douchunsui2395 2013-03-02 23:12
浏览 62
已采纳

PHP表单邮件使用隐形表单字段来过滤机器人

I read this post: What is a good invisible captcha? about using a hidden field in a web form to stop basic bots from pelting your website with spam mail via your web sites form mail. I'm currently using a php script to process my form mail. I built the script by following a 'bullet proff web form' tutorial I found. It looks like this:

<?php
// Pick up the form data and assign it to variables
$name = $_POST['name'];
$email = $_POST['email'];
$topic = $_POST['topic'];
$comments = $_POST['comments'];

// Build the email (replace the address in the $to section with your own)
$to = 'hello@cipherbunny.com';
$subject = "New message: $topic";
$message = "$name said: $comments";
$headers = "From: $email";

// Data cleaning function
  function clean_data($string) {
  if (get_magic_quotes_gpc()) {
  $string = stripslashes($string);
  }
  $string = strip_tags($string);
  return mysql_real_escape_string($string);
}

// Mail header removal
function remove_headers($string) { 
  $headers = array(
    "/to\:/i",
    "/from\:/i",
    "/bcc\:/i",
    "/cc\:/i",
    "/Content\-Transfer\-Encoding\:/i",
    "/Content\-Type\:/i",
    "/Mime\-Version\:/i" 
  ); 
  $string = preg_replace($headers, '', $string);
  return strip_tags($string);
} 

// Pick up the cleaned form data
$name = remove_headers($_POST['name']);
$email = remove_headers($_POST['email']);
$topic = remove_headers($_POST['topic']);
$comments = remove_headers($_POST['comments']);

// Send the mail using PHPs mail() function
mail($to, $subject, $message, $headers);

// Redirect
header("Location: http://foobar/success.html");

I'd like to modify this script so that if a hidden field with the identifier 'other_email' was filled in then the form email wouldn't get sent. I'm guess it's as straight forward as wrapping the above code in an if statement to check if the field is complete. I've tried adding this under the "//Pick up the form data and assign it to variables" code: 

$testBot = $_POST['other_email'];

then writing:

if(other_email == "") //If other_email form section is blank then... 
{
    run all the code above inserted here;
}
else
{
 Don't know what I should put here to stop it posting, yet still show the success form so 
 the spam bot don't know 

}

any help much appreciated. I have to say I don't really have a lot of php knowledge, I'm just starting to learn about it and thought form mail would be a good start.

How do I make this work in PhP?

  • 写回答

2条回答 默认 最新

  • douzangdang2225 2013-03-02 23:16
    关注
    if(other_email == "") //If other_email form section is blank then... 
{
    run all the code above inserted here;
}
else
{
 header("Location: http://foobar/success.html");

}

    keeping it very simple, it will work for you..

    actually, it will

    • not submit / mail you anything...so NO SPAM
    • a simple bot will take it as it did it...

    if you can use php on success page, then set a session variable (to make bot think it did its job, something like email_sent=true or success=true) and use that variable in success page, you will do it in else case where bot submitted the form..

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 请教:如何用postman调用本地虚拟机区块链接上的合约?
  • ¥15 为什么使用javacv转封装rtsp为rtmp时出现如下问题:[h264 @ 000000004faf7500]no frame?
  • ¥15 乘性高斯噪声在深度学习网络中的应用
  • ¥15 运筹学排序问题中的在线排序
  • ¥15 关于docker部署flink集成hadoop的yarn,请教个问题 flink启动yarn-session.sh连不上hadoop,这个整了好几天一直不行,求帮忙看一下怎么解决
  • ¥15 深度学习根据CNN网络模型,搭建BP模型并训练MNIST数据集
  • ¥15 C++ 头文件/宏冲突问题解决
  • ¥15 用comsol模拟大气湍流通过底部加热(温度不同)的腔体
  • ¥50 安卓adb backup备份子用户应用数据失败
  • ¥20 有人能用聚类分析帮我分析一下文本内容嘛