开发者

PHPMailer Form Help

问答 作者:

Is there any better way to stop spam coming through on my phpmailer script?

Also how would I go about adding formatting to this so its more readable when it gets sent through to email e.g. break lines

I hope my php syntax is correct - as i do not understand PHP.

<?php
        # bool has_injection (String $var, [String $var, ...])
        function has_injection () {
            $values = func_get_args();
            for ($i=0, $count=func_num_args(); $i<$count; $i++) {
                if ( stristr($values[$i], "%0A") || stristr($values[$i], "%0D") || stristr($values[$i], "\\r") || stristr($values[$i], "\\n") 
                    || stristr($values[$i], "Bcc") || stristr($values[$i], "Content-Type") ) {
                    return true;
                }
            }
            return false;
        }

        $error = '';
        if (isset($_POST) && count($_POST)>0) {
            # The form has been submitted
                $course_title = $_POST['course_title'];
                $course_date = $_POST['course_date'];
                $course_code = $_POST['course_code'];
                $course_fee = $_POST['course_fee'];
                $break .= "\n";
                $qual_subject_level = $_POST['qual_subject_level'];
                $break .= "\n";
                $email = $_POST['email'];

            if ($name && $email && $subject) {
                if (has_inj开发者_StackOverflow中文版ection($name, $email, $subject)) {
                    # You've got another spammer at work here
                    $error = 'No spamming';
                    exit(0);
                }
                else {
                    # It's safe to send the message
                    mail('my@gmail.com', 
                    $subject,
                    $course_title, 
                    $course_code, 
                    $course_fee,
                    $break,
                    $qual_subject_level,
                    $break,
                    $subject,
                    "From: $name <$email>");
                }
            }
            else {
                $error = 'Please fill in all the forms';
            }
        }


    ?>

One i use is have a text area and use your .css file to display:none it most bots dont read the css and thus think that the text box is shown and if it has content in it it's a bot if it does not then send your email.

E.G CSS .antiBot{display:none};

HTML <input type="text" class="antiBot" name="antibot" value="" />

PHP

<?php
if($_REQUEST['antibot'] == ""){
  // send your email
}else{
  // bot using your system
}
?>

How ever change the name or bot will get be able to notice its a trap and will get around it with little work insted of having to parse the CSS file for your site

So in your case just rap the if above around your code as for formatting of an email if its plain text use dubble quotes and \n (newline) but it wont work in single quotes.

继续阅读:formattingformsphpphpmailerspam-prevention

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9