|
PHP - Help With Php Form And Anti Spam Question
Below is my contact from - and I have set anti spam question as I don't like captcha. How to I code the post/human bit so it is case insensitive?
<div class="one-half-column-right" id="contactform">
<form method="post" action="index.php#contactform">
<label>Name*</label>
<div class="clear"></div>
<input name="name" placeholder="Type Here">
<label>Email*</label>
<div class="clear"></div>
<input name="email" type="email" placeholder="Type Here">
<label>Message</label>
<textarea name="message" placeholder="Type Here"></textarea>
<label>*If today is Tuesday, what is tomorrow? <br> [lowercase answer please]<br> (Anti-spam)</label>
<input name="human" placeholder="Type Here">
<input id="submit" name="submit" type="submit" value="Submit">
</form>
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$from = 'From: Website Form';
$to = ‘name@name.com’;
$subject = 'website form enquiry';
$human = $_POST['human'];
$headers .= 'From: '.$from."\r\n".
'Reply-To: '.$from."\r\n" .
'X-Mailer: PHP/' . phpversion();
$body = "From: $name\n E-Mail: $email\n Message:\n $message";
if ($_POST['submit'] && $human == ‘wednesday’) {
if (mail ($to, $subject, $body, $from)) {
echo '<p style="font-family: Montserrat, Helvetica, Arial, sans-serif; font-weight: 600; text-align:center; font-size: 16px; color: #000; text-transform: uppercase; background-color: #FFD700">
Request has been sent. We will get back to within 48 hours!<br></p>';
} else {
echo '<p style="font-family: Montserrat, Helvetica, Arial, sans-serif; font-weight: 600; text-align:center; font-size: 16px; color: #000; text-transform: uppercase; background-color: #FFD700">
Something went wrong, go back and try again!</p>';
}
} else if ($_POST['submit'] && $human != '') {
echo '<p style="font-family: Montserrat, Helvetica, Arial, sans-serif; font-weight: 600; text-align:center; font-size: 16px; color: #000; text-transform: uppercase; background-color: #FFD700">
You answered the anti-spam question incorrectly!</p>';
}
?>
<!--// form //-->
Similar TutorialsHello there! I made a contact-form with PHP but the e-mails go directly into the spam folder. Then I ran a test on http://www.mail-tester.com and I got some errors. As you can tell, I am new to PHP and I don't know what to do. I appreciate any help! Errors: 1. HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag 2. MIME_HTML_ONLY Message only has text/html MIME parts 3. MISSING_DATE Missing Date: header 4. "Your message is not signed by DKIM" 5. "There is no SPF record. Please add (number).easyname.com to your DNS zone file."
Here is my PHP:
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$from = 'From: mywebsite.com';
$to = 'someone@something.net';
$subject = 'Subject-line';
$body = "From: $name\n E-Mail: $email\n Message:\n $message";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html\r\n";
$headers .= 'From: '. $email. "\r\n" .
$headers .= "Reply-To: ". $email. "\r\n";
$headers .= "X-Mailer: PHP/" . phpversion();
$message = nl2br($message);
$status = mail($to, $subject, $message, $headers);
if($status)
{
echo '<p>Your Message has been send!</p>';
} else {
echo '<p>Something went wrong. Please try again.</p>';
}
?>
Here is my HTML:
<div class="contact-form">
<form id="contact-form" method="post" action="contact-form-handler.php">
<input name="name" type="text" class="form-control" placeholder="Your Name" required>
<br>
<input name="email" type="email" class="form-control" placeholder="Your Email">
<br>
<textarea name="message" class="form-control" placeholder="Message" rows="40" required></textarea><br>
<input type="submit" class="form-control" value="SEND MESSAGE">
</form>
</div>
I tried many things but nothing really worked. Also, I am a noob at PHP so I am kind of lost. Thanks for your help! Guys: I'm implementing a form for user submission. At the end of the form, there is an image that displays some randomly generated code. The user will be required to enter the code shown on this image before he clicks the submit button. This is done to protect the form from spamming, automatic submission. After the submit button is clicked, I need to do this: if ($_POST['the code the user enters'] == the code on the image) { // proceed(); } Any idea on how to get the code displayed on the image ? Thanks. I have a simple contact form I did a while ago for a small company. They emailed me saying they are getting bits of spam mail from the site occasionally and would like to get it stopped if possible. This is how my form looks: Code: [Select] <form method="post" action="mailer.php"> <div class="form_left"> <p>Name:<br> <input type="text" name="name" size="24" autofocus="true" placeholder="Type Here" required="true" /></p> </div> <div class="form_right"> <p>Email:<br> <input type="email" name="email" size="24" placeholder="Type Here" required="true" /></p> </div> <div class="form_left"> <p>Company Name:<br /> <input type="text" name="company" size="24" placeholder="Type Here" required="true" /></p> </div> <div class="form_right"> <p>Phone Number:<br /> <input type="text" name="phone" size="24" placeholder="Type Here" required="true" /></p> </div> <div class="form_left"> <p>Your Message:<br /> <textarea rows="6" name="message" cols="55" placeholder="Type Here" ></textarea></p> </div> <p class="submit"><input type="submit" value="Send Mail" name="submit" /></p> </form> Code: [Select] <?php if(isset($_POST['submit'])) { // $to = "mail@mydomain.com"; $to = "mail@mydomain.com"; $subject = "Web Enquiry"; $name = $_POST['name']; $email = $_POST['email']; $company = $_POST['company']; $phone = $_POST['phone']; $message = $_POST['message']; if (strlen(trim($message)) > 0) { $body = "From: $name \n\n Email: $email \n \n Company: $company \n\n Phone Number: $phone \n\n Message: $message"; if (mail($to, $subject, $body)) { echo "<h3>Thanks! Your email has been sent <br />We will answer your enquiry as soon as possible.</h3>"; } else { echo 'Cannot sent mail'; } } else { echo "<h3>Error! <br />Please ensure that all fields are filled out correctly in order to email us.</h3>"; } } ?> Any help or pointers as to how I could add in a little security would be appreciated. Hey, Wondering if this would work, it is based on the idea that everyone who is a real visitor will be using a browser, is that correct? Do robots use browsers too? if so, it wont work! haha. <? $browser = mb_substr($_SERVER['HTTP_USER_AGENT'], 0, 31); if (!empty($browser)){echo '<form action="send.php" method="post">';} ?> Just thought it was nice and simple, and couldnt see anywhere if it would work or not... Hi, I am having issues getting a simple contact form getting past the junk filter and into the inbox. Is there something wrong with my code? I have tried to set the email to 'not junk' in the 2 different email providers, but not change. Here is my code: Code: [Select] <?php $name = $_POST['name']; $email = $_POST['email']; $message = $_POST['message']; $from = 'From: Contact Form'; $to = 'my_email@gmail.com'; $subject = 'Hello'; $human = $_POST['human']; $body = "From: $name\n E-Mail: $email\n Message:\n $message"; $headers .= "Content-type: text/plain; charset=utf-8\n"; $headers .= "From: website user<someone_from@mysite.com> \n"; if ($_POST['submit']) { if ($name != '' && $email != '') { if ($human == '10') { if (mail ($to, $subject, $body, $from)) { echo '<p>Your message has been sent!</p>'; } else { echo '<p>Something went wrong, go back and try again!</p>'; } } else if ($_POST['submit'] && $human != '4') { echo '<p>You answered the anti-spam question incorrectly!</p>'; } } else { echo '<p>You need to fill in all required fields!!</p>'; } } ?> Code: [Select] <form method="post" action="mail_.php"> <label>Name</label> <input name="name" placeholder="Type Here"> <label>Email</label> <input name="email" type="email" placeholder="Type Here"> <label>Message</label> <textarea name="message" placeholder="Type Here"></textarea> <label>*What is 7+3? (Anti-spam)</label> <input name="human" placeholder="Type Here"> <input id="submit" name="submit" type="submit" value="Submit"> </form> Any help is greatly appreciated. Hi, I Have a form after successful submission a mail must be send to particular recipient and thank you mail is send to the person who filled the form ,The problem is i am receiving mails in spam whats the reason for going in spam I have kept Capture code also Can please let me know what to do Hi the user fill details and then the email his sent to me the only problem is that the emails keeps going to my spam, can someone help me out please I looked already php website and email format looks the same. This is the link to my form. http://www.people.eurico.co.uk/ here my form script Code: [Select] <?php // Set email variables $email_to = 'xxxxx@xxxxxxx.co.uk'; $email_subject = 'Call back form'; // Set required fields $required_fields = array('fullname','email','telephone','comment'); // set error messages $error_messages = array( 'fullname' => 'Please enter a Name to proceed.', 'email' => 'Please enter a valid Email.', 'telephone' => 'Please telephone.', 'comment' => 'Please enter your Message to continue.' ); // Set form status $form_complete = FALSE; // configure validation array $validation = array(); // check form submittal if(!empty($_POST)) { // Sanitise POST array foreach($_POST as $key => $value) $_POST[$key] = remove_email_injection(trim($value)); // Loop into required fields and make sure they match our needs foreach($required_fields as $field) { // the field has been submitted? if(!array_key_exists($field, $_POST)) array_push($validation, $field); // check there is information in the field? if($_POST[$field] == '') array_push($validation, $field); // validate the email address supplied if($field == 'email') if(!validate_email_address($_POST[$field])) array_push($validation, $field); } // basic validation result if(count($validation) == 0) { // Prepare our content string $email_content = 'peoplesmartlearning.co.uk: ' . "\n\n"; // simple email content foreach($_POST as $key => $value) { if($key != 'submit') $email_content .= $key . ': ' . $value . "\n"; } // if validation passed ok then send the email mail($email_to, $email_subject, $email_content); // Update form switch $form_complete = TRUE; } } function validate_email_address($email = FALSE) { return (preg_match('/^[^@\s]+@([-a-z0-9]+\.)+[a-z]{2,}$/i', $email))? TRUE : FALSE; } function remove_email_injection($field = FALSE) { return (str_ireplace(array("\r", "\n", "%0a", "%0d", "Content-Type:", "bcc:","to:","cc:"), '', $field)); } ?> The HTML Code: [Select] <div class="call_us_form"> <p class="title">WE'LL CALL YOU BACK</p> <?php if($form_complete === FALSE): ?> <form class="contact_form" id="fm-form" method="post" action="index.php" > <fieldset> <div class="fm-req"> <label for="fm-firstname">Name</label> <input type="text" id="fullname" class="detail" name="fullname" value="<?php echo isset($_POST['fullname'])? $_POST['fullname'] : ''; ?>" /> <?php if(in_array('fullname', $validation)): ?><script type="text/javascript">alert("Please enter a Name"); history.back();</script><?php endif; ?> </div> <div class="fm-req"> <label for="fm-firstname">Email</label> <input type="text" id="email" class="detail" name="email" value=" <?php echo isset($_POST['email'])? $_POST['email'] : ''; ?>" /> <?php if(in_array('email', $validation)): ?><script type="text/javascript">alert("Please enter a valid Email Address"); history.back();</script><?php endif; ?> </div> <div class="fm-req"> <label for="fm-firstname">Number</label> <input type="text" id="telephone" class="detail" name="telephone" value="<?php echo isset($_POST['telephone'])? $_POST['telephone'] : ''; ?>" /> <?php if(in_array('telephone', $validation)): ?><script type="text/javascript">alert("Please enter telephone number"); history.back();</script><?php endif; ?> </div> <div class="fm-req"> <label for="fm-lastname">Message</label> <textarea cols="40" rows="5" id="comment" name="comment" class="mess"><?php echo isset($_POST['comment'])? $_POST['comment'] : ''; ?></textarea> <?php if(in_array('comment', $validation)): ?><script type="text/javascript">alert("Please enter your message"); history.back();</script><?php endif; ?> </div> <input class="submit_button" type="submit" value="Call us" /> </fieldset> </form> <?php else: ?> <p>Thank you for your Message!</p> <p>We will get back to you as soon as we can</p> <script type="text/javascript"> setTimeout ('ourRedirect()', 5000) function ourRedirect () { location.href='index.php' } </script> <?php endif; ?> i am using a Anti MySQL Injection my friend made for me config.php //Anti MySQL Injection function anti_injection($sql) { // removes words that contain sql syntax $sql = preg_replace(sql_regcase("/(from|select|insert|delete|where|drop table|show tables|#|\*|--|\\\\)/"),"",$sql); $sql = trim($sql); // strip whitespace $sql = strip_tags($sql); // strip HTML and PHP tags $sql = addslashes($sql); // quote string with slashes return $sql; } <?php include "./config.php"; $title = $_POST[title]; $type = $_POST[type]; $episode = $_POST[episode]; $year = $_POST[year]; $genre = $_POST[genre]; $status = $_POST[status]; $summary = $_POST[summary]; $pictures = $_POST[pictures]; $title = anti_injection($title); $type = anti_injection($type); $episode = anti_injection($episode); $year = anti_injection($year); $genre = anti_injection($genre); $status = anti_injection($status); $summary = anti_injection($summary); $pictures = anti_injection($pictures); ?> When i enter the data from the text box and click submit it still puts the data in to the date base but it shows ]Notice: Use of undefined constant title - assumed 'title' in C:\wamp\www\studying\take 2\addin11.php on line 41 Notice: Use of undefined constant type - assumed 'type' in C:\wamp\www\studying\take 2\addin11.php on line 42 Notice: Use of undefined constant episode - assumed 'episode' in C:\wamp\www\studying\take 2\addin11.php on line 43 Notice: Use of undefined constant year - assumed 'year' in C:\wamp\www\studying\take 2\addin11.php on line 44 Notice: Use of undefined constant genre - assumed 'genre' in C:\wamp\www\studying\take 2\addin11.php on line 45 Notice: Use of undefined constant status - assumed 'status' in C:\wamp\www\studying\take 2\addin11.php on line 46 Notice: Use of undefined constant summary - assumed 'summary' in C:\wamp\www\studying\take 2\addin11.php on line 47 Notice: Use of undefined constant pictures - assumed 'pictures' in C:\wamp\www\studying\take 2\addin11.php on line 48 Deprecated: Function sql_regcase() is deprecated in C:\wamp\www\studying\take 2\config.php on line 30 Deprecated: Function sql_regcase() is deprecated in C:\wamp\www\studying\take 2\config.php on line 30 Deprecated: Function sql_regcase() is deprecated in C:\wamp\www\studying\take 2\config.php on line 30 Deprecated: Function sql_regcase() is deprecated in C:\wamp\www\studying\take 2\config.php on line 30 Deprecated: Function sql_regcase() is deprecated in C:\wamp\www\studying\take 2\config.php on line 30 Deprecated: Function sql_regcase() is deprecated in C:\wamp\www\studying\take 2\config.php on line 30 Deprecated: Function sql_regcase() is deprecated in C:\wamp\www\studying\take 2\config.php on line 30 Deprecated: Function sql_regcase() is deprecated in C:\wamp\www\studying\take 2\config.php on line 30 And thanks to the Anti MySQL Injection my Primary key in my database dont work :s can you help? thank you Using MVC, the controller does some logic, gets data from the model, and the view presents the content.
Where should the reverse be performed?
For instance, I have an edit page which is pre-populated with values from the model, and the view changes 1000 to $1,000, 0.4 to 40%, and 2014-10-09 09:31:41 to 10/09/2014 09:31:41 AM.
Now I need to save the values, and must convert them back to their original format before doing so. Should this functionality be performed in the controller, model, or view?
Thanks
This topic has been moved to PHP Freelancing. http://www.phpfreaks.com/forums/index.php?topic=355195.0 Hi guys, I wrote this speck of code to prevent directory transversal. However, I'm not that great with security issues, so I would like some of the gurus to offer pointers/tips/hints as to whether my code is safe or not and how to improve it. $pageID = $_GET["pageid"]; $pageNewIDLower = strtolower($pageID); $pageNewID = ereg_replace("[^A-Za-z0-9]","",$pageNewIDLower); if (strstr($pageNewID,"../") || strstr($pageNewID,"%") != true) { // do stuff } else { include("pages/home.htm"); } If this looks wrong, let me know. I didn't take it directly from my php code as I'm on a cell phone at the moment. Hello guys, i have a problem that i am trying to solve myself for the entire past week. I am not a php programmer and i wish you can help me. There is a russian project called Crot Anti-Plagiarism, it is a open source moodle plugin. I started to use it and it is a really nice feature. The problem is that there are quite few people that are developing it and new features are coming once a year... I see a big "hole" in this project (at least for me) : The plugin checks for plagiarism in the file that you submit only once, if a student resubmits the file it doesn't see that and you need to start the plugin's test again for all the files which is time consuming if you have a lot of submitted files to check. I would like to add a function that will check if a file changed his modified date , if yes - mark for checking, if no - skip the checking. I already added a similar function that checks if the name has changed, but it seems harder to check it by uploaded time(modified time). Things i have already done: I added a new column "assignment_submissions_timemodified" in database. I added a new function that records the "time modified" of the file in the database. But i can't add and i cannot make the comparison between the date of the first time the file submitted versus the date of the second time the same file was resubmitted. Alright no more bullsh**t here is the code: (there are 3 comments that shows what i've changed, starting with //my job...) Thanks a lot! Code: [Select] $apath= $CFG->dataroot."/$assignment->course/moddata/assignment/$asubmission->assignment/$asubmission->userid"; $timemodified= filemtime($apath); //my job... it checks the file's modified time. $files = scandir($apath, 1); if (! $unprocessedsubm = get_record("crot_submissions", "submissionid", $asubmission->id, "crot_submission_file_name", $files[0], "assignment_submissions_timemodified", $timemodified)) //my job...now i guess here is the problem ( "assignment_submissions_timemodified", $timemodified) { echo "$timemodified"; echo "$unprocessedsubm"; print_r($unprocessedsubm); echo "\nsubmission $asubmission->id was not processed yet. start processing now ... \n" ; $atime = microtime(); $atime = explode(" ",$atime); $atime = $atime[1] + $atime[0]; $astarttime = $atime; if(!count($files))break; //TODO we should verify if filename changed //TODO add loop on the documents folder as well as loop for unzipping $apath = $apath."/$files[0]"; // call tokenizer to get plain text and store it in crot_submissions $atext = tokenizer ($apath); // update the crot_submissions table // delete if exists delete_records("crot_submissions", "submissionid", $asubmission->id); // insert the new record $record->submissionid=$asubmission->id; $record->updated = time(); $record->crot_submission_file_name = $files[0]; $record->assignment_submissions_timemodified = $timemodified; //this is my job.... it is recording the date as it has to. $submid = insert_record("crot_submissions", $record); // insert into documents $docrecord->crot_submission_id = $submid; Also i have attached the whole file crot_crone.php. I have read around and can't seem to find the right coding for what I need on this forum and some other other forums. I have a contact form (as listed below) and I need 2 locations (Print Name and Title) fields to auto-populate on a separate form (can be a doc, pdf, etc. any form of document which is easiest) and this form can be totally back end and the individual using the form never is going to see the form. It's going on a contract form, that we would like to auto-populate. Also is there a simple attachment code so individuals can attach documents to the code? <p style: align="center"><form action="mailtest.php" method="POST"> <?php $ipi = getenv("REMOTE_ADDR"); $httprefi = getenv ("HTTP_REFERER"); $httpagenti = getenv ("HTTP_USER_AGENT"); ?> <input type="hidden" name="ip" value="<?php echo $ipi ?>" /> <input type="hidden" name="httpref" value="<?php echo $httprefi ?>" /> <input type="hidden" name="httpagent" value="<?php echo $httpagenti ?>" /> <div align="center"> <p class="style1">Name</p> <input type="text" name="name"> <p class="style1">Address</p> <input type="text" name="address"> <p class="style1">Email</p> <input type="text" name="email"> <p class="style1">Phone</p> <input type="text" name="phone"> <p class="style1">Debtor</p> <input type="text" name="debtor"> <p class="style1">Debtor Address</p> <input type="text" name="debtora"> <br /> <br /> <a href="authoforms.php" target="_blank" style="color:#ffcb00" vlink="#ffcb00">Click here to view Assignment Agreement and Contract Agreement</a> <p class="style1"><input type='checkbox' name='chk' value='I Have read and Agree to the terms.'> I have read and agree to the Assignment and Contract Agreement <br></p> <p class="style1">Print Name</p> <input type="text" name="pname"> <p class="style1">Title</p> <input type="text" name="title"> <p class="style1">I hear by agree that the information I have provided is true, accurate and the information I am submitting is <br /> not fraudulent. Please click the agree button that you adhere to Commercial Recovery Authority Inc.'s terms:</p> <select name="agree" size="1"> <option value="Agree">Agree</option> <option value="Disagree">Disagree</option> </select> <br /> <br /> <p class="style1">Employee ID:</p> <input type="text" name="employee"> <br /> <input type="submit" value="Send"><input type="reset" value="Clear"> </div> </form> </p> The mailtest php is this ?php $ip = $_POST['ip']; $httpref = $_POST['httpref']; $httpagent = $_POST['httpagent']; $name = $_POST['name']; $address = $_POST['address']; $email = $_POST['email']; $phone = $_POST['phone']; $debtor = $_POST['debtor']; $debtora = $_POST['debtora']; $value = $_POST['chk']; $pname = $_POST['pname']; $title = $_POST['title']; $agree = $_POST['agree']; $employee = $_POST['employee']; $formcontent=" From: $name \n Address: $address \n Email: $email \n Phone: $phone \n Debtor: $debtor \n Debtor's Address: $debtora \n 'Client' has read Assignment and Contract Agreement: $value \n Print Name: $pname \n Title: $title \n I hear by agree that the information I have provided is true, accurate and the information I am submitting is not fraudulent. Please click the agree button that you adhere to Commercial Recovery Authority Inc.'s terms: $agree \n \n Employee ID: $employee \n IP: $ip"; $recipient = "mail@crapower.com"; $subject = "Online Authorization Form 33.3%"; $mailheader = "From: $email \r\n"; mail($recipient, $subject, $formcontent, $mailheader) or die("Error!"); echo "Thank You!" . " -" . "<a href='index.php' style='text-decoration:none;color:#ffcb00;'> Return Home</a>"; $ip = $_POST['visitoraddress'] ?> ive been geting attacked by a spam bot it is inserting gibrish in one of my contact forms. i managed to block it with Code: [Select] if (empty($_POST['Email']) && !empty($_POST['CustomerEmail'])) Email is an empty text field with display:none for sometime it was clean and now it succeeds once in a while to insert a form. i dont want to use captcha , i think i will loose clients your advise Hi This subject doesn't really have a category but is driving me mad. I use the mail() function to send out emails to a news group forum that I have created. This forum does the same. I am getting the emails placed in a spam folder. Is there any way around this. I have been told that it has something to do with no reverse DNS. I get emails like DoNotReply@bt.com. This email address doesn't exist. How does the email system know this, and is there a way around it. TIA Desmond. A form is filled and the information is emailed to my address. The problem is it goes to the spam folder. Is it a problem with the email filter? I suppose I could whitelist the email address the server uses to email the info, but then spam would get through as well. Any ideas? Hey My site is getting alot of spam and i need a way to keep up with what is being sent with some kinda system that will flag things which contain urls and chosen keywords. Problem i faced though was lets say a keyword was: skyspider Now some one could say sky or spider (as seperate words) but they still flagged. So "theres a spider in the sky" would be flagged when i only want "skyspider" flagged... does that make sense? What php function do i require to do such string checks like this? Thanks I 'm having some problem while sending mails . i am sending bulk mails using php script, der is no problem in the script. i hope some guys have faced similar issue. while i am sending bulk emails, i figured out that - few mails are going to spam not into their INBOX. can you guys pls give some hint to resolve this issue. .. Hi.. I want to implement a program for identifying spam emails using an algorithm naive bayes in php.. How to implement this ..can any one help me.. thanks in advance im having some robots injecting gibberish i wnat to deny amy links in the requesttext of the form for some reason i tested it and it accepted a http link Code: [Select] if (preg_match("/http/i","$RequestText")){ exit();} thanks |
|||||||