Send a link to a friend

Creating a script that sends a link to a friend is basically an adaptation of a standard email form and processing script. All it involves is creating a link to a form where you gather the email addresses of the sender and friend, and use the $_SERVER['HTTP_REFERER'] superglobal variable to obtain the address of the page that's being recommended. However, it's important to validate the email addresses to prevent the form from being turned into a spam relay.

The following instructions create a very basic send-to-friend link and form. However, if you understand the basics of PHP, you should be able to adapt it to your own requirements.

  1. In the page you want visitors to recommend, create a link like this:

    <a href="sendtofriend.php?title=<?php echo urlencode('Title of the page'); ?>">Recommend this page to a friend</a>

    Replace 'Title of the page' with the actual title of the page. The value is passed to urlencode() to make sure it is encoded properly before it's passed as a query string appended to the end of the URL.

  2. In sendtofriend.php, create a form to gather the email addresses and other details. You want the form to be displayed only if the user lands on the page after clicking the send-to-friend link. So, wrap the form in a conditional statement that checks for $_GET['title'] like this:

    <?php if (isset($_GET['title'])) { ?> <h1>Just Fill In a Few Details</h1> <form name="form1" method="post" action="sendlink.php"> <p> <label for="friend">Your friend's name:</label> <input type="text" name="friend" id="friend"> </p> <p> <label for="to">Your friend's email address:</label> <input type="text" name="to" id="to"> </p> <p> <label for="you">Your name:</label> <input type="text" name="you" id="you"> </p> <p> <label for="sender">Your email address:</label> <input type="text" name="sender" id="sender"> </p> <p> <label for="comments">Comments:</label> <textarea name="comments" id="comments"></textarea> </p> <p> <input type="submit" name="send" id="send" value="Send to Friend"> <input name="title" type="hidden" id="title" value="<?php echo $_GET['title']; ?>"> <input name="url" type="hidden" id="url" value="<?php if (isset($_SERVER['HTTP_REFERER'])) { echo $_SERVER['HTTP_REFERER']; }?>"> </p> </form> <?php } else { ?> <h1>Oops!</h1> <p>You seem to have landed on this page by error.</p> <?php } ?>

    In addition to gathering the names and email addresses, the form has a field for extra comments, plus two hidden fields. The first one, title, stores the title of the recommended page by extracting it from $_GET['title']. The other hidden field, uses the $_SERVER['HTTP_REFERER'] superglobal variable to store the URL of the recommended page. You need to check for $_SERVER['HTTP_REFERER'] with isset() because some browsers block access to it.

  3. Next, create sendlink.php, and add the following code above the DOCTYPE:

    <?php if (isset($_POST['send'])) { // Validate the email addresses and URL $to = filter_input(INPUT_POST, 'to', FILTER_VALIDATE_EMAIL); $sender = filter_input(INPUT_POST, 'sender', FILTER_VALIDATE_EMAIL); $url = filter_input(INPUT_POST, 'url', FILTER_VALIDATE_URL); // Go ahead only if the values are OK if ($to && $sender && $url) { $subject = 'Check out this web page'; // Build the message $message = 'Hi, ' . strip_tags($_POST['friend']) . ",\r\n\r\n"; $message .= strip_tags($_POST['you']) . " has recommended that you check out the following web page:\r\n\r\n"; $message .= strip_tags($_POST['title']) . "\r\n\r\n"; $message .= $url . "\r\n\r\n"; $message .= strip_tags($_POST['comments']); // Add email headers $headers = "From: webmaster@example.com\r\n"; $headers .= "Reply-to: $sender\r\n"; $headers .= 'Content-type: text/plain; charset=utf-8'; $mailSent = mail($to, $subject, $message, $headers); } else { $mailSent = false; } } ?>

    The entire script is wrapped in a conditional statement that executes the code only if $_POST['send'] has been set. This is the name of the submit button in the form in sendtofriend.php.

    The script begins by validating the email addresses and URL with the filter_input() function, and storing the results in $to, $sender, and $url. This function is available in PHP 5.2 and later. If the submitted value is OK, filter_input() returns the value. Otherwise, it returns false.

    The next part of the script, uses $to, $sender, and $url as conditions in a conditional statement that controls the building and sending of the email message. If any of the submitted values fails validation, the message is not sent, and $mailSent is set to false.

    The script builds the message using the values submitted by the form, but passes them to strip_tags() as a safety precaution. (You don't need to use strip_tags() with $to, $sender, and $url because they have already been checked by filter_input().)

  4. Change the value of $subject if you want to use a different subject line for the email.

  5. Change the value of the From email header from webmaster@example.com to your own email address.

  6. Many hosting companies require the use of the fifth argument to mail() to verify that the mail is being sent by the owner of the site. This normally consists of a string beginning with -f followed immediately by your email address. If your hosting company requires the fifth argument, amend the call to the mail() function like this (using your actual email address):

    $mailSent = mail($to, $subject, $message, $headers, '-fme@example.com');

  7. Add the following code to the <body> of sendlink.php:

    <?php if (isset($mailSent) && $mailSent) { ?> <h1>Thank You</h1> <p>Your recommendation has been sent to <?php echo $to; ?>.</p> <?php } elseif (isset($mailSent) && !$mailSent) { ?> <h1>Sorry!</h1> <p>There was a problem sending your recommendation.</p> <?php } else { ?> <h1>Oops!</h1> <p>You seem to have landed here by mistake.</p> <?php } ?>

    The conditional statements use the value of $mailSent to display a message reporting whether the link was sent successfully. If $mailSent hasn't been set, it means that someone has landed on the page without sending a link, so a suitable error message is displayed instead.

Books & Videos by David Powers

Beginning CSS3Dreamweaver CS6: Learn by VideoDreamweaver CS5.5: Learn by VideoDreamweaver CS5.5 for MobilePHP SolutionsDreamweaver CS5 with PHP