How do you use authentication with gmail for a PHP contact form?

Question

This is the code that i have working; however i want to incorporate a way to have an smtp authentication using my gmail account but I can't figure it out...help?

<?php

if(isset($_POST['email'])) {

    $email_to = "jfk003@lvc.edu";
    $email_subject = "Website Inquire";


    function died($error) {
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
        echo "These errors appear below.<br /><br />";
        echo $error."<br /><br />";
        echo "Please go back and fix these errors.<br /><br />";
        die();
    }

    // validation expected data exists
    if(!isset($_POST['first_name']) ||
        !isset($_POST['last_name']) ||
        !isset($_POST['email']) ||
        !isset($_POST['telephone']) ||
        !isset($_POST['comments'])) {
        died('We are sorry, but there appears to be a problem with the form you submitted.');       
    }

    $first_name = $_POST['first_name']; // required
    $last_name = $_POST['last_name']; // required
    $email_from = $_POST['email']; // required
    $telephone = $_POST['telephone']; // not required
    $comments = $_POST['comments']; // required

    $error_message = "";
    $email_exp = "/^[^0-9][A-z0-9_]+([.][A-z0-9_]+)*[@][A-z0-9_]+([.][A-z0-9_]+)*[.][A-z]{2,4}$/";
  if (preg_match($email_exp, $email_from)) {
    echo "Email address is valid.";
  }
  else 

    {
        echo "Email address is <u>not</u> valid.";
  }
    $string_exp = "/^[a-zA-Z .'-]+$/";
  if(!preg_match($string_exp,$first_name)) {
    $error_message .= 'The First Name you entered does not appear to be valid.<br />';
  }
  if(!preg_match($string_exp,$last_name)) {
    $error_message .= 'The Last Name you entered does not appear to be valid.<br />';
  }
  if(strlen($comments) < 2) {
    $error_message .= 'The Comments you entered do not appear to be valid.<br />';
  }
  if(strlen($error_message) > 0) {
    died($error_message);
  }
    $email_message = "Form details below.\n\n";

    function clean_string($string) {
      $bad = array("content-type","bcc:","to:","cc:","href");
      return str_replace($bad,"",$string);
    }

    $email_message .= "First Name: ".clean_string($first_name)."\n";
    $email_message .= "Last Name: ".clean_string($last_name)."\n";
    $email_message .= "Email: ".clean_string($email_from)."\n";
    $email_message .= "Telephone: ".clean_string($telephone)."\n";
    $email_message .= "Comments: ".clean_string($comments)."\n";



$headers = 'From: '.$email_from."\n".
'Reply-To: '.$email_from."\n".
'X-Mailer: PHP/'.phpversion();

@mail($email_to, $email_subject, $email_message, $headers);

} 

?>

Answer 1

I think using gmail; google change there authentication methods, I was able to successfully authenticate following this step first: Video link this is for the 2 step process to allow external application

you will need to generate an application password.

then use that password for your PHP application.

Answer 2

This is a complete working example.    
<?php
    // this is for troubleshooting errors 
    // set the 1 to 0 to turn off (must set to 0 when in production mode or when you run this live 
    error_reporting(E_ALL);
    ini_set('display_errors', '1');
?><?php
    if(isset($_POST['email'])) {
        $email_to       = $_POST['email'];
        $email_subject  = "E-mail from website visitor.";

        // try adding a useful/relevent message to errors output to users
        function died($error) {
            echo "We are very sorry, but there were error(s) found with the form you submitted:\n\t ";
            echo $error."<br /><br />";
            echo "Please go back and fix these errors.<br /><br />";
            die();
        }

        // validation expected data exists
        // since all post are submit, check if they are empty or equal to an empty string
        if(isset($_POST['email'])){
            if($_POST['email'] == "" || $_POST['first_name'] == "" || $_POST['last_name'] == "" || $_POST['telephone'] == "" || $_POST['comments'] == ""){
                died('Please fill out the entire form');
            }
        }

        $first_name = $_POST['first_name']; // required
        $last_name  = $_POST['last_name']; // required
        $email_from = $_POST['email']; // required
        $telephone  = $_POST['telephone']; // not required
        $comments   = $_POST['comments']; // required

        $error_message = "";
        $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
        $string_exp = "/^[A-Za-z .'-]+$/";

        if(!preg_match($email_exp,$email_from))
            $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
        if(!preg_match($string_exp,$first_name))
            $error_message .= 'The First Name you entered does not appear to be valid.<br />';
        if(!preg_match($string_exp,$last_name))
            $error_message .= 'The Last Name you entered does not appear to be valid.<br />';
        if(strlen($comments) < 2)
            $error_message .= 'The Message you entered do not appear to be valid.<br />';
        if(strlen($error_message) > 0)
            died($error_message);
        $email_message = "Form details below.\n\n";

        function clean_string($string) {
            $bad = array("content-type","bcc:","to:","cc:","href");
            return str_replace($bad,"",$string);
        }
        $email_message .= "First Name: ".clean_string($first_name)."\n";
        $email_message .= "Last Name: ".clean_string($last_name)."\n";
        $email_message .= "Email: ".clean_string($email_from)."\n";
        $email_message .= "Telephone: ".clean_string($telephone)."\n";
        $email_message .= "Comments: ".clean_string($comments)."\n";

        // create email headers
        // changed up your email a bit
        $headers = "From: $email_from\n";
        $headers.= "MIME-Version: 1.0\n";
        $headers .= "Content-type: text/html; charset=iso-8859-1\n";
        mail($email_to, $email_subject, $email_message, $headers);
        header('Location: http://www.cnn.com');
        exit();
    }
?>
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
    Firstname:<br>
    <input type="text" name="first_name"><br>
    Lastname:<br>
    <input type="text" name="last_name"><br>
    Email:<br>
    <input type="text" name="email"><br>
    Phone Number:<br>
    <input type="text" name="telephone"><br>
    Comments:<br>
    <input type="textarea" name="comments"><br><br>
    <input type="submit" value="Submit">
</form>

Answer 3

You want to use a modern PHP mailing library, like SwiftMailer that supports SMTP authentication.

Check out Google's instructions on which servers to use and SwiftMailer's docs on sending mail to a SSL/TLS SMTP server and sending mail with a username/password combo.

While updating your code to use SwiftMailer, you should ditch that abomination of an email validation regex, it excludes numerous completely valid local parts and domains. The sanity straight-jacket imposed by building the message using method calls is going to take care of most of the other potential problems in your code, like that bizarre clean_string function -- you won't need it (and I'm not sure what you think it does here, but it doesn't really, uh, make the string any safer).

Answer 4

You can use PHPMailer http://sourceforge.net/projects/phpmailer/, here is how you send email using GMail, but HTML&CSS won't help you much here.

function email($to, $subject, $body){
    require_once("class.phpmailer.php");

    $mail = new PHPMailer();

    $mail->SMTPAuth = true;
    $mail->SMTPSecure = "ssl";
    $mail->Host = "smtp.gmail.com";
    $mail->Port = 465;
    $mail->Username = "name@example";
    $mail->Password = "123456";

    $mail->SetFrom("name@example.com", "Name Example");

    $mail->Subject = $subject;
    $mail->Body = $body;

    $mail->AddAddress($to);
    $mail->Send();
    unset($mail);
}