Jump to content


Photo

NEED HELP!! my php form is being used to send spam


  • Please log in to reply
6 replies to this topic

#1 redgtsviper

redgtsviper
  • Members
  • PipPip
  • Member
  • 19 posts

Posted 27 February 2006 - 05:13 PM

I am using the following code to send form content to my email address. I am having problems with spam. What can I do to fix this problem. I would like to avoid image varification. Any code would be very helpful. I am new to PHP

<?php

$msg = "My Website Online Contact Submission\n";

$msg .= "Name: $name\n";
$msg .= "Comments: $emailAddress\n\n";
$msg .= "Comments: $phone\n\n";
$msg .= "Comments: $message\n\n";





$to = "me@mydomain.com";
$subject = "CONTACT FROM WEBSITE";
$mailheaders = "From: Website Submission Form <$emailAddress>\n";
$mailheaders .= "Reply-To:$Email_Address <$emailAddress>\n\n";
// Mail to address
mail ( $to, $subject, $msg, $mailheaders );

?>

#2 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 27 February 2006 - 05:38 PM

Take a look at [a href=\"http://www.nyphp.org/phundamentals/email_header_injection.php\" target=\"_blank\"]this[/a] article at [a href=\"http://www.nyphp.org/\" target=\"_blank\"]http://www.nyphp.org/[/a].

Ken

#3 curtis_b

curtis_b
  • Members
  • PipPipPip
  • Advanced Member
  • 48 posts

Posted 27 February 2006 - 05:46 PM

Image verification is the way to go, but if you don't want to do that, you can code your own filter if the spam is consistent. For instance, have the script fail if the phone number field contains anything other than numbers, parenthesis, periods, or dashes with an explaination of why it wasn't accepted (spammers are typically bots, not humans as far as I know, and will not make sense of it). Likewise you could have the email field verified (must contain @ symbol and .com or .net or etc...). Finally, if your spam has a consistent subject matter you can block messages that use certain keywords like 'enlarge' or 'prescriptions'. Again, I would recommend a notification message if the sending fails on the off chance that it is an actual customer who is trying to message you.

[!--quoteo(post=349889:date=Feb 27 2006, 11:13 AM:name=Charles Andrews)--][div class=\'quotetop\']QUOTE(Charles Andrews @ Feb 27 2006, 11:13 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
I am using the following code to send form content to my email address. I am having problems with spam. What can I do to fix this problem. I would like to avoid image varification. Any code would be very helpful. I am new to PHP

<?php

$msg = "My Website Online Contact Submission\n";

$msg .= "Name: $name\n";
$msg .= "Comments: $emailAddress\n\n";
$msg .= "Comments: $phone\n\n";
$msg .= "Comments: $message\n\n";
$to = "me@mydomain.com";
$subject = "CONTACT FROM WEBSITE";
$mailheaders = "From: Website Submission Form <$emailAddress>\n";
$mailheaders .= "Reply-To:$Email_Address <$emailAddress>\n\n";
// Mail to address
mail ( $to, $subject, $msg, $mailheaders );

?>
[/quote]


#4 joecooper

joecooper
  • Members
  • PipPipPip
  • Advanced Member
  • 358 posts

Posted 27 February 2006 - 06:32 PM

you could make it only alow one message to be sent every 5 mins... i will find some code that would help.

<?php
session_start();
if ($_SESSION['wait'] == '1'){
die("You may not send an email too often");
}
$msg = "My Website Online Contact Submission\n";

$msg .= "Name: $name\n";
$msg .= "Comments: $emailAddress\n\n";
$msg .= "Comments: $phone\n\n";
$msg .= "Comments: $message\n\n";
$to = "me@mydomain.com";
$subject = "CONTACT FROM WEBSITE";
$mailheaders = "From: Website Submission Form <$emailAddress>\n";
$mailheaders .= "Reply-To:$Email_Address <$emailAddress>\n\n";
// Mail to address
mail ( $to, $subject, $msg, $mailheaders );
$_SESSION['wait']='1'
?>

although it uses sessions, it will still do the job. it will only let you send an email after 5 mins or so.
Signature:
[/a]
[a href="http://www.planet-so...=1999&lngWId=8" target="_blank"]EzLogin 1.0[/a]
[a href="http://www.essexracers.com" target="_blank"]Essexracers.com[/a]
Msn Messenger: joe@joeyjoe.co.uk

#5 redgtsviper

redgtsviper
  • Members
  • PipPip
  • Member
  • 19 posts

Posted 27 February 2006 - 09:26 PM

That would work ok on most of my forms, but I have 1 or 2 that need to be filled out one after another for some camp registration forms (for multi sign up)

#6 redgtsviper

redgtsviper
  • Members
  • PipPip
  • Member
  • 19 posts

Posted 27 February 2006 - 10:08 PM

I tried using the code you gave me and it will still send. I can hit submit 3 or 4 times in a row and then I will get 3 or 4 emails. It is not adding a delay at all.

I am very new, so maybe I did something wrong.

#7 redgtsviper

redgtsviper
  • Members
  • PipPip
  • Member
  • 19 posts

Posted 28 February 2006 - 03:05 PM

Anyone have any ideas




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users