Thread: SPAM Attack!
View Single Post
  #7 (permalink)  
Old 07-16-2008, 04:40 PM
danners02 danners02 is offline
WebProWorld Member
  
Join Date: Nov 2005
Posts: 95
danners02 RepRank 0
Default Re: SPAM Attack!
another option is to include a blank form input field named "url" or "website" - either make it a hidden form field or hide the input using CSS. his hides it from human visitors.
If the input has any content on submission then you know it is an automated submission and delete automatically.
I have found this works really well.
below is the code - it will return any form fileds you add to your form - just keep 'Name' and 'Email' fields plus the hidden 'website' field.


FORM:

<form action="formail.php" method="post">
<label>Your Name</label> <input type="text" name="Name" size="12"/><br/>
<label>Telephone</label> <input type="text" name="Company" size="12"/><br/>
<label>Your Email</label> <input type="text" name="Email" size="12"/><br/>
<label>Message</label> <textarea name="Message" rows="4" cols="40"></textarea><br/>
<span style="display:none">Website <input type="text" name="website" size="34"></span>
<input type="submit" name="" value="Send Enquiry"/>
</form>


FORMAIL.PHP

<?php

if($_POST["website"] != ""){
// spam bot
exit;
}else{
// human
// continue as normal...

// Configuration Settings
$SendFrom = $_POST['Name'] . "<" . $_POST['Email'] . ">";
$SendTo = "Your Name <yourname@yourdomain.com>";
$SubjectLine = "Enquiry from Website";
$Divider = "------------------------------";

// Build Message Body from Web Form Input
$MsgBody = @gethostbyaddr($REMOTE_ADDR) . "\n$Divider\n";
foreach ($_POST as $Field=>$Value) {
if($Field != "website" && strlen($Value) > 0) {
$MsgBody .= "$Field: $Value\n";
}
}
$MsgBody .= $Divider . "\n" . $HTTP_USER_AGENT . "\n";
$MsgBody = htmlspecialchars($MsgBody); //make content safe

// Send E-Mail to admin
mail ($SendTo, $SubjectLine, $MsgBody, "From: " . $SendFrom);
// delete the initial double slash below to send to another admin recipient, replacing email address
// mail ("admincc@domain.com", $SubjectLine, $MsgBody, "From: " . $SendFrom);

$User_Name = $_POST['Name'];

// Send Autoresponse
mail ($SendFrom, $SubjectLine, "Dear $User_Name

[text for autoresponder]

",

"From: " . $SendTo);

}

?>


<html>
<body>
</body>
</html>
Reply With Quote