Hi.


I know next to nothing about PHP, and to be honest I don't need to
learn it. I just need a simple form to work. Can anyone look at it
for me?

I have downloaded a freebie php script for a spam free email contact
form. This is where it came from...

http://www.stevedawson.com/article0015.php

I have butchered it slightly, but not the basic code, just the excess
table stuff. The problem is that a valid email address I entered as a
test returns as invalid. Can anyone tell me if the script is any good
and worth persevering with or is there better somewhere? I don't mind
the inbox filling up with tests if you should so fancy!

You will find my version at www.thermachek.com/ on the contact link.
Ah, just thought. You won't see the code as it will be processed
first. I'll paste it at the end.

OK, here I go again, off to the land of nod. 14 past 11 at night.

Thanks all. G'night.












<?php
if (isset($_POST["op"]) && ($_POST["op"]=="send")) {

/* ******* START OF CONFIG SECTION ****** */




$sendto = "info [alpha tango] thermachek (delta oscar tango) com";

// I messed up this address just for usenet. It's not like this on my
// site.




$subject = "Email from Thermachek website";

// Select if you want to check form for standard spam text

$SpamCheck = "Y"; // Y or N

$SpamReplaceText = "*content removed*";

// Error message printed if spam form attack found

$SpamErrorMessage = "<p align=\"center\"><font color=\"red\">Malicious
code content detected.

</font><br><b>Your IP Number of <b>".getenv("REMOTE_ADDR")."</b> has
been logged.</b></p>";

/* ******* END OF CONFIG SECTION ****** */
$name = $HTTP_POST_VARS['name'];
$email = $HTTP_POST_VARS['email'];
$message = $HTTP_POST_VARS['message'];
$headers = "From: $email\n";
$headers . "MIME-Version: 1.0\n"
. "Content-Transfer-Encoding: 7bit\n"
. "Content-type: text/html; charset =
\"iso-8859-1\";\n\n";
if ($SpamCheck == "Y") {
// Check for Website URL's in the form input boxes as if we block
website URLs from the form,
// then this will stop the spammers wastignt ime sending emails
if (preg_match("/http/i", "$name")) {echo "$SpamErrorMessage";
exit();}
if (preg_match("/http/i", "$email")) {echo "$SpamErrorMessage";
exit();}
if (preg_match("/http/i", "$message")) {echo "$SpamErrorMessage";
exit();}

// Patterm match search to strip out the invalid charcaters, this
prevents the mail injection spammer
$pattern = '/(;|\||`|>|<|&|^|"|'."\n|\r|'".'|{|}|[|]|\)|\()/i'; //
build the pattern match string

$name = preg_replace($pattern, "", $name);
$email = preg_replace($pattern, "", $email);
$message = preg_replace($pattern, "", $message);

// Check for the injected headers from the spammer attempt
// This will replace the injection attempt text with the string you
have set in the above config section
$find = array("/bcc\:/i","/Content\-Type\:/i","/cc\:/i","/to\:/i");
$email = preg_replace($find, "$SpamReplaceText", $email);
$name = preg_replace($find, "$SpamReplaceText", $name);
$message = preg_replace($find, "$SpamReplaceText", $message);

// Check to see if the fields contain any content we want to ban
if(stristr($name, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}
if(stristr($message, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}

// Do a check on the send email and subject text
if(stristr($sendto, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}
if(stristr($subject, $SpamReplaceText) !== FALSE) {echo
"$SpamErrorMessage"; exit();}
}
// Build the email body text
$emailcontent = "
-----------------------------------------------------------------------------
Email from Thermachek website
-----------------------------------------------------------------------------
Name: $name
Email: $email
Message: $message

_______________________________________
End of Email
";
// Check the email address enmtered matches the standard email address
format
if (!eregi("^[A-Z0-9_%-]+@[A-Z0-9_%-]+\.a[A-Z]{2,6}$", $email)) {
echo "<p>It appears you entered an invalid email address</p><p><a
href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

elseif (!trim($name)) {
echo "<p>Please go back and enter a Name</p><p><a href='javascript:
history.go(-1)'>Click here to go back</a>.</p>";
}


elseif (!trim($message)) {
echo "<p>Please go back and type a Message</p><p><a
href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

elseif (!trim($email)) {
echo "<p>Please go back and enter an Email</p><p><a
href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
}

// Sends out the email or will output the error message
elseif (mail($sendto, $subject, $emailcontent, $headers)) {
echo "<br><br><p><b>Thank You $name</b></p><p>We will be in touch as
soon as possible.</p>";
}
}
else {
?>


<form method="post"><INPUT NAME="op" TYPE="hidden" VALUE="send">
<div> <!-- Block container for the input elements -->

<table>
<tr>
<td><p>Name:</p></td>
<td>
<input name="name" type="text" size="30" maxlength="150">
</td>
</tr>
<tr>
<td><p>E-mail:</p></td>
<td>
<input name="email" type="text" size="30" maxlength="150">
</td>
</tr>

<tr>
<td valign="top"><p>Message:</p></td>
<td><textarea name="message" cols="50"
rows="20"></textarea></td>
</tr>
<tr><td></td> <td><input name="submit" type="submit" value="Send
Message"></td></tr>
</table>

</div>
</form>
<?php } ?>

Mike Barnard wrote:
> Hi.
>
>
> I know next to nothing about PHP, and to be honest I don't need to
> learn it. I just need a simple form to work. Can anyone look at it
> for me?
>
> I have downloaded a freebie php script for a spam free email contact
> form. This is where it came from...
>
> http://www.stevedawson.com/article0015.php
>
> I have butchered it slightly, but not the basic code, just the excess
> table stuff. The problem is that a valid email address I entered as a
> test returns as invalid. Can anyone tell me if the script is any good
> and worth persevering with or is there better somewhere? I don't mind
> the inbox filling up with tests if you should so fancy!
>
> You will find my version at www.thermachek.com/ on the contact link.
> Ah, just thought. You won't see the code as it will be processed
> first. I'll paste it at the end.
>
> OK, here I go again, off to the land of nod. 14 past 11 at night.
>
> Thanks all. G'night.
>
>
>
>
>
>
>
>
>
>
>
>
> <?php
> if (isset($_POST["op"]) && ($_POST["op"]=="send")) {
>
> /* ******* START OF CONFIG SECTION ****** */
>
>
>
>
> $sendto = "info [alpha tango] thermachek (delta oscar tango) com";
>
> // I messed up this address just for usenet. It's not like this on my
> // site.
>
>
>
>
> $subject = "Email from Thermachek website";
>
> // Select if you want to check form for standard spam text
>
> $SpamCheck = "Y"; // Y or N
>
> $SpamReplaceText = "*content removed*";
>
> // Error message printed if spam form attack found
>
> $SpamErrorMessage = "<p align=\"center\"><font color=\"red\">Malicious
> code content detected.
>
> </font><br><b>Your IP Number of <b>".getenv("REMOTE_ADDR")."</b> has
> been logged.</b></p>";
>
> /* ******* END OF CONFIG SECTION ****** */
> $name = $HTTP_POST_VARS['name'];
> $email = $HTTP_POST_VARS['email'];
> $message = $HTTP_POST_VARS['message'];
> $headers = "From: $email\n";
> $headers . "MIME-Version: 1.0\n"
> . "Content-Transfer-Encoding: 7bit\n"
> . "Content-type: text/html; charset =
> \"iso-8859-1\";\n\n";
> if ($SpamCheck == "Y") {
> // Check for Website URL's in the form input boxes as if we block
> website URLs from the form,
> // then this will stop the spammers wastignt ime sending emails
> if (preg_match("/http/i", "$name")) {echo "$SpamErrorMessage";
> exit();}
> if (preg_match("/http/i", "$email")) {echo "$SpamErrorMessage";
> exit();}
> if (preg_match("/http/i", "$message")) {echo "$SpamErrorMessage";
> exit();}
>
> // Patterm match search to strip out the invalid charcaters, this
> prevents the mail injection spammer
> $pattern = '/(;|\||`|>|<|&|^|"|'."\n|\r|'".'|{|}|[|]|\)|\()/i'; //
> build the pattern match string
>
> $name = preg_replace($pattern, "", $name);
> $email = preg_replace($pattern, "", $email);
> $message = preg_replace($pattern, "", $message);
>
> // Check for the injected headers from the spammer attempt
> // This will replace the injection attempt text with the string you
> have set in the above config section
> $find = array("/bcc\:/i","/Content\-Type\:/i","/cc\:/i","/to\:/i");
> $email = preg_replace($find, "$SpamReplaceText", $email);
> $name = preg_replace($find, "$SpamReplaceText", $name);
> $message = preg_replace($find, "$SpamReplaceText", $message);
>
> // Check to see if the fields contain any content we want to ban
> if(stristr($name, $SpamReplaceText) !== FALSE) {echo
> "$SpamErrorMessage"; exit();}
> if(stristr($message, $SpamReplaceText) !== FALSE) {echo
> "$SpamErrorMessage"; exit();}
>
> // Do a check on the send email and subject text
> if(stristr($sendto, $SpamReplaceText) !== FALSE) {echo
> "$SpamErrorMessage"; exit();}
> if(stristr($subject, $SpamReplaceText) !== FALSE) {echo
> "$SpamErrorMessage"; exit();}
> }
> // Build the email body text
> $emailcontent = "
> -----------------------------------------------------------------------------
> Email from Thermachek website
> -----------------------------------------------------------------------------
> Name: $name
> Email: $email
> Message: $message
>
> _______________________________________
> End of Email
> ";
> // Check the email address enmtered matches the standard email address
> format
> if (!eregi("^[A-Z0-9_%-]+@[A-Z0-9_%-]+\.a[A-Z]{2,6}$", $email)) {
> echo "<p>It appears you entered an invalid email address</p><p><a
> href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
> }
>
> elseif (!trim($name)) {
> echo "<p>Please go back and enter a Name</p><p><a href='javascript:
> history.go(-1)'>Click here to go back</a>.</p>";
> }
>
>
> elseif (!trim($message)) {
> echo "<p>Please go back and type a Message</p><p><a
> href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
> }
>
> elseif (!trim($email)) {
> echo "<p>Please go back and enter an Email</p><p><a
> href='javascript: history.go(-1)'>Click here to go back</a>.</p>";
> }
>
> // Sends out the email or will output the error message
> elseif (mail($sendto, $subject, $emailcontent, $headers)) {
> echo "<br><br><p><b>Thank You $name</b></p><p>We will be in touch as
> soon as possible.</p>";
> }
> }
> else {
> ?>
>
>
> <form method="post"><INPUT NAME="op" TYPE="hidden" VALUE="send">
> <div> <!-- Block container for the input elements -->
>
> <table>
> <tr>
> <td><p>Name:</p></td>
> <td>
> <input name="name" type="text" size="30" maxlength="150">
> </td>
> </tr>
> <tr>
> <td><p>E-mail:</p></td>
> <td>
> <input name="email" type="text" size="30" maxlength="150">
> </td>
> </tr>
>
> <tr>
> <td valign="top"><p>Message:</p></td>
> <td><textarea name="message" cols="50"
> rows="20"></textarea></td>
> </tr>
> <tr><td></td> <td><input name="submit" type="submit" value="Send
> Message"></td></tr>
> </table>
>
> </div>
> </form>
> <?php } ?>
>
>
>
>

If you don't need to learn php, hire a consultant to fix it for you.

This is a group to PHP programmers, not give you free consulting
services.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

On Tue, 25 Mar 2008 20:04:19 -0500, Jerry Stuckle
<jstucklex@attglobal.net> wrote:

>Mike Barnard wrote:
>> Hi.
>
>If you don't need to learn php, hire a consultant to fix it for you.
>
>This is a group to PHP programmers, not give you free consulting
>services.

Ooooooooooo. Who got out of bed the wrong side this morning then? Not
getting enough? Work, I mean.

Mike Barnard wrote:
> On Tue, 25 Mar 2008 20:04:19 -0500, Jerry Stuckle
> <jstucklex@attglobal.net> wrote:
>
>> Mike Barnard wrote:
>>> Hi.
>> If you don't need to learn php, hire a consultant to fix it for you.
>>
>> This is a group to PHP programmers, not give you free consulting
>> services.
>
> Ooooooooooo. Who got out of bed the wrong side this morning then? Not
> getting enough? Work, I mean.
>
>

Nope, got more work than I can handle. But this newsgroup is not to
provide you with free consulting. If you don't want to learn PHP, find
your sucker somewhere else.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

On Wed, 26 Mar 2008 07:11:21 -0500, Jerry Stuckle
<jstucklex@attglobal.net> wrote:

>Mike Barnard wrote:
>> On Tue, 25 Mar 2008 20:04:19 -0500, Jerry Stuckle
>> <jstucklex@attglobal.net> wrote:
>>
>>> Mike Barnard wrote:
>>>> Hi.
>>> If you don't need to learn php, hire a consultant to fix it for you.
>>>
>>> This is a group to PHP programmers, not give you free consulting
>>> services.
>>
>> Ooooooooooo. Who got out of bed the wrong side this morning then? Not
>> getting enough? Work, I mean.
>>
>>
>
>Nope, got more work than I can handle. But this newsgroup is not to
>provide you with free consulting. If you don't want to learn PHP, find
>your sucker somewhere else.

The group hasn't got a 'purpose' as such other than discussing php.
(Yes, there will be a charter somewhere, but I am not wasting my time
looking for it.) If someone wants to volunteer to it's
apprecieated. If not, fine, but abusing someone just for asking is
wrong.

Cya.

Mike Barnard wrote:
> On Wed, 26 Mar 2008 07:11:21 -0500, Jerry Stuckle
> <jstucklex@attglobal.net> wrote:
>
>> Mike Barnard wrote:
>>> On Tue, 25 Mar 2008 20:04:19 -0500, Jerry Stuckle
>>> <jstucklex@attglobal.net> wrote:
>>>
>>>> Mike Barnard wrote:
>>>>> Hi.
>>>> If you don't need to learn php, hire a consultant to fix it for you.
>>>>
>>>> This is a group to PHP programmers, not give you free consulting
>>>> services.
>>> Ooooooooooo. Who got out of bed the wrong side this morning then? Not
>>> getting enough? Work, I mean.
>>>
>>>
>> Nope, got more work than I can handle. But this newsgroup is not to
>> provide you with free consulting. If you don't want to learn PHP, find
>> your sucker somewhere else.
>
> The group hasn't got a 'purpose' as such other than discussing php.
> (Yes, there will be a charter somewhere, but I am not wasting my time
> looking for it.) If someone wants to volunteer to it's
> apprecieated. If not, fine, but abusing someone just for asking is
> wrong.
>
> Cya.
>

No abuse. You're the one who said you don't need to learn PHP. Then
you turn around and ask us to fix something for you.

And now you claim you know what the purpose of this newsgroup is, but
you also can't be bothered to go look for the charter.

And with an attitude like that you expect anyone here to be bothered to
do something for you for free?

As I said before: You want it done? Hire a consultant.

But don't ask me. I won't be bothered with the likes of you.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

Jerry Stuckle wrote :
> As I said before: You want it done? Hire a consultant.

Side note: Jerry being the only one responding doesn't mean he's the
only one thinking that way. It only means that Jerry's point is clear
enough for other people thinking the same not to reply with just a +1
(blah blah charter...)

Regards,
--
Guillaume

Guillaume schreef:
> Jerry Stuckle wrote :
>> As I said before: You want it done? Hire a consultant.
>
> Side note: Jerry being the only one responding doesn't mean he's the
> only one thinking that way. It only means that Jerry's point is clear
> enough for other people thinking the same not to reply with just a +1
> (blah blah charter...)
>
> Regards,

Me too.
;-)

Erwin