after designing a form in dw how do you get the form to send an email from submit button?

Sorry, gary. I don't know what you're talking about when you say "I read the secure page in 2010". Feel free to elaborate if you wish but do not expect a response. It's not my interest to explain to you how to do something but I do feel obligated to tell others that what you're telling them is not completely safe. Please understand that I have in fact informed you of the vulnerabilities of your insecure script for as long as we have corresponded, even after the "security" amendment to your page, which is nothing more than a copy of someone else's work of which you unfortunately did not completely understand. No surprise there though given your frequent ignorance of the subject in the messages we have exchanged. I do remember saying something about a year ago to you mentioning your discreet, sweep under the rug mentality of the importance of having a secure script. Unfortunately you have maintained your ignorance and minimal effort on completely understanding (and effectively educating others on) the subject this entire time.

If someone is asking how to build a submarine and you provide a blueprint of how to build a paper boat with a screen door don't expect someone else to tell you how to build a submarine so you can then go and tell everyone afterwards how YOU would build a submarine. However, you should expect someone to tell the OP that was asking how to build a submarine that your paper boat suggestion will not hold water.

Did you read this?

You're testing for the literal characters \r an \n. There are other ways of inserting carriage returns and new lines.

Yep, that's basically what I told you over a year ago. I know that some have been using your email script to inject mail through the headers for sometime now. No one is sending you emails through your contact form anyway since the spry validation is broken, so injection of your server script is the only way to send emails from your contact page for users who have javascript enabled anyway. Perhaps you will now realize that your suggestions may be hurting others rather than helping them, opposite of what my posts regularly achieve. I look forward to your cognitive posts from now on with eagerness and openness to actually learn the methods that others are continuously trying to educate you on so that you will not continue to misinform others as you have been doing for as long as I can remember, which is longer than a year mind you. If you want to cross your arms across your chest and shrug and grunt that nothing is wrong with your script because you tested it that's fine, but when you start telling others to use it and that it's fine that's when the_shocker says whoa dude... it's not fine. Sorry to blow your ego. Swallow your pride and learn about script vulnerabilities instead of attempting to defend your position by on the forum by saying "you never said anything when you looked at my page a year ago" because dude... that's ignorant and, for the record, I did say something to you time and time again.

best,

Shocker