I have a contact form on my site...keep getting blank emails, how do I stop it?

[The_Lorax]

The google web crawler keeps triggering the form on my website, how can I stop these blank emails?

 

I've checked the latest visitor stats on my website against the times of these blank contact form emails and found out that the ip is google's.

So then I visited my php file and noticed that it triggers an email with a blank form to be sent to me just like when the google crawler visits it.

 

The way its set up is there is a contact.htm page with the form and its linked to a php page that handles the form.

 

I already have a javascript file that prevents the form from being sent if the fields are not filled out, but that doesnt stop it from being sent when the crawler (or anyone) actually goes directly to the php page that handles the contact form, and thats how I keep receiving these blank form emails, from the crawler visiting the php page directly.

 

What can I do about this?

 

Here's the code from the php file that handles the form....

 

 

<?php

$name = trim(htmlentities($_POST['name'],ENT_QUOTES,'utf-8'));

$company = trim(htmlentities($_POST['company'],ENT_QUOTES,'utf-8'));

$email = trim(htmlentities($_POST['email'],ENT_QUOTES,'utf-8'));

$phone = trim(htmlentities($_POST['phone'],ENT_QUOTES,'utf-8'));

$interest = trim(htmlentities($_POST['interest'],ENT_QUOTES,'utf-8'));

$comments = trim(htmlentities($_POST['comments'],ENT_QUOTES,'utf-8'));


$to = "me@mysite.com";

$subject = "Visitor Contact";

$message = "Name: ".$name;

$message.="\n\nCompany: ".$company;

$message.="\n\nEmail: ".$email;

$message.="\n\nPhone: ".$phone;

$message.="\n\nInterest: ".$interest;

$message .= "\n\nMessage: ".$comments;

$headers = "From: $email";

$headers .="\nReply-To: $email";

$success = mail($to, $subject, $message, $headers);


if ($success) {

print ("<b>Thank you $name. You'll be hearing from us soon.</b>");

} else {

print ("<b>I'm sorry, there was a technical glitch, please send your email to me@gmysite.com directly.</b>");

}

?>

[mmarif4u]

The best bet here is to use PHP validation.

example:

 

if($name == '' ){
echo "name field is empty";
}
elseif($email == ''){
echo "email field is empty";
}
else
{
//send your mail code
}

[The_Lorax]

I am a beginner, a friend helped me write this code, I really don't

know what you mean or where to insert this, can you be more

specific?

 

As I mentioned, there are 2 files:

The contact form is in the .htm file and it already has a working javascript that checks the fields

and prevents the form from being sent to the php file that handles it if those fields are not adequate.

 

The second file is the .php file which handles the form in the .htm file.

 

When the crawler (or anyone) type the direct link and goes directly to the .php file, a blank form is

sent to my email. That's what I am trying to prevent.

 

Can someone help, keeping in mind that I am a complete beginner. Thank you.

[mmarif4u]

Try this but try to remove your JavaScript validation code:

 

<?php

$name = trim(htmlentities($_POST['name'],ENT_QUOTES,'utf-8'));

$company = trim(htmlentities($_POST['company'],ENT_QUOTES,'utf-8'));

$email = trim(htmlentities($_POST['email'],ENT_QUOTES,'utf-8'));

$phone = trim(htmlentities($_POST['phone'],ENT_QUOTES,'utf-8'));

$interest = trim(htmlentities($_POST['interest'],ENT_QUOTES,'utf-8'));

$comments = trim(htmlentities($_POST['comments'],ENT_QUOTES,'utf-8'));

if($name != '' && $company != '' && $email != '' && $phone != ''){
$to = "me@mysite.com";

$subject = "Visitor Contact";

$message = "Name: ".$name;

$message.="\n\nCompany: ".$company;

$message.="\n\nEmail: ".$email;

$message.="\n\nPhone: ".$phone;

$message.="\n\nInterest: ".$interest;

$message .= "\n\nMessage: ".$comments;

$headers = "From: $email";

$headers .="\nReply-To: $email";

$success = mail($to, $subject, $message, $headers);


if ($success) {

print ("<b>Thank you $name. You'll be hearing from us soon.</b>");

} else {

print ("<b>I'm sorry, there was a technical glitch, please send your email to me@gmysite.com directly.</b>");

}
}
else
{
echo "Please fill the required fields, thankyou";
}

?>

[The_Lorax]

mmarif4u, that code just gives me a syntax error.

[mmarif4u]

Can you post the error.

[The_Lorax]

Ok what did you change besides what you did on the bottom of the code?

 

The first time I just added:

}
else
{
echo "Please fill the required fields, thankyou";
}

 

and I got a syntax error.

 

 

Then after I got your reply, before I answered, I tried pasting the whole thing, changing the

email fields back to the correct ones, and that worked....

 

at least halfway. It prevents an email from being sent when just visiting the page, however,

when I try to send the form AFTER filling it out, it still prevents the email from being sent,

and gives me the "PLease fill out the required fields, thanyou" message.

This might be because I do not require that ALL the fields be filled, only the name, email, and interest.

 

YES, I believe this is the problem, since I just tried it with filling ALL the fields and it worked.

 

So can you tell me what you changed exactly?

And also how can I get it to work, only requiring those 3 fields: name, email, and interest?

 

Thanks!

[The_Lorax]

Hey! I compared the two codes closer and I saw the other change you made and that's where I was able to adjust for what fields it checks for and I was able to figure it all out and make it work.

 

Thank you sir!!

 

Question: It seems to still work with the javascript and I prefer to keep the javascript because its more convenient to have a pop-up

that tells you the fields are not filled, rather than having the page send and then getting the error message and having to hit the back button.

Is there any danger in keeping the javascript with this?

 

Thank you.

[mmarif4u]

To some extent javascript is not that good to use, because its client side code as you know.

Personally i avoid to use it.

And glad that it works for you.

The fields in the if condition is upto you,mean which field is must for you to be fill in.

If you just put one there($name), the code will work for you.because you already javascript there.

But it will prevent to not send emails until that if condition became true.

It will be true when name box is filled.

 

Hope this guide you on the correct path.

Arif

[The_Lorax]

Here is another solution I got at another forum, however I have not tested it yet:

 

<?php

$name = trim(htmlentities($_POST['name'],ENT_QUOTES,'utf-8'));

$company = trim(htmlentities($_POST['company'],ENT_QUOTES,'utf-8'));

$email = trim(htmlentities($_POST['email'],ENT_QUOTES,'utf-8'));

$phone = trim(htmlentities($_POST['phone'],ENT_QUOTES,'utf-8'));

$interest = trim(htmlentities($_POST['interest'],ENT_QUOTES,'utf-8'));

$comments = trim(htmlentities($_POST['comments'],ENT_QUOTES,'utf-8'));

if (strlen($name) == 0 )
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please Go back  fill out the required fields</font></p>");
}

if (strlen($company) == 0 )
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please Go back  fill out the required fields</font></p>");
}

if (strlen($email) == 0 )
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please Go back  fill out the required fields</font></p>");
}

if (strlen($phone) == 0 )
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please Go back  fill out the required fields</font></p>");
}

$to = "me@mysite.com";

$subject = "Visitor Contact";

$message = "Name: ".$name;

$message.="\n\nCompany: ".$company;

$message.="\n\nEmail: ".$email;

$message.="\n\nPhone: ".$phone;

$message.="\n\nInterest: ".$interest;

$message .= "\n\nMessage: ".$comments;

$headers = "From: $email";

$headers .="\nReply-To: $email";

$success = mail($to, $subject, $message, $headers);


if ($success) {

print ("<b>Thank you $name. You'll be hearing from us soon.</b>");

} else {

print ("<b>I'm sorry, there was a technical glitch, please send your email to me@gmysite.com directly.</b>");

}

?>

 

Thank you for your help!

[0siris]

could you not just add something which checks whether the form was submitted or not? I presume that the webcrawler just accesses the directory of the website and goes into each page individually? if so that, or could you not jst do an ifstatement against the IP address of the visitor? and if it matches the webcrawler one just die() the code if not then execute it?

 

Sorry if thats not right, not sure how the webcrawlers work