Thread: Getting Spam from my mailform again!
View Single Post
  #1 (permalink)  
Old 06-06-09, 02:26 PM
bally123 bally123 is offline
Newbie Coder
  
Join Date: Jul 2006
Posts: 63
Thanks: 0
Thanked 0 Times in 0 Posts
Hazard Getting Spam from my mailform again!
I thought I had the perfect PHP mailform script but for some reason these damn bots are still bypassing the validation in my html by just linking straight to the php file I think

Can i insert some code so the mailform.php check the information is only being submitted from my site?

Here is my code

PHP Code:

<?php

////////////////////////////////////////////////////////////////

// PERFECT                                                    //

// -------                                                    //

// PHP E-mail Receive Form Electronic Content Text            //

// File: feedback.php                                         //

// Version: 1.8 (April 21, 2008)                              //

// Description: Processes a web form to read the user input   //

//    and then send the data to a predefined recipient.  You  //

//    are free to use and modify this script as you like.     //

// Instructions:  Go to "http://www.centerkey.com/php".       //

// License: Public Domain Software                            //

//                                                            //

// Center Key Software  *  www.centerkey.com  *  Dem Pilafian //

////////////////////////////////////////////////////////////////



// Configuration Settings

$SendFrom =    "$fname <$femail>";

$SendTo =      "info@domains.com";

$SubjectLine "$subject";

$ThanksURL =   "thanks.html";  //confirmation page



// Build Message Body from Web Form Input 

$MsgBody=<<<END

{$_POST['fname']} has made an enquiry about{$_POST['subject']}\n\n{$_POST['fmess']}\n\nTheir contact details are:  

{$_POST['fname']}\n{$_POST['fadd1']}\n{$_POST['fadd2']}\n{$_POST['fcity']}\n{$_POST['fpost']}\n\n{$_POST['fnumber']}\n{$_POST['femail']}

END;

$MsgBody htmlspecialchars($MsgBodyENT_NOQUOTES);  //make safe 



// Send E-Mail and Direct Browser to Confirmation Page

      if (count($_POST) > 0)

      $Spam count($_POST) == || stristr($MsgBody"cc: ") ||

          stristr($MsgBody"href=") || stristr($MsgBody"[url") || stristr($MsgBody"http://");

      if (!$Spam)

          mail($SendTo$SubjectLine$MsgBody"From: $SendFrom"); 

header("Location: $ThanksURL");

?>
Reply With Quote