开发者

PHPMailer Form Help

开发者 https://www.devze.com 2023-02-13 00:14 出处:网络
Is there any better way to stop spam coming through on my phpmailer script? Also how would I go about adding formatting to this so its more readable when it gets sent through to email e.g. break lin

Is there any better way to stop spam coming through on my phpmailer script?

Also how would I go about adding formatting to this so its more readable when it gets sent through to email e.g. break lines

I hope my php syntax is correct - as i do not understand PHP.

<?php
        # bool has_injection (String $var, [String $var, ...])
        function has_injection () {
            $values = func_get_args();
            for ($i=0, $count=func_num_args(); $i<$count; $i++) {
                if ( stristr($values[$i], "%0A") || stristr($values[$i], "%0D") || stristr($values[$i], "\\r") || stristr($values[$i], "\\n") 
                    || stristr($values[$i], "Bcc") || stristr($values[$i], "Content-Type") ) {
                    return true;
                }
            }
            return false;
        }

        $error = '';
        if (isset($_POST) && count($_POST)>0) {
            # The form has been submitted
                $course_title = $_POST['course_title'];
                $course_date = $_POST['course_date'];
                $course_code = $_POST['course_code'];
                $course_fee = $_POST['course_fee'];
                $break .= "\n";
                $qual_subject_level = $_POST['qual_subject_level'];
                $break .= "\n";
                $email = $_POST['email'];

            if ($name && $email && $subject) {
                if (has_inj开发者_StackOverflow中文版ection($name, $email, $subject)) {
                    # You've got another spammer at work here
                    $error = 'No spamming';
                    exit(0);
                }
                else {
                    # It's safe to send the message
                    mail('my@gmail.com', 
                    $subject,
                    $course_title, 
                    $course_code, 
                    $course_fee,
                    $break,
                    $qual_subject_level,
                    $break,
                    $subject,
                    "From: $name <$email>");
                }
            }
            else {
                $error = 'Please fill in all the forms';
            }
        }


    ?>


One i use is have a text area and use your .css file to display:none it most bots dont read the css and thus think that the text box is shown and if it has content in it it's a bot if it does not then send your email.

E.G CSS .antiBot{display:none};

HTML <input type="text" class="antiBot" name="antibot" value="" />

PHP

<?php
if($_REQUEST['antibot'] == ""){
  // send your email
}else{
  // bot using your system
}
?>

How ever change the name or bot will get be able to notice its a trap and will get around it with little work insted of having to parse the CSS file for your site

So in your case just rap the if above around your code as for formatting of an email if its plain text use dubble quotes and \n (newline) but it wont work in single quotes.

0

精彩评论

暂无评论...
验证码 换一张
取 消