How can i make this more secure...

[Fehm]

Ok, So youve probably gathered im extremely new PHP, and ive come up with this php to email script form thing... I know nothing about security and how i can stop people from spamming or changing anything, so any tips would be grateful!

Current code:

PHP Code:

<?php 
if(isset($_POST['submit'])) {
$to = "[email protected]"; 
$subject = "Job Application"; 
$name_field = $_POST['name']; 
$email_field = $_POST['email']; 
$message = $_POST['message'];
$sample = $_POST['sample]'];
 
  
$body = "From: $name_field E-Mail: $email_field  Why: $message  Sample report: $sample"; 
  
echo "Application submitted!"; 
mail($to, $subject, $body); 
} else { 
echo "Failed! Try again soon!"; 
} 
?>

Thats the sendmail.php file

HTML Code:

<form method="POST" action="sendmail.php">
Habbo name: <br />
   <input type="text" name="name" size="19"><br>
   <br>
   Email: <br />
   <input type="text" name="email" size="19"><br>
   <br>
   Why you want to work with Habben: <br />
   <textarea rows="9" name="message" cols="30"></textarea> <br />
   Sample report: <br />
   <textarea rows="9" name="sample" cols="30"></textarea>
   <br>
   <br>
   <input type="submit" value="Submit" name="submit">
</form>

Thats the obviously, extremely basic form lol,

Now is there anyway i can add to it, how can i change the design of the form (Ive tried googling, come up with nothing!) and generally make it more secure to use!

Thanks in advance,
Callum

[Iszak]

Well you could verify each individual input, so e.g. check if the email is valid, make sure the message is a certain length same with the sample. etc.

[Blinger1]

You could make a session with how many times they have sent the mail. So when they reach a certain limit (say 3 emails) they get sent to a page that says "email sent" even though it doesn't really send??

[Invent]

Clean \r and \n from the inputs perhaps?

[Agnostic Bear]

The code isn't insecure to begin with there is no way to make it secure.