AV1611 Posted May 13, 2007 Share Posted May 13, 2007 I have have several websites that use a simple mail form to send email to site admin. I noticed on of them is getting hit by a "bot" and spamming viagra ads to the site admin. How can I prevent this? Do I do one of those pictures with letters, which seems annoying to the visitor or is there a way in the code? if needed here is my php that processes the form... <<<snip>>> $to = "[email protected]"; // $name = $_POST['name']; $email = $_POST['email']; $subject = $_POST['subject']; $msg = $_POST['msg']; $sub = "Online Email Form"; $messub = "Subject: ".$subject."\r\n" ; $mesmsg .= "Message: ".$msg."\r\n" ; $mesname .= "Name: ".$name."\r\n" ; $mesemail .= "Email: ".$email."\r\n" ; $body=$messub.$mesname.$mesemail.$mesmsg; $headers = 'From: '. $name . "\r\n" . 'Reply-To: '. $email . "\r\n" . 'X-Mailer: PHP/' . phpversion(); if(empty($name) || empty($email) || empty($subject) || empty($msg)) { echo " <h3>You must fill in all the information.</h3>"; } elseif(!ereg("^[_a-zA-Z0-9-]+(.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(.[a-zA-Z0-9-]+)*(.[a-zA-Z]{2,3})$",$email)){ print " <h3>You entered an invalid email address</h3>"; } else { mail($to, $sub, $body, $headers); print " <h3><center>Thanks, ".$name.", for contacting us...</center></h3>"; } <<<snip>>> Link to comment https://forums.phpfreaks.com/topic/51187-solved-mail-form/ Share on other sites More sharing options...
chigley Posted May 13, 2007 Share Posted May 13, 2007 Your best bet is a CAPTCHA/Turner code. I made one myself a while back if you want to use it: index.php <?php // Begin the session to receive the code used from the image.php file session_start(); ?> <form action="action.php" method="post"> <img src="image.php" alt="Security Image" /><input type="text" id="code" name="code" /> <input type="submit" value="Submit" /> </form> action.php <?php // Start the session to check the codes session_start(); // Check the code if(($_SESSION['code'] == $_POST['code']) && (!empty($_SESSION['code'])) ) { echo "Code correct"; unset($_SESSION['code']); } else { echo "Code incorrect"; } ?> image.php <?php /*-----------------------------------------------------------*\ | **************** User Editable Variables ****************** | +-------------------------------------------------------------+ | $length -> the length of the string displayed on the image | | $chars -> the character range used in the string | | $fontsize -> the size of the font to be used in pixels | | $fontfile -> the TTF font file you want to be used | | $imagewidth -> the image width in pixels | | $imageheight -> the image height in pixels | | $textcolour -> comma separated RGB values of the text colour| | $noisetotal -> the number of noise pixels required | | $noisecolour -> RGB values of the noise colour | \*-----------------------------------------------------------*/ $length = 6; $chars = "ABCDEFGHJKLMNOPQRSTUVWXYZabcdefhkmnorstuvwx123456789"; $fontsize = 14; $fontfile = "mono.ttf"; $imagewidth = 45; $imageheight = 22; $textcolour = "0,0,0"; $noisetotal = 100; $noisecolour = "0,0,255"; /*------------------------------------------------------------*\ | ********************** Captcha Code ************************ | \*------------------------------------------------------------*/ // Start the session, to send the code used to other pages session_start(); // Reset the variables $code = ""; // Split the availiable character range into separate characters $chars = preg_split('//', $chars, -1, PREG_SPLIT_NO_EMPTY); // Choose $length number of random characters from the array $keys = array_rand($chars, $length); // Add each of the chosen characters to the $code array $codearr = array(); foreach($keys as $key => $value) { $value = $chars[$value]; array_push($codearr, $value); $code .= $value; } // Create the image // Begin to make the image using GD header ("Content-type: image/png"); $img = imagecreatetruecolor($imagewidth, $imageheight); // Define the colours $white = imagecolorallocate($img, 255, 255, 255); $colour = explode(",", $textcolour); $colour = imagecolorallocate($img, $colour[0], $colour[1], $colour[2]); $noise = explode(",", $noisecolour); $noise = imagecolorallocate($img, $noise[0], $noise[1], $noise[2]); // Add the data imagefill($img, 0, 0, $white); // Add the noise while($noisecount < $noisetotal) { $randomx = rand(0, imagesx($img)); $randomy = rand(0, imagesy($img)); imagesetpixel($img, $randomx, $randomy, $noise); $noisecount++; } // Calculate the angle to be used $angle = rand(-5, 5); if($angle < 0) { $y = $imageheight - 10; } else { $y = $imageheight; } imagettftext($img, $fontsize, $angle, 0, $y, $colour, $fontfile, $code); // Output the image imagepng($img); imagedestroy($img); // Send the session variable to the next page accessed to check if the code was correct $_SESSION['code'] = $code; ?> I hope you find that useful, Chigley Link to comment https://forums.phpfreaks.com/topic/51187-solved-mail-form/#findComment-252032 Share on other sites More sharing options...
AV1611 Posted May 13, 2007 Author Share Posted May 13, 2007 So the graphic thingy is my only real choice then? :-\ (Thanks for the code...) Link to comment https://forums.phpfreaks.com/topic/51187-solved-mail-form/#findComment-252037 Share on other sites More sharing options...
chigley Posted May 13, 2007 Share Posted May 13, 2007 Yeah unless you want to have a list of emails that are not allowed, I'd go with the image though if it was me. Link to comment https://forums.phpfreaks.com/topic/51187-solved-mail-form/#findComment-252041 Share on other sites More sharing options...
AV1611 Posted May 14, 2007 Author Share Posted May 14, 2007 the script image.php above gives me this: dunno what to do... The image “http://xxx.com/image.php” cannot be displayed, because it contains errors. I have made no changes to it... Link to comment https://forums.phpfreaks.com/topic/51187-solved-mail-form/#findComment-253028 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.