Action file executing in browser

[madness69]

Hi guys, im having a problem, in my phpfile were is generated the action code form the contacts form is giving me a lot of trouble, im receiving a lot of blank emails, first i thiked was bots,im usign a captcha, but then i notice another thing, when i put the name of the file that generates the action in the browser this loads it and send it the black email.

How can i prevent for my php action file to dont be loadit in the browser?

Here is the code to you guys have a idea

<?php 

$datahora = "DATA: <B>" . date("d/m/y - H:i:s") . "</B><BR><BR>";

foreach ($_POST as $campo => $valor) {
if (($campo == 'imageField2_x') or ($campo == 'imageField2') or ($campo == 'imageField2_y') or ($campo == 'distrito') or ($campo == 'subimit_y') or ($campo == 'codigo') or ($campo == 'seguranca')) {}else {
	if ($valor <> '') {
		$campo = str_replace("_", " ",$campo);
		$campos .= strtoupper($campo) . ": <b>" . $valor . "</b><Br>";
	}
}
}

  
$www = "WWW.USA.COM";
$assunto = "CONTACT - USA - " . $www;

$conteudo = "CONTACT - USA<br><br>" . $datahora . ($campos) . "<br>" . $www;

$para = "madness@hotmail.com";

$headers = "MIME-Version: 1.0\n"; 
$headers .= "Content-type: text/html; charset=iso-8859-1\n"; 
$headers .= "From: USA <info@usa.com>\r\n";
$headers .= "Reply-To: ".$_POST['email']."\r\n";

if ($_POST['codigo'] == $_POST['seguranca']) {
if (mail($para,$assunto,$conteudo,$headers) == true){ ?>

<script>
alert('Sent sucess!');
window.location = 'contact.php';
</script>
<? }} ?>

 

Hope for some help

[Simon Mayer]

It looks like you are not validating contents before calling mail().

 

Try something like this.

 

if ($_POST['codigo'] == $_POST['seguranca']) {
  if(strlen($_POST['relevantfieldname']) > 0)
{
    if (mail($para,$assunto,$conteudo,$headers) == true)

[madness69]

Thanks a Lot Simon, this worked, finally a forum that give me the answeer lool