php contact form sending blank emails sometimes

Question

I've gone thru tons of the forms and cant seem to find the answer. I have been working on this problem with my php form on and off for days. hope to find help here. the form is working perfect. all the fields are working correct upon submit, but there always seems to be a second form sent out from a day to two days later that is blank. If there is any suggestions to why this occurs it would be helpful.

<?php


$name = $_POST['name'];
$email = $_POST['email'];
$subject = $_POST['subject'];
$comments = $_POST['comments'];

// recipient address
$to = "[email protected]";

// subject of email
$re = "Contact Us Form Delivery";

// message creation
$contact = "Name:".$name."
Email:".$email."
Subject:".$subject."
";

$txt = "Comments:".$comments."
";


$fmsg = $contact."
".$txt;

$msg = wordwrap($fmsg, 70);

// send email
mail($to,$re,$msg);

?>

  <form action="contact1.php" method=post name="form" id="form">
  <div class="col_w280 float_l">
  <p><em>
 <label for="author">Name:</label> <input type="text" id="name" name="name"                class="required input_field" />
 <div class="cleaner_h10"></div>

   <label for="email">Email:</label> <input type="text" id="email" name="email"  class="validate-email required input_field" />
   <div class="cleaner_h10"></div>
   <label for="email">Phone:</label> <input type="text" id="phone" name="phone"   class="required input_field" />
   <div class="cleaner_h10"></div>

   <label for="subject">Subject:</label> <input type="text" name="subject" id="subject" class="input_field" />
   <div class="cleaner_h10"></div>

                          </div>                        
   <div class="col_w280 float_r">

   <label for="text">Comments:</label> <textarea id="comments" name="comments" rows="0"  cols="0" class="required input_field"></textarea>
   <div class="cleaner_h10"></div></em></p>
   <input name=submit type=submit id="submit"  onClick="MM_validateForm('name','','R','email','','RisEmail');return  document.MM_returnValue" value="Send">              

                    </div></form>

Answer 1

Add validation to the PHP, else even if no values was sent via POST, just by visiting the page its going to send a blank email. Most likely a search engine or such bot is just crawling.

So check its POST

<?php 
if($_SERVER['REQUEST_METHOD']==='POST'){
//put code here
}
?>

and check your values are set min-max length ect

<?php 

...
...
...

//Comments
if(empty($_POST['comments'])){
    //comments empty, do or set something
}else if(strlen($_POST['comments']) < 5){
    //not long enough, do or set something
}else if(strlen($_POST['comments']) > 50){
    //too large, do or set something
}
?>

and most importantly check email is really an email..

<?php 
if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
 //is an email
}else{
 //not an email
}
?>

Also your want to add a basic captcha else your be enjoying 1000s of marketing/spam emails per day.

Good luck, implementing it.