|
PHP - How To Prevent Bot Or Spam Forms Submissions (empty Submissions)
I have multiple PHP forms set up. Most of them have few fields that if not filled up the form will not be submitted. And one question that if you answer wrong you will not get through either. With this I have eliminated most "hgdgfgdhsj" style forms submissions by spam bots. But every now and then I get ghost or empty form submission. In database I get records (only one at a time) that are fully blank (every now and then). This confuses me. How and why does it happen, and mainly how do I prevent it?
Thanks Similar TutorialsLets say a website is dedicated to two different people (Bob and Richard). The site has a contact page in which people can email the two people. Is it possible to create a form in which someone can enter a message but there are two submission options. So in this example there are two images. One reads "Send Email to Bob" and the other reads "Send Email to Richard". Is it possible to do this or to have two submission methods from one form? How do you turn off a php form after a set number of submissions? My form is not hooked up to a mysql database. Theoretically I think I would need to set something up that increments a number with each successful form submission. Then when the form hits a certain limit number like 300 it shuts off or hides the div that contains the form. Has anyone done something like this before? Any help or even just pointing me in the right direction is greately appreciated! Is it possible to submit two upload input types on a form. Ex. I'm using a basic form input file upload, and would like to use a php_self to upload since its just one small file. But I also need a second set of files up to 10 files to be upload via a flash upload script. how can i set the form action to process itself (the php coding up top) then process the upload.php file? would if work if i just stuck and execute for the upload.php at the bottom of the php coding for the first upload process? The user uploads a csv file then is required to upload the supporting files. the csv gets inserted to the db and all the files to the temp folder. the upload.php script processes each file separately so sticking the upload process for the csv in the upload.php file would make it import multiple times everytimes till all the supporting files have been uploaded. i'm trying to avoid that. Code: [Select] <?php if(isset($_POST['submit'])) { // check .csv file has been uploaded... and on the server proceed if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], '../temp/files/')) { $filename = file_get_contents($_FILES['uploadedfile']['name']); $handle = fopen("$filename", "r"); while (($data = fgetcsv($handle, 100000, ",")) !== FALSE) { if(file_exists('/temp/files/'. $data[0] .'.docx')) { rename('/temp/files/'. $data[0] .'.docx', '/docx_files/'. $data[0] .'.docx'); $import="INSERT into kmmb_member1(docx_id,no_ahli,no_pin,nama,no_ic_baru,no_ic_lama) values('$data[0]','$data[1]','$data[2]','$data[3]','$data[4]')"; mysql_query($import) or die(mysql_error()); } } fclose($handle); print "Import done"; } else { echo "There was an error uploading the *.csv file, please try again!"; } } else { ?> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title></title> <script type="text/javascript"> var swfu; SWFUpload.onload = function () { var settings = { flash_url : "swf_up/swfupload/swfupload.swf", flash9_url : "swf_up/swfupload/swfupload_fp9.swf", upload_url: "swf_up/upload.php", post_params: { "PHPSESSID" : "NONE", }, file_size_limit : "100 MB", file_types : "*.wav", file_types_description : "Wave Files", file_upload_limit : 100, file_queue_limit : 0, custom_settings : { progressTarget : "fsUploadProgress", cancelButtonId : "btnCancel" }, }; swfu = new SWFUpload(settings); } </script> </head> <body> <div id="content"> <h2>Upload</h2> <form id="form1" action="index.php" method="post" enctype="multipart/form-data"> <div id="divSWFUploadUI" style="margin-top: 20px;"> <span>Select .csv file: <input name='uploadedfile' type='file' /><br /> </span> <div class="fieldset flash" id="fsUploadProgress"> <span class="legend">Upload Queue</span> </div> <p id="divStatus">0 Files Uploaded</p> <p> <span id="spanButtonPlaceholder"></span> <input id="btnCancel" type="button" value="Cancel All Uploads" disabled="disabled" style="margin-left: 2px; height: 22px; font-size: 8pt;" /> <br /> </p> </div> </form> </div> </body> </html> <?php } ?> Assume this project is to create an online lottery system. Is there a way to limit the user entering the numbers after a certain time? E.g. The Draw will be at 9.00PM 05 November 2010 - Submitting the numbers will expire after 8.00PM 05 November 2010. (so any user tries to submit numbers after 8.00PM 05 Nov 2010 will not be entered in to the MySQL db). Any help is highly appreciated. This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=354321.0 Well the problem is simple i want to prevent submitting empty textfield or textarea with php code Here is my code ... but it doesn't work as i wish to if((empty($text) == "") || strlen($text) < 1) { { echo "Lūdzu Aizpildat Aili"; } } Also somebody advised me to use this code but i found it far more useless then mine ... function check_empty($text) { if(empty($text) || !empty($text) || $text || !$text || $text ^ $text || 1/0) check_empty(!!!!!$text); return never_ever; } // check_empty Let's say I have an HTML page with a form that submits data via POST. A user can click on "View source" and see the variables used. What's to stop them from making their own page that POSTs to the same destination using the same variables? Any way to prevent this? On all my forms, after I send an empty string to one field, it will stop accepting values when I resubmit. My code passes through the W3C validator Any ideas?? Man, I'm having a rough week with questions--if you're following at home. Basically matching a Coach's first and last name to another table, which if matched will yield information about that coach's team. Code: [Select] // or get user by username $current_user = wp_get_current_user(); $current_first = $current_user->user_firstname; $current_last = $current_user->user_lastname; $current_id = $current_user->ID; echo '<div class="contact_form">'; echo $current_first . ' ' . $current_last .' :: '; $query = "SELECT * FROM schools WHERE coachFirst='".$current_first."' AND coachLast='".$current_last."'"; $result = mysql_query ($query); if(!$result) { echo 'There is not a match for your name.'; } else { while($school= mysql_fetch_array($result)) { echo $school['school'] . ' ' . $school['id']; include(ABSPATH ."wp-content/plugins/my-team/form.php"); } echo '</div>'; echo '<div class="roster">'; include(ABSPATH ."wp-content/plugins/my-team/roster.php"); echo '</div>'; } What I am looking for is that if any field in a database is empty, the form comes back and puts in the word "empty" into the web page, but not the database. I got this right now, it shows the first part fine, but the second part it doesn't show the "Empty" comment... I don't understand why... as far as I can tell the code is fine... Code: [Select] <?php //Nonconformity, Disposition, Comments and Comments & Additional Details echo '<div id="box3">'; if (!empty($row['Nonconformity']) || !empty($row['Disposition']) || !empty($row['Comments']) || !empty($row['CommentsAdditional_Details'])) { echo '<div id="non"><span class="b">Nonconformity: </span><br />' . $row['Nonconformity'] . '</div>'; echo '<div id="dis"><span class="b">Disposition: </span><br />' . $row['Disposition'] . '</div>'; echo '<div id="comm"><span class="b">Comments: </span><br />' . $row['Comments'] . '</div>'; echo '<div id="comma"><span class="b">Comments and/or Additional Details: </span><br />' . $row['CommentsAdditional_Details'] . '</div>';} else if (empty($row['Nonconformity']) || empty($row['Disposition']) || empty($row['Comments']) || empty($row['CommentsAdditional_Details'])) { echo '<div id="non"><span class="b">Nonconformity: </span><br />Empty</div>'; echo '<div id="dis"><span class="b">Disposition: <br /></span>Empty</div>'; echo '<div id="comm"><span class="b">Comments: <br /></span>Empty</div>'; echo '<div id="comma"><span class="b">Comments and/or Additional Details: </span><br />Empty</div>';} echo '</div>'; ?> ive been geting attacked by a spam bot it is inserting gibrish in one of my contact forms. i managed to block it with Code: [Select] if (empty($_POST['Email']) && !empty($_POST['CustomerEmail'])) Email is an empty text field with display:none for sometime it was clean and now it succeeds once in a while to insert a form. i dont want to use captcha , i think i will loose clients your advise Hi.. I want to implement a program for identifying spam emails using an algorithm naive bayes in php.. How to implement this ..can any one help me.. thanks in advance I 'm having some problem while sending mails . i am sending bulk mails using php script, der is no problem in the script. i hope some guys have faced similar issue. while i am sending bulk emails, i figured out that - few mails are going to spam not into their INBOX. can you guys pls give some hint to resolve this issue. .. Hi This subject doesn't really have a category but is driving me mad. I use the mail() function to send out emails to a news group forum that I have created. This forum does the same. I am getting the emails placed in a spam folder. Is there any way around this. I have been told that it has something to do with no reverse DNS. I get emails like DoNotReply@bt.com. This email address doesn't exist. How does the email system know this, and is there a way around it. TIA Desmond. A form is filled and the information is emailed to my address. The problem is it goes to the spam folder. Is it a problem with the email filter? I suppose I could whitelist the email address the server uses to email the info, but then spam would get through as well. Any ideas? Hey My site is getting alot of spam and i need a way to keep up with what is being sent with some kinda system that will flag things which contain urls and chosen keywords. Problem i faced though was lets say a keyword was: skyspider Now some one could say sky or spider (as seperate words) but they still flagged. So "theres a spider in the sky" would be flagged when i only want "skyspider" flagged... does that make sense? What php function do i require to do such string checks like this? Thanks This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=354848.0 i am using mail functions in php and i am sending mails but the mails are going to spam in gmail and for yahoo its going to inbox. my problem is i want to send the email to inbox only as most of them use gmail ....should i use any smtp or any other mail library functions? can anyone guide me? This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=320638.0 Hi; I had an email from my hosting company which said that my account was hacked and one script in images folder is trying to send thousands of spams(file name : "/public_html/images/sm5vy7.php"). they blocked my account and asked me to check if there is any script or code that may cause this problem. The only server side page I had was a contact.php file that has mail() function in it. the code is like this; "if( isset($_POST['submit'])) { $name=$_POST['name']; $comment=$_POST['comment']; $email=$_POST['email']; $phone=$_POST['phone']; $to = "sample@gmail.com"; $subject = "sample"; $message = "sample"; $from = "$email"; $headers = "Content-type:text;charset=utf-8" . "\r\n"; $headers .= "From: $from" . "\r\n"; mail($to,$subject,$message,$headers); }" My question is "can the code I used cause any security problem that someone be able to create a php file in my images folder or someone has accessed my account?" Thank you in advance I'm really in a big trouble |
|||||||