X74SY

Hello, I installed a php form script in my site a (contact form) It works but I get easily spammed because my visitors can submit the form without typing anything at all! can anyone here please edit the php code to not process the form if all the fields (username/email/subject) hasn't been filled yet? Here's the script: process.php [code]<?php include "config.php"; $ip=$_SERVER['REMOTE_ADDR']; $day=date(d); $month=date(m); $year=date(Y); $hour=date(H); $minute=date(i); $date="".$month."-".$day."-".$year.", ".$hour.":".$minute.""; $query="INSERT INTO logged_ips_contact_form (ip_id, ip, date) VALUES ('','$ip','$date')"; //Replace logged_ips_table with the name of the table where you installed IP Logger mysql_query($query); include("global.inc.php"); $errors=0; $error="The following errors occured while processing your form input.<ul>"; pt_register('POST','Subject'); pt_register('POST','Username'); pt_register('POST','EmailAddress'); pt_register('POST','Message'); $Message=preg_replace("/(\015\012)|(\015)|(\012)/","&nbsp;<br />", $Message);if($errors==1) echo $error; else{ $where_form_is="http".($HTTP_SERVER_VARS["HTTPS"]=="on"?"s":"")."://".$SERVER_NAME.strrev(strstr(strrev($PHP_SELF),"/")); $message="Subject: ".$Subject." Username: ".$Username." Email Address: ".$EmailAddress." Message: ".$Message." "; $message = stripslashes($message); mail("EDITMYEMAIL@MYSITE.COM","Support Form",$message,"Support Page"); header("Refresh: 0;url=http://EDITMYSITE.COM"); ?><?php } ?>[/code] global.inc.php [code]<?php function pt_register() {   $num_args = func_num_args();   $vars = array();   if ($num_args >= 2) {       $method = strtoupper(func_get_arg(0));       if (($method != 'SESSION') && ($method != 'GET') && ($method != 'POST') && ($method != 'SERVER') && ($method != 'COOKIE') && ($method != 'ENV')) {           die('The first argument of pt_register must be one of the following: GET, POST, SESSION, SERVER, COOKIE, or ENV');     }       $varname = "HTTP_{$method}_VARS";       global ${$varname};       for ($i = 1; $i < $num_args; $i++) {           $parameter = func_get_arg($i);           if (isset(${$varname}[$parameter])) {               global $$parameter;               $$parameter = ${$varname}[$parameter];           }       }   } else {       die('You must specify at least two arguments');   } } ?> [/code] Sorry, I'm a php newbie :( Any help would be very much appreciated, Thank you!

Help/Suggestions Please!?  :(

[quote author=tomfmason link=topic=104846.msg418773#msg418773 date=1156046168] I wouldn't try to do this just by recording the users ip because if they have a dynamic ip it will change perodicaly. [/quote] I know that, I only suspend the account if it's being logged in by 3 different IP ranges.  :( [quote author=tomfmason link=topic=104846.msg418773#msg418773 date=1156046168]Ok are you saying that people are sharing there login identy? You can possibley prevent this with using cookies, sessions and recording their ip.[/quote] Do you know a free php script that can do that? and/or can you help me make one?  ;D

[quote author=litebearer link=topic=104846.msg418621#msg418621 date=1156016817] Simply create a table in which, at login, you store the following; -------------------- $username (which you obviously have at this point in time) $their_ip (which you derive thus:  $their_ip = $_SERVER["REMOTE_ADDR"];) $when_here (the timestamp for this visit:  $when_here = time();) -------------------- you could also get the browser type and version to store. Then periodically, run a short script to output the user_visits data [/quote] May I ask, where can I learn how to make my own custom username/IP tracking mechanism? and/or can you please (If possible) kindly help me make one? It doesn't need to be advance with a CP and all that, I just need a script that will log the IP and the username that was used to login to my private/members page, so that I could easily know who has been sharing there logins. (I'm losing a lot of bandwidth lol) Any help would be very much appreciated, Thanks! :D

[quote author=Daniel0 link=topic=104846.msg418453#msg418453 date=1155983876] If it's just Apache's directory view, then I don't think you can. You could read the log file though. [/quote] Yeah, but our logs gets rotated like every 6 hours... so It's very difficult to keep track on who has been sharing there logins  :-[

Hello, Is there a FREE php script that I can get that will logs the (Name/IP/# of Logins/Last Logins/vistied/hits page etc.) of the users of my password protected directories? or any other (PHP/MySQL based) script that can help me know who has been sharing there logins to my password protected directories? Any help would be very much appreciated, Thanks!