DEV Community

Cover image for Help Needed: Struggling to Set Up PHP Mailer for My Contact Form
Dusan Walla
Dusan Walla

Posted on

Help Needed: Struggling to Set Up PHP Mailer for My Contact Form

#php #development #frontend #webdev

Hey Dev Community! 👋

I’m a digital marketing enthusiast and beginner in PHP, and I need some help with a problem on my website.

My Website
📍 WebFluence
Specifically, the contact form here: Contact Form

The Issue
The contact form came with a prebuilt PHP file located in includes/sendmail.php. Unfortunately, the script uses the outdated mail() function, which Hostinger (my hosting provider) told me is insecure and not recommended. They advised me to use PHPMailer, which is preinstalled on their business hosting plans.

I’ve read articles about setting up PHPMailer, but honestly, it’s all a bit overwhelming for me since I’ve never worked with PHP before. The template author hasn’t responded, and I’m stuck trying to figure this out.

Details
Domain: Registered with GoDaddy
Hosting: Hostinger Business Plan
Current Mail Script: The outdated mail() function script is here:

<?php

// Read the form values
$success = false;
$successTxt = "";
$senderName = isset( $_POST['name'] ) ? preg_replace( "/[^\.\-\' a-zA-Z0-9]/", "", $_POST['name'] ) : "";
$senderEmail = isset( $_POST['email'] ) ? preg_replace( "/[^\.\-\_\@a-zA-Z0-9]/", "", $_POST['email'] ) : "";
$subject = isset( $_POST['subject'] ) ? preg_replace( "/[^\.\-\' a-zA-Z0-9]/", "", $_POST['subject'] ) : "";
$budget = isset( $_POST['budget'] ) ? preg_replace( "/^[A-Za-z0-9\\-\\.]+$/", "", $_POST['budget'] ) : "";
$message = isset( $_POST['message'] ) ? preg_replace( "/(From:|To:|BCC:|CC:|Subject:|Content-Type:)/", "", $_POST['message'] ) : "";
$txt = "Client budget: " . $budget . "\n\n"  . $message . "\n\n" . "Regards,\n\n" . $senderName . " | " .$senderEmail;

// If all values exist, send the email
if ( $senderName && $senderEmail && $message ) {
  $mailTo = "dusan@webluence.digital"; // change it to your host mail for example (contact@yourdomain.com).
  $headers = "From: " . $senderEmail;
  $success = mail( $mailTo, $subject, $txt, $headers );
  $successTxt = "<p class='uk-alert uk-alert-success uk-margin-large-bottom success' data-uk-alert=''>Thanks for contacting us. We will contact you ASAP!</p>";
  echo $successTxt;
}

?>
Enter fullscreen mode Exit fullscreen mode

What I Need
I want to replace this script with a secure PHPMailer-based script. Hostinger has preinstalled PHPMailer, and I’ve been told it’s more reliable. I found an article about setting it up, but it’s too confusing for me as someone new to PHP.

This is what I have right now:

<?php
require 'vendor/autoload.php';

use PHPMailer\PHPMailer\PHPMailer;

$mail = new PHPMailer;

$mail->isSMTP();
$mail->SMTPDebug = 0;
$mail->Host = 'smtp.hostinger.com';
$mail->Port = 587;
$mail->SMTPAuth = true;
$mail->Username = 'sales@webfluence.digital';
$mail->Password = 'c;Ge?H9unUs#:T0J';
$mail->setFrom('sales@webfluence.digital', 'Dusan Walla');
$mail->addReplyTo('sales@webfluence.digital', 'Dusan Walla');

// Read the form values and sanitize them to prevent injection attacks
$senderName = isset($_POST['name']) ? preg_replace("/[^\.\-\' a-zA-Z0-9]/", "", $_POST['name']) : ""; // Remove any characters that are not letters, numbers, spaces, dots, hyphens, or apostrophes
$senderEmail = isset($_POST['email']) ? preg_replace("/[^\.\-\_\@a-zA-Z0-9]/", "", $_POST['email']) : ""; // Remove any characters that are not letters, numbers, dots, hyphens, underscores, or @
$subject = isset($_POST['subject']) ? preg_replace("/[^\.\-\' a-zA-Z0-9]/", "", $_POST['subject']) : ""; // Remove any characters that are not letters, numbers, spaces, dots, hyphens, or apostrophes
$budget = isset($_POST['budget']) ? preg_replace("/[^\.\-\' a-zA-Z0-9]/", "", $_POST['budget']) : ""; // Remove any characters that are not letters, numbers, spaces, dots, hyphens, or apostrophes
$message = isset($_POST['message']) ? preg_replace("/(From:|To:|BCC:|CC:|Subject:|Content-Type:)/", "", $_POST['message']) : ""; // Remove any email headers to prevent header injection

$mail->addAddress('sales@webfluence.digital', 'Dusan Walla');
$mail->Subject = $subject;
$mail->Body = <<<EOD
Client budget: $budget

$message

Regards,

$senderName | $senderEmail
EOD;

if (!$mail->send()) {
    echo 'Mailer Error: ' . $mail->ErrorInfo;
} else {
    echo "<p class='uk-alert uk-alert-success uk-margin-large-bottom success' data-uk-alert=''>Thanks for contacting us. We will contact you ASAP!</p>";
}
}
?>
Enter fullscreen mode Exit fullscreen mode

Questions
How do I replace this script with PHPMailer in the simplest way possible?
Is there a step-by-step guide that breaks down what I need to do?
How do I configure Hostinger’s SMTP settings in the script?
Any help would be deeply appreciated! 🙏

Additional Resources
Here’s the article I was referring to: How to Use PHPMailer for Secure Email Sending

Thank you in advance for your guidance! 😊

Top comments (0)

Read next

hosseinyazdi profile image

8 Best Developer Directories To Know in 2025 🔥

Hossein Yazdi -

adrianbailador profile image

Part 5: Functions and Methods in C#

Adrián Bailador -

arjun98k profile image

DOM Manipulation in JavaScript

arjun -

tilakjain123 profile image

Animated Movie Card w/ HTML and CSS

Tilak Jain -