Fall Sale! Code FALL2024 takes 25% OFF our Pro Plugins & Books »
Web Dev + WordPress + Security

WordPress Plugin: Contact Coldform

[ Image: Coldform Icon ] Welcome to the homepage for Contact Coldform, a secure, lightweight, flexible contact form with plenty of options and squeaky clean markup. Coldform blocks spam while making it easy for your visitors to contact you from your WordPress-powered website. The comprehensive Settings Page makes it easy to take full control with plenty of options and several built-in themes for styling the form. Coldform delivers everything you need and nothing you don’t — no frills, no gimmicks, just pure contact-form satisfaction. Now available at the WP Plugin Directory!

Update!

Contact Coldform had a good run (10 years!), but it’s time for something far better: Contact Form X. CFX is superior to Contact Coldform in every way. Contact Form X gives you all the same features of Contact Coldform, plus you also get a recent-email dashboard widget, GDPR options, inline docs, Google reCaptcha, and of course the contact form itself is all Ajax-powered and super awesome.

Contact Coldform = 2008–2018.
Contact Form X = 2018 & beyond..

I encourage all users of Contact Coldform to upgrade Contact Coldform to Contact Form X. You can learn more and download the plugin at the WP Plugin Directory. And yes, I use Contact Form X for my own contact form here at Perishable Press. </update>

Overview

  • Plug-&-play: display Coldform anywhere
  • Sweet emails: Coldform sends descriptive, well-formatted messages
  • Safe and secure: Coldform blocks spam and filters malicious content
  • Ultra-clean code: lightweight, standards-compliant, semantic, valid
  • Fully customizable: easy to configure and style via Coldform Settings

Features

  • Slick, toggle settings panels make it easy to customize Coldform
  • Style Coldform using built-in coldskins or upload some custom CSS
  • Provides template tag to display Coldform anywhere in your theme
  • Provides shortcode to display Coldform on any post or page
  • Displays customizable confirmation message to the sender

Anti-spam & Security

  • Captcha: Coldform includes challenge question/answer
  • Bot trap: hidden input field further reduces automated spam
  • Secure form processing protects against bad bots and malicious input
  • User-friendly error messages help users complete all required fields

Customize Everything

  • Includes option to enable users to receive carbon copies
  • Coldform message includes IP, host, agent, and other user details
  • Customize form-field captions, error messages, and success message
  • Includes three built-in themes “coldskins” to style, or
  • Style the Coldform with your own custom CSS
  • Option to add a custom prefix to the subject line
  • Option to disable the captcha for registered users

Clean Codes

Coldform brings delicious code on every front:

  • Squeaky-clean PHP: every line like a fine wine
  • Crispy-clean markup: valid, semantic source code with proper formatting
  • Shiny-clean emails: Coldform delivers descriptive, well-formatted content
  • Better performance: conditional loading of stylesheet only when needed

More Features

  • Works perfectly without JavaScript.
  • Option to load CSS only when Coldform is displayed
  • Option to reset default settings
  • Options to customize many aspects of the form
  • Options to customize success, error, and spam messages
  • Option to enable and disable CSS styles

Installation and Usage:

Typical plugin install: upload, activate, and customize in the WP Admin.

  1. Unzip and upload the entire directory to your “plugins” folder and activate
  2. Use the shortcode to display Coldform on any post or page, or:
  3. Use the template tag to display the Coldform anywhere in your theme.
  4. Visit the Coldform Settings to configure your options and more info.

Shortcode

[coldform]

Template tag

<?php if (function_exists('contact_coldform_public')) contact_coldform_public(); ?>

For more information, visit the Coldform Settings page and readme.txt file.

Coldform Screenshots

Download

As explained at the beginning of this post, I am retiring Contact Coldform. The plugin will be updated through 2018 or so, and will encourage all Coldform users to upgrade to the far superior Contact Form X. Check it out and download via the WordPress.org Plugin Directory:

About the Author
Jeff Starr = Web Developer. Security Specialist. WordPress Buff.
BBQ Pro: The fastest firewall to protect your WordPress.

160 responses to “WordPress Plugin: Contact Coldform”

  1. I disagree with weston. Why generate a content if it’s not of any use ?

    If everything worked like that, imagine what search engines crawlers would see, or worse, imagine what pages would look like without CSS applied.

  2. Perishable 2008/01/14 7:50 am

    @Stephen: Thank you kindly! I look forward to hearing your thoughts on the functionality of plugin as well! ;)

    @weston: Thanks for the idea.. I think adding unique field ids is a great idea. If anything it will give users a way to style each field individually.

    @Louis: Good point about not using the ids primarily for hiding/showing unwanted fields, however, I do think ids are a good idea for reasons previously mentioned.

  3. Hi,
    I really like the plugin, but my mail server requires smtp authentication, how/where (in the code) can I enter my smtp username and password so the plugin will actually send the email to the recipient?

  4. Hi Gail,

    This initial release of Coldform does not support SMTP authentication, however, I am looking into adding that feature (along with a growing list of others) to the next upgrade.

  5. Hey, found your form today and implemented it on my site.

    It’s excellent! Thanks for helping me postpone learning to code a while longer!
    :-)

  6. Perishable 2008/02/06 9:37 am

    My pleasure, 6ft5 — happy to help postpone the learning process ;)
    Thanks for the feedback!

  7. That’s Plugin looks cool.

    I am trying to use it my non English blog without success.

    When i try to send a message without completing the required information the non English characters become gibberish as described in these links:

    http://www.rasheed-b.com/tmp/cold.gif
    http://www.rasheed-b.com/tmp/cold2.gif

    I tried to find a solution but at last i gave up. May i find here helpful information.

    Thanks.

  8. Hello Perishable,

    Thanks for your quick respond.

    I still investigating it more and I don’t thinks it’s a translation issue. I am familiar with translating plugins and this case looks like something different.

    I tried to check this similar plugin:
    http://www.deliciousdays.com/contact

    And here is the result:
    http://www.rasheed-b.com/tmp/diff.gif

    Arabic characters looks normal.

  9. Perishable 2008/02/11 6:16 pm

    Rasheed,

    I believe this is a language/translation-related issue, although I am far from knowledgeable in this area. Using methods described here, it is possible to add support for different languages. When writing the plugin, I did incorporate (nearly all) of the hooks needed for successful translation, but simply did not have time to actually translate any of the content. Although I am not 100% certain that this would resolve the issue, it certainly would help to find out. As you appear fluent in both English and Arabic, perhaps you would be willing to investigate further..?

    ( Also, thanks for the screenshots — I am going to combine them into your first post. )

    Regards,
    Jeff

  10. Mustafa Saadi 2008/02/12 3:10 am

    Hello Jeff, rasheed,

    The problem is that all _$POST variables are converted to HTML entities using the htmlentities php function. I don’t think you need that anyway — emails shound be sent in plain format. Anyway, we have uploaded the fix archive to rasheed’s server. Here is the link: http://www.rasheed-b.com/tmp/contact-coldform-fixed.zip

    Regards,
    Mustafa Saadi.

  11. Perishable 2008/02/12 8:16 am

    Hi Mustafa Saadi,

    Thank you for swooping in and saving the day, Mustafa! It should have occurred to me that htmlentities may have been the culprit. Are you sure that removing it does not jeopardize security of the form? I have read almost everywhere about “how important htmlentities is” to prevent JavaScript exploits, XSS attacks, etc.

    Thanks for your help!
    Jeff

  12. Mustafa Saadi 2008/02/12 12:57 pm

    Jeff,

    I completely agree with you. You can really use the following: htmlentities( $html, ENT_QUOTES, “UTF-8” ); or maybe htmlentities ($s, ENT_NOQUOTES, “UTF-8”); — remember that you should use the “header(‘Content-type: text/html; charset=utf-8’);” when posting the data. Best to probably use strip_tags() and mysql_escape_string(), the strip_tags() function simply looks for any markup elements in a given string and removes them.

    Regards,
    Mustafa Saadi.

Comments are closed for this post. Something to add? Let me know.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
The Tao of WordPress: Master the art of WordPress.
Thoughts
I disabled AI in Google search results. It was making me lazy.
Went out walking today and soaked up some sunshine. It felt good.
I have an original box/packaging for 2010 iMac if anyone wants it free let me know.
Always ask AI to cite its sources. Also: “The Web” is not a valid answer.
All free plugins updated and ready for WP 6.6 dropping next week. Pro plugin updates in the works also complete :)
99% of video thumbnail/previews are pure cringe. Goofy faces = Clickbait.
RIP ICQ
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.