Jump to content


Photo

Create PHP e-mail spam filter


  • Please log in to reply
5 replies to this topic

#1 Peter37

Peter37
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 26 October 2006 - 04:48 PM

To Whom It May Concern:

If it is possible, could you help me to edit this part of my .php file. I am getting too much spam from the form on the Website. I need to add filter. The mail has to be sent if it does not contain words “Viagra, sex, erotica.” Otherwise, the sender have to get next error message,” Error, no comments were submitte.You may not have any rude words in your comment!”

$to = "1994@hotmail.com";
$subject="Comment";
$from="Dan's Website";
if($contents != "")
{
  //send mail - $subject & $contents come from surfer input
  mail($to, $subject, $contents, $from_header);
  // redirect back to url visitor came from
 
}
  else
{
  print("<HTML><BODY>Error, no comments were submitted!");
  print("</BODY></HTML>");
}
?>

Thank you in advance for your response and help.

Sincerely,
Peter



#2 php_joe

php_joe
  • Members
  • PipPipPip
  • Advanced Member
  • 175 posts

Posted 26 October 2006 - 05:20 PM

Make a list of words to add to the filter.

Then put this at the top of the php file:

$badwords = file("badwords.txt");
foreach($badwords as $key => $value){
if (eregi($value, $contents)){
echo "Error, no comments were submitte.You may not have any rude words in your comment!";
die();
}else{
$to = "1994@hotmail.com";
$subject="Comment";
$from="Dan's Website";
if($contents != "")
{
   //send mail - $subject & $contents come from surfer input
   mail($to, $subject, $contents, $from_header);
   // redirect back to url visitor came from
   
}
  else
{
   print("<HTML><BODY>Error, no comments were submitted!");
   print("</BODY></HTML>");
}
}
}

I'm sure there's a better way then cycling through each bad word, maybe someone else can offer it. :)

Though I think that you shouldn't tell the spammers that you're filtering their messages or they will just alter the words slightly (like using a one instead of a lower case "L", or putting a period in the wo.rd).

Joe
[url=http://darkswordsguide.com][/url]

#3 webproclaim

webproclaim
  • Members
  • PipPip
  • Member
  • 15 posts

Posted 26 October 2006 - 05:27 PM

I was having the same problem. What I did was created a script that made a session with a 5 digit random string and then wrote the string onto an image.

I then make the user retype the string on the image and then double check what they typed with the string in the session. If it doesnt match, the form doesnt submit and they get an error that the 'send key' didnt match and can try and type it again (I have the other fields in the form repopulate from their prior contents using $_GET). This makes it very difficult for a bot to submit forms unless they also contained some sort of advanced OCR routine.

Below is the code I use to set the session and make the image. This should be saved as a .php file but referenced from your form as an image...

<?php
// 200 is width / 30 is height
$TheImage = Imagecreate("75", "25");

// We want to color the image Blue..
// We use 0x before the HEX value so you can use the hex value..
// If you do not use 0x then you must give in a 0-255 value for the color.
$ColorImage = imagecolorallocate($TheImage, 180, 50, 23);

// Color the text...
$ColorText = imagecolorallocate($TheImage, 0, 0, 0);
$ColorLine = imagecolorallocate($TheImage, 75, 75, 75);

// printing the text:
// $TheImage is so it prints on that image.
// 14 is how large the font is
// 0 is the rotation (add and the right side will tip up)
// 15 is how far it is from the left side of the image
// 20 is how far it is from the top of the image
// $ColorText gives the text its color
// Verdana is the font it uses
// Some sample text is the text is prints...

$secret = substr(md5(uniqid(rand())), 0, 5);
$secret = strtoupper($secret);
// Set the secret string as a session so I can compare the submitted value in the form to what was generated here.
session_start();
session_register("SecretString");
$SecretString = $secret;

imageline($TheImage, 75, 8, 0, 15, $ColorLine);
ImageTTFText($TheImage, 12, -5, 16, 20, $ColorText, "times.ttf", $secret);


// Let the browser know that it is an image..
header("Content-Type: image/PNG");

// We want to show the image (in png format...)
ImagePng ($TheImage);
imagedestroy($TheImage);
?>


#4 Peter37

Peter37
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 26 October 2006 - 07:21 PM

Thank you very much for your code. I got next error message,” Parse error: parse error, unexpected '<' in /homepages/41/d182358255/htdocs/comment/confirm.php on line 52”

I am not sure if I created correctly file “badwords.text”  Is it correct format,” sex, Viagra, adult”?




Make a list of words to add to the filter.

Then put this at the top of the php file:

$badwords = file("badwords.txt");
foreach($badwords as $key => $value){
if (eregi($value, $contents)){
echo "Error, no comments were submitte.You may not have any rude words in your comment!";
die();
}else{
$to = "1994@hotmail.com";
$subject="Comment";
$from="Dan's Website";
if($contents != "")
{
   //send mail - $subject & $contents come from surfer input
   mail($to, $subject, $contents, $from_header);
   // redirect back to url visitor came from
   
}
  else
{
   print("<HTML><BODY>Error, no comments were submitted!");
   print("</BODY></HTML>");
}
}
}

I'm sure there's a better way then cycling through each bad word, maybe someone else can offer it. :)

Though I think that you shouldn't tell the spammers that you're filtering their messages or they will just alter the words slightly (like using a one instead of a lower case "L", or putting a period in the wo.rd).

Joe



#5 php_joe

php_joe
  • Members
  • PipPipPip
  • Advanced Member
  • 175 posts

Posted 27 October 2006 - 03:40 AM

I don't know what < it is refering to, but I did find one mistake of mine:

You should change the code to:
$badwords = file("badwords.txt");
foreach($badwords as $key => $value){
if (eregi($value, $contents)){
echo "Error, no comments were submitted. You may not have any rude words in your comment!";
die();
}
}
and not use the }else{, otherwise it will send a copy of the email for each word in badwords.txt

If you put this before the mail script then it would kill the page before the mail was sent. The parse error is probably due to an attempt to output html.

And no, you want to create badwords.txt like this:
sex
viagra
adult
with each word on a separate line.
[url=http://darkswordsguide.com][/url]

#6 Peter37

Peter37
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 27 October 2006 - 07:18 AM

Thanks a lot for your attempt to help me. I followed your advices, but filter still does not work. There are no error messages now, but maybe something is wrong with the code.

I am sending you the beginnig part of my .php file with your codes, and I hope that it will be easier to find the mistake.

<html>

<?
$badwords = file("badwords.txt");
foreach($badwords as $key => $value){
if (eregi($value, $contents)){
echo "Error, no comments were submitted. You may not have any rude words in your comment!";
die();
}
{
$to = "1994@hotmail.com";
$subject="Comment";
$from="Dan's Website";
if($contents != "")
{
//send mail - $subject & $contents come from surfer input
mail($to, $subject, $contents, $from_header);
// redirect back to url visitor came from

}
else
{
print("<HTML><BODY>Error, no comments were submitted!");
print("</BODY></HTML>");
}
}
}

$contents.="\n Firstname:";
$contents.=$Contact_FirstName;
$contents.="\n Lastname:";
$contents.=$Contact_LastName;
$contents.="\n City:";
$contents.=$Contact_City;
$contents.="\n Country:";
$contents.=$Contact_State;

$contents.="\n URL:";
$contents.=$Contact_ZipCode;

$contents.="\n Email:";

$contents.=$Contact_Email;
$contents.="\n Comments:";

$contents.=$Comments;
?>



<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users