enemeth Posted April 19, 2008 Share Posted April 19, 2008 Hi there, Created a php script that i got working great, it takes the information from the form , even an attachment, sends it to me all is dandy, but it seems like something is going wrong since i have recieved about 40 emails so far from someone or something i have no clue on what or who it is ... if anyone can help , maybe someone has had it happen to them, the email is as follows: the subject reads : formmail-relaytest middlemancan.bmtwebdesign.com//mail.php (which is .bmtwebdesign.com , that is my domain and the mail.php is the file i made that gets the information from the form to my email address) the sender is (UNKOWN) and the fields that are sent to my email from the site is simple, Name: Email: devnull@kundenserver.de Other: Phone: and that is all i get, about 40 of them all at the same time... any ideas? if you need to see the code for the mail.php , here it is : <html> <head> <title> Sending Email </title> </head> <body> <?php // Read POST request params into global vars $my_email = "my@hotmail.com"; $from = $_POST['from']; $subject = $_POST['subject']; $message = stripslashes("Name: " . $from . "\n\n" . "Email: " . $_POST['email'] . "\n\nOther: ". $_POST['other'] . "\n\n" . "Phone: " . $_POST['phone']); // Obtain file upload vars $fileatt = $_FILES['fileatt']['tmp_name']; $fileatt_type = $_FILES['fileatt']['type']; $fileatt_name = $_FILES['fileatt']['name']; $headers = "From: $from"; if (is_uploaded_file($fileatt)) { // Read the file to be attached ('rb' = read binary) $file = fopen($fileatt,'rb'); $data = fread($file,filesize($fileatt)); fclose($file); // Generate a boundary string $semi_rand = md5(time()); $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x"; // Add the headers for a file attachment $headers .= "\nMIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"{$mime_boundary}\""; // Add a multipart boundary above the plain message $message = "This is a multi-part message in MIME format.\n\n" . "--{$mime_boundary}\n" . "Content-Type: text/plain; charset=\"iso-8859-1\"\n" . "Content-Transfer-Encoding: 7bit\n\n" . $message . "\n\n"; // Base64 encode the file data $data = chunk_split(base64_encode($data)); // Add file attachment to the message $message .= "--{$mime_boundary}\n" . "Content-Type: {$fileatt_type};\n" . " name=\"{$fileatt_name}\"\n" . //"Content-Disposition: attachment;\n" . //" filename=\"{$fileatt_name}\"\n" . "Content-Transfer-Encoding: base64\n\n" . $data . "\n\n" . "--{$mime_boundary}--\n"; } // Send the message mail($my_email, $subject, $message, $headers); ?> <html> <body> <?php include 'header.php';?><br> <p align="center"><strong><font face="Arial"><big>Thank you for submitting information<br> You will be redirected shortly</big></font></strong></p> <script> var redirecturl="index.php" var pausefor=5 function postaction(){ if (window.timer){ clearInterval(timer) clearInterval(timer_2) } window.location=redirecturl } setTimeout("postaction()",pausefor*1000) </script> <br><br><br><br><br><br> <img src="images/progressbar.gif"><br><br><br><br> <?php include 'footer.php';?> </body> </html> if anyone has ever seen this before can you please let me know, how i can either stop it or should i contact my hosting company? Thank you, Elaine Quote Link to comment Share on other sites More sharing options...
Caesar Posted April 19, 2008 Share Posted April 19, 2008 So the form does not require someone to be logged in or authenticated in order to submit? That be your problem thar. Quote Link to comment Share on other sites More sharing options...
miracle_potential Posted April 19, 2008 Share Posted April 19, 2008 Are all the emails identicle you didnt seem to tell us. Quote Link to comment Share on other sites More sharing options...
enemeth Posted April 19, 2008 Author Share Posted April 19, 2008 yes all the emails are identical Quote Link to comment Share on other sites More sharing options...
enemeth Posted April 19, 2008 Author Share Posted April 19, 2008 i dont no about it being authentication problem , because i have 5 other mailtoforms.php files that do not need authentication on the same hosting account, which i never recieved one spam on , it doesnt make sense Quote Link to comment Share on other sites More sharing options...
miracle_potential Posted April 19, 2008 Share Posted April 19, 2008 You will need some sort of image varification scipt to stop bots running and spidering your codes! http://www.php-mysql-tutorial.com/user-authentication/image-verification.php Be a good start, and if the emails are all identicle its probably a looping error I didnt sift through the code so check for any loops or that your headers arnt relocating to each other (causing a server loop) because variables are kept on memory until the session is over Quote Link to comment Share on other sites More sharing options...
enemeth Posted April 20, 2008 Author Share Posted April 20, 2008 Thank you , I went through that code but the form i have on the site is not a form to log in, it is a simple who are you form and send in your resume, it would be nice to have this to work without the log in method Elaine Quote Link to comment Share on other sites More sharing options...
miracle_potential Posted April 21, 2008 Share Posted April 21, 2008 I'm not saying have a login for it, jsut have an image verification to stop bots from suing your form there are a LOT spiders looking for a tasty form to fill out so it can get your email address. Thats the only thing I can think of Quote Link to comment Share on other sites More sharing options...
enemeth Posted April 21, 2008 Author Share Posted April 21, 2008 ok sounds good i will disect the code for the image authentication and use it on my site , thank you Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.