Discussion: Problem with a contact me php form. Anyone look please?
Afficher un message
Vieux 26/03/2008, 01h14   #1
Mike Barnard
Aucun Avatar
 
Messages: n/a
Hébergeur:
Par défaut Problem with a contact me php form. Anyone look please?
Hi.


I know next to nothing about PHP, and to be honest I don't need to
learn it. I just need a simple form to work. Can anyone look at it
for me?

I have downloaded a freebie php script for a spam free email contact
form. This is where it came from...

http://www.stevedawson.com/article0015.php

I have butchered it slightly, but not the basic code, just the excess
table stuff. The problem is that a valid email address I entered as a
test returns as invalid. Can anyone tell me if the script is any good
and worth persevering with or is there better somewhere? I don't mind
the inbox filling up with tests if you should so fancy!

You will find my version at www.thermachek.com/ on the contact link.
Ah, just thought. You won't see the code as it will be processed
first. I'll paste it at the end.

OK, here I go again, off to the land of nod. 14 past 11 at night.

Thanks all. G'night.












<?php
if (isset($_POST["op"]) && ($_POST["op"]=="send")) {

/* ******* START OF CONFIG SECTION ****** */




$sendto = "info [alpha tango] thermachek (delta oscar tango) com";

// I messed up this address just for usenet. It's not like this on my
// site.




$subject = "Email from Thermachek website";

// Select if you want to check form for standard spam text

$SpamCheck = "Y"; // Y or N

$SpamReplaceText = "*content removed*";

// Error message printed if spam form attack found

$SpamErrorMessage = "<p align=\"center\"><font color=\"red\">Malicious
code content detected.

</font><br><b>Your IP Number of <b>".getenv("REMOTE_ADDR")."</b> has
been logged.</b></p>";

/* ******* END OF CONFIG SECTION ****** */
$name = $HTTP_POST_VARS['name'];
$email = $HTTP_POST_VARS['email'];
$message = $HTTP_POST_VARS['message'];
$headers = "From: $email\n";
$headers . "MIME-Version: 1.0\n"
. "Content-Transfer-Encoding: 7bit\n"
. "Content-type: text/html; charset =
\"iso-8859-1\";\n\n";
if ($SpamCheck == "Y") {
// Check for Website URL's in the form input boxes as if we block
website URLs from the form,
// then this will stop the spammers wastignt ime sending emails
if (preg_match("/http/i", "$name")) {echo "$SpamErrorMessage";
exit();}
if (preg_match("/http/i", "$email")) {echo "$SpamErrorMessage";
exit();}
if (preg_match("/http/i", "$message")) {echo "$SpamErrorMessage";
exit();}

// Patterm match search to strip out the invalid charcaters, this
prevents the mail injection spammer
$pattern = '/(;|\||`|>|<|&|^|"|'."\n|\r|'".'|{|}|[|]|\)|\()/i'; //
build the pattern match string

$name = preg_replace($pattern, "", $name);
$email = preg_replace($pattern, "", $email);
$message = preg_replace($pattern, "", $message);

// Check for the injected headers from the spammer attempt
// This will replace the injection attempt text with the string you
have set in the above config section
$find = array("/bcc\:/i","/Content\-Type\:/i","/cc\:/i","/to\:/i");
$email = preg_replace($find, "$SpamReplaceText", $email);
$name = preg_replace($find, "$SpamReplaceText", $name);
$message = preg_replace($find, "$SpamReplaceText", $message);

// Check to see if the fields contain any content we want to ban
if(stristr($name, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}
if(stristr($message, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}

// Do a check on the send email and subject text
if(stristr($sendto, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}
if(stristr($subject, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}
}
// Build the email body text
$emailcontent = "
-----------------------------------------------------------------------------
Email from Thermachek website
-----------------------------------------------------------------------------
Name: $name
Email: $email
Message: $message

_______________________________________
End of Email
";
// Check the email address enmtered matches the standard email address
format
if (!eregi("^[A-Z0-9_%-]+@[A-Z0-9_%-]+\.a[A-Z]{2,6}$", $email)) {
echo "<p>It appears you entered an invalid email address</p><p><a
href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

elseif (!trim($name)) {
echo "<p>Please go back and enter a Name</p><p><a href='javascript:
history.go(-1)'>Click here to go back</a>.</p>";
}


elseif (!trim($message)) {
echo "<p>Please go back and type a Message</p><p><a
href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

elseif (!trim($email)) {
echo "<p>Please go back and enter an Email</p><p><a
href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

// Sends out the email or will output the error message
elseif (mail($sendto, $subject, $emailcontent, $headers)) {
echo "<br><br><p><b>Thank You $name</b></p><p>We will be in touch as
soon as possible.</p>";
}
}
else {
?>


<form method="post"><INPUT NAME="op" TYPE="hidden" VALUE="send">
<div> <!-- Block container for the input elements -->

<table>
<tr>
<td><p>Name:</p></td>
<td>
<input name="name" type="text" size="30" maxlength="150">
</td>
</tr>
<tr>
<td><p>E-mail:</p></td>
<td>
<input name="email" type="text" size="30" maxlength="150">
</td>
</tr>

<tr>
<td valign="top"><p>Message:</p></td>
<td><textarea name="message" cols="50"
rows="20"></textarea></td>
</tr>
<tr><td></td> <td><input name="submit" type="submit" value="Send
Message"></td></tr>
</table>

</div>
</form>
<?php } ?>
  Réponse avec citation
 
Page generated in 0,09254 seconds with 9 queries