site wide contact form
I am using a contact form that was initially on just a couple of pages on example. Now we need to have it on all pages.
The form is set up to only accept from whatever pages you define (which would be tedious and would have to include variables such as example.com and www.example.com)
Is there a way to define excepting submission from all pages in the site and an alias as well? Hope this make sense. don't know code to well. Thanks in advance for help!
$replyemail="example@imieducation.com"; //change to your email address
$valid_ref1="http://www.example.com/index.htm"; //change to your domain name
$valid_ref2="http://www.example.com/index.html"; //change to your domain name
$valid_ref3="http://www.examp开发者_如何学Pythonle.com/"; //change to your domain name
$valid_ref4="http://example.com/";
$valid_ref5="http://myaliassite.com/";
$valid_ref6="http://www.myaliassite.com/";
$valid_ref7="http://myaliassite.com/index.html";
// -------- No changes required below here -------------------------------------------------------------
// email variable not set - load $valid_ref1 page
if (!isset($_POST['email']))
{
echo "";
exit;
}
$ref_page=$_SERVER["HTTP_REFERER"];
$valid_referrer=0;
if($ref_page==$valid_ref1) $valid_referrer=1;
elseif($ref_page==$valid_ref2) $valid_referrer=1;
elseif($ref_page==$valid_ref3) $valid_referrer=1;
elseif($ref_page==$valid_ref4) $valid_referrer=1;
elseif($ref_page==$valid_ref5) $valid_referrer=1;
elseif($ref_page==$valid_ref6) $valid_referrer=1;
elseif($ref_page==$valid_ref7) $valid_referrer=1;
if((!$valid_referrer) OR ($_POST["block_spam_bots"]!=12))//if change this change it in the contact form too
{
echo 'ERROR - not sent. Click here to go back';
echo 'Referrer: ' . $ref_page;
exit;
}
I am guessing that you are trying to protect your form from spammer, however HTTP_REFERER is set by the users browser and can be faked. The forum should be protected from spam by a fixed to address so they can only send spam to you. If you still want to do it you can use a preg_replace to remove http and www and then check if it has your root domain in it.
加载中,请稍侯......
精彩评论