop also integrated in my form, and if you send the form you get confirmation about which data you have send.
    The message someone send comes up very nicely, but how can i add the “shop” part to that?
    So i want beneath the “message” part another part between blockquotes where people can see again what they have ordered…

    Can you tell my how i can do that?

    Starting from Line 1286 - 1289 of WP-GBCF V. 2.0 (wp-gbcf_form.php):


    // Add quickshop integration by adding the cart info into the text area.

    if ($_SESSION[’qscart’] && is_array($_SESSION[’qscart’]))
    $forms .= (’I would like to order the following items:
    foreach ($_SESSION[’qscart’] as $item)
    $forms .= (”".$item[’name’].” - Price: $”.$item[’price’].” - Quantity: “.$item[’quantity’].”



  141. Vivek Thomas responds:
    Posted: January 2nd, 2009 at 12:45 am


    When I submit the form, I get the error
    “Results: Whoops! Error Made!

    Anti-Spam Trap 1 Field Populated: You populated a spam trap anti-spam input so you must be a spambot. Go away!”

    I tried editing $form_location variable but still it doesnt work. What could be the reason?

  142. Jonathan Ackerman responds:
    Posted: January 19th, 2009 at 6:23 am

    HI Mike,

    Thanks a lot for the contact form, it is truly great and a life saver.

    I just installed it and I am having some issues which I don’t understand. After installing the form everything is working just fine. I had an issue with the form_location but I took care of that. At the moment the form is sending the emails to the mailserver running on the local machine, is there a way for me to have the form send to a gmail address?


Sorry. Comments are closed.

Note: This is the end of the usable page. The image(s) below are preloaded for performance only.