Ok, So youve probably gathered im extremely new PHP, and ive come up with this php to email script form thing... I know nothing about security and how i can stop people from spamming or changing anything, so any tips would be grateful!

Current code:

<?php
if(isset($_POST['submit'])) {
$to = "[email protected]";
$subject = "Job Application";
$name_field = $_POST['name'];
$email_field = $_POST['email'];
$message = $_POST['message'];
$sample = $_POST['sample]'];


$body = "From: $name_field E-Mail: $email_field Why: $message Sample report: $sample";

echo "Application submitted!";
mail($to, $subject, $body);
} else {
echo "Failed! Try again soon!";
}
?>

Thats the sendmail.php file

<form method="POST" action="sendmail.php">
Habbo name: <br />
<input type="text" name="name" size="19"><br>
<br>
Email: <br />
<input type="text" name="email" size="19"><br>
<br>
Why you want to work with Habben: <br />
<textarea rows="9" name="message" cols="30"></textarea> <br />
Sample report: <br />
<textarea rows="9" name="sample" cols="30"></textarea>
<br>
<br>
<input type="submit" value="Submit" name="submit">
</form>
Thats the obviously, extremely basic form lol,

Now is there anyway i can add to it, how can i change the design of the form (Ive tried googling, come up with nothing!) and generally make it more secure to use!

Thanks in advance,
Callum

Well you could verify each individual input, so e.g. check if the email is valid, make sure the message is a certain length same with the sample. etc.

You could make a session with how many times they have sent the mail. So when they reach a certain limit (say 3 emails) they get sent to a page that says "email sent" even though it doesn't really send??

Clean \r and \n from the inputs perhaps?

The code isn't insecure to begin with there is no way to make it secure.