Salve, sono abbasta niubbo in php. Vorrei utilizzare uno script per l'invio di una email da un form. Ecco il codice

File email.htm
Codice PHP:
............
    <form action="email.php?action=send" method="post">
     <table width="50%">
      <tr
       <td width="110"><div align="right"><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">Email:</font></div></td>
       <td width="260"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"
        <input name="from" type="text" id="from">
        </font></td>
      </tr>
      <tr
       <td><div align="right"><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">Name:</font></div></td>
       <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"
        <input type="text" name="fullname">
        </font></td>
      </tr>
      <tr
       <td><div align="right"><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">Subject:</font></div></td>
       <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"
        <input name="subject" type="text" id="subject">
        </font></td>
      </tr>
      <tr
       <td height="136"><div align="right"
         

<font size="2" face="Verdana, Arial, Helvetica, sans-serif">Message:</font></p>
         

</p>
         

</p>
         

</p>
        </div></td>
       <td><textarea name="message" rows="7" id="message"></textarea>
        <font size="2" face="Verdana, Arial, Helvetica, sans-serif"></font></td>
      </tr>
     </table>
     

 
      <input type="submit" value="Send">
     </p>
    </form>
................ 
File email.php

Codice PHP:
<?php
extract($HTTP_GET_VARS);
extract($HTTP_POST_VARS);
if ($action == "send")
{
include("config.php");
$to $ademail;
$from $_POST['from'];
$name $_POST['fullname'];
$subject $_POST['subject'];
$message $_POST['message'];

$to trim($to);
$from trim($from);
$name trim($name);
$subject trim($subject);
$message trim($message);

if (empty($to))
{
$ermessage "Error: Email address to can not be blank, Please enter your email address in the config file!";
include("_inc/email_error.htm"); exit();
}
if (empty($from))
{
$ermessage "Error: Email address can not be blank, Please enter your email address!";
include("_inc/email_error.htm"); exit();
}
if (!ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+'.
'@'.
'[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.'.
'[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$'$from))
{
$ermessage "Error: Invalid Email address, Please re-enter your email address!";
include ("_inc/email_error.htm"); exit;
}
if (empty($name))
{
$ermessage "Error: Please enter your name!";
include("_inc/email_error.htm"); exit();
}
if (empty($subject))
{
$ermessage "Error: Subject can not be blank, Please enter email subject";
include("_inc/email_error.htm"); exit();
}
if (empty($message))
{
$ermessage "Error: Message body can not be blank, Please enter email message";
include("_inc/email_error.htm"); exit();
}
$send mail($to$subject$message"From: {$from}");
if ($send)
{
include("_inc/email_sent.htm"); exit();
}
else 

$ermessage "Error: You message has not been sent, please try again";
include("_inc/email_error.htm"); exit();
}
}
else
{
include("_inc/email.htm");
}
?>
Lo script mi pare pericoloso per l'utilizzo di questo codice
Codice PHP:
extract($HTTP_GET_VARS);
extract($HTTP_POST_VARS); 
Quindi vorrei modificarlo così

file email.htm
Codice PHP:
..................
<form method="post" action="email.php">
..................
      
      <input type="submit" value="invia">
.................. 
File email.php

Codice PHP:
<?php
if ($_POST)
{
..................
Sono sulla buona strada o parto già sbagliando?

Mi consigliate anche come validare meglio l'input sui campi?
Grazie