douchunsui2395 2013-03-02 23:12
浏览 62
已采纳

PHP表单邮件使用隐形表单字段来过滤机器人

I read this post: What is a good invisible captcha? about using a hidden field in a web form to stop basic bots from pelting your website with spam mail via your web sites form mail. I'm currently using a php script to process my form mail. I built the script by following a 'bullet proff web form' tutorial I found. It looks like this:

<?php
// Pick up the form data and assign it to variables
$name = $_POST['name'];
$email = $_POST['email'];
$topic = $_POST['topic'];
$comments = $_POST['comments'];

// Build the email (replace the address in the $to section with your own)
$to = 'hello@cipherbunny.com';
$subject = "New message: $topic";
$message = "$name said: $comments";
$headers = "From: $email";

// Data cleaning function
  function clean_data($string) {
  if (get_magic_quotes_gpc()) {
  $string = stripslashes($string);
  }
  $string = strip_tags($string);
  return mysql_real_escape_string($string);
}

// Mail header removal
function remove_headers($string) { 
  $headers = array(
    "/to\:/i",
    "/from\:/i",
    "/bcc\:/i",
    "/cc\:/i",
    "/Content\-Transfer\-Encoding\:/i",
    "/Content\-Type\:/i",
    "/Mime\-Version\:/i" 
  ); 
  $string = preg_replace($headers, '', $string);
  return strip_tags($string);
} 

// Pick up the cleaned form data
$name = remove_headers($_POST['name']);
$email = remove_headers($_POST['email']);
$topic = remove_headers($_POST['topic']);
$comments = remove_headers($_POST['comments']);

// Send the mail using PHPs mail() function
mail($to, $subject, $message, $headers);

// Redirect
header("Location: http://foobar/success.html");

I'd like to modify this script so that if a hidden field with the identifier 'other_email' was filled in then the form email wouldn't get sent. I'm guess it's as straight forward as wrapping the above code in an if statement to check if the field is complete. I've tried adding this under the "//Pick up the form data and assign it to variables" code: 

$testBot = $_POST['other_email'];

then writing:

if(other_email == "") //If other_email form section is blank then... 
{
    run all the code above inserted here;
}
else
{
 Don't know what I should put here to stop it posting, yet still show the success form so 
 the spam bot don't know 

}

any help much appreciated. I have to say I don't really have a lot of php knowledge, I'm just starting to learn about it and thought form mail would be a good start.

How do I make this work in PhP?

  • 写回答

2条回答 默认 最新

  • douzangdang2225 2013-03-02 23:16
    关注
    if(other_email == "") //If other_email form section is blank then... 
{
    run all the code above inserted here;
}
else
{
 header("Location: http://foobar/success.html");

}

    keeping it very simple, it will work for you..

    actually, it will

    • not submit / mail you anything...so NO SPAM
    • a simple bot will take it as it did it...

    if you can use php on success page, then set a session variable (to make bot think it did its job, something like email_sent=true or success=true) and use that variable in success page, you will do it in else case where bot submitted the form..

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥20 测距传感器数据手册i2c
  • ¥15 RPA正常跑,cmd输入cookies跑不出来
  • ¥15 求帮我调试一下freefem代码
  • ¥15 matlab代码解决,怎么运行
  • ¥15 R语言Rstudio突然无法启动
  • ¥15 关于#matlab#的问题:提取2个图像的变量作为另外一个图像像元的移动量,计算新的位置创建新的图像并提取第二个图像的变量到新的图像
  • ¥15 改算法,照着压缩包里边,参考其他代码封装的格式 写到main函数里
  • ¥15 用windows做服务的同志有吗
  • ¥60 求一个简单的网页(标签-安全|关键词-上传)
  • ¥35 lstm时间序列共享单车预测,loss值优化,参数优化算法