在 PHP 联系表上过滤垃圾邮件
Filtering spam on a PHP contact form
伙计们。我一直在努力解决这个问题,但我对 PHP 还是个新手。我已经尝试了各种关于 PHP 垃圾邮件过滤器的教程,但是当我将它们写入表单时 none 可以正常工作。
我一直试图修改的代码是:
<?php
header ("Location: index.html");
if( !empty($_POST['topName']) || !empty($_POST['topEmail']) || !empty($_POST['topPhone']) ) {
$name = $_POST['topName'];
$emailAddress = $_POST['topEmail'];
$phone = $_POST['topPhone'];
$message = $_POST['topMessage'];
$email_to = "companyname@gmail.com";
$email_from = "$name <$emailAddress>";
$email_subject = "Message from online contact form";
$email_body = "From: $name\n" .
"Email: $emailAddress\n" .
"Phone: $phone\n\n" .
"$message";
$email_headers = "From: $email_from \r\n" .
"Reply-To: $emailAddress \r\n";
mail($email_to, $email_subject, $email_body, $email_headers);
}
exit;
?>
唯一有效的部分是添加 !empty 内容,但这仍然只能阻止将这些字段留空的垃圾邮件。当我按照教程进行操作时,我似乎什么都做不了。我可以做些什么来制作一个超级简单的垃圾邮件过滤器,或者一个新手可以理解的教程?
如有任何帮助或建议,我们将不胜感激!
为确保字段不为空,您可以像这样执行一些验证:
<?php
function checkLength($d, $min, $max){
if(strlen($d) > $max || strlen($d) < $min){
return false;
} else {
return true;
}
}
function checkRegEx($d, $reg){
return ereg($reg, $d);
}
$fields = [
'name' => $_POST['topName'],
'email' => $_POST['topEmail'],
'phone' => $_POST['topPhone']
]
$valid = true;
// Check that each is not empty
foreach($fields as $k => $v){
$valid = $valid && !empty($v);
}
// Add HTML Safe Message
$fields['message'] = htmlentities($_POST['topMessage']);
// Check that name has enough characters
$valid = $valid && checkLength($fields['name'], 3, 25);
// Check that Email has enough characters
$valid = $valid && checkLength($fields['email'], 5, 80);
// Check Email format
$valid = $valid && checkRegEx($fields['email'], "/^[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/");
if( $valid ) {
$email_to = "companyname@gmail.com";
$email_from = "{$fields['name']} <{$fields['email']}>";
$email_subject = "Message from online contact form";
$email_body = "";
$email_body .= "From: {$fields['name']}\r\n";
$email_body .= "Email: {$fields['email']}\r\n";
$email_body .= "Phone: {$fields['phone']}\r\n\r\n";
$email_body .= $fields['message'];
$email_headers = "From: {$fields['email']}\r\n";
$email_headers .= "Reply-To: {$fields['email']}\r\n";
mail($email_to, $email_subject, $email_body, $email_headers);
}
exit;
?>
阻止垃圾邮件最有效的方法之一是确保每个字段都包含预期的内容。例如,名称应仅包含字母、phone 数字等。如果文本字段不需要包含 URL,则在它们包含 URL 时不提交消息将消除大量垃圾邮件。
接下来就可以使用蜜罐字段了。这些字段对人们隐藏,但经常被垃圾邮件机器人检测到。您检查提交内容是否包含任何内容,如果包含您就知道这是垃圾邮件。
您还可以查看显示表单页面和提交表单之间的时间。非常快的提交表示自动垃圾邮件。
验证码应该是最后的手段,可能只有在其他技术提示垃圾邮件时才会显示。
最后,您可以使用 class 为您做很多这样的事情,例如http://stefangabos.ro/php-libraries/zebra-form/ or a form building app like http://wufoo.com
伙计们。我一直在努力解决这个问题,但我对 PHP 还是个新手。我已经尝试了各种关于 PHP 垃圾邮件过滤器的教程,但是当我将它们写入表单时 none 可以正常工作。
我一直试图修改的代码是:
<?php
header ("Location: index.html");
if( !empty($_POST['topName']) || !empty($_POST['topEmail']) || !empty($_POST['topPhone']) ) {
$name = $_POST['topName'];
$emailAddress = $_POST['topEmail'];
$phone = $_POST['topPhone'];
$message = $_POST['topMessage'];
$email_to = "companyname@gmail.com";
$email_from = "$name <$emailAddress>";
$email_subject = "Message from online contact form";
$email_body = "From: $name\n" .
"Email: $emailAddress\n" .
"Phone: $phone\n\n" .
"$message";
$email_headers = "From: $email_from \r\n" .
"Reply-To: $emailAddress \r\n";
mail($email_to, $email_subject, $email_body, $email_headers);
}
exit;
?>
唯一有效的部分是添加 !empty 内容,但这仍然只能阻止将这些字段留空的垃圾邮件。当我按照教程进行操作时,我似乎什么都做不了。我可以做些什么来制作一个超级简单的垃圾邮件过滤器,或者一个新手可以理解的教程?
如有任何帮助或建议,我们将不胜感激!
为确保字段不为空,您可以像这样执行一些验证:
<?php
function checkLength($d, $min, $max){
if(strlen($d) > $max || strlen($d) < $min){
return false;
} else {
return true;
}
}
function checkRegEx($d, $reg){
return ereg($reg, $d);
}
$fields = [
'name' => $_POST['topName'],
'email' => $_POST['topEmail'],
'phone' => $_POST['topPhone']
]
$valid = true;
// Check that each is not empty
foreach($fields as $k => $v){
$valid = $valid && !empty($v);
}
// Add HTML Safe Message
$fields['message'] = htmlentities($_POST['topMessage']);
// Check that name has enough characters
$valid = $valid && checkLength($fields['name'], 3, 25);
// Check that Email has enough characters
$valid = $valid && checkLength($fields['email'], 5, 80);
// Check Email format
$valid = $valid && checkRegEx($fields['email'], "/^[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/");
if( $valid ) {
$email_to = "companyname@gmail.com";
$email_from = "{$fields['name']} <{$fields['email']}>";
$email_subject = "Message from online contact form";
$email_body = "";
$email_body .= "From: {$fields['name']}\r\n";
$email_body .= "Email: {$fields['email']}\r\n";
$email_body .= "Phone: {$fields['phone']}\r\n\r\n";
$email_body .= $fields['message'];
$email_headers = "From: {$fields['email']}\r\n";
$email_headers .= "Reply-To: {$fields['email']}\r\n";
mail($email_to, $email_subject, $email_body, $email_headers);
}
exit;
?>
阻止垃圾邮件最有效的方法之一是确保每个字段都包含预期的内容。例如,名称应仅包含字母、phone 数字等。如果文本字段不需要包含 URL,则在它们包含 URL 时不提交消息将消除大量垃圾邮件。
接下来就可以使用蜜罐字段了。这些字段对人们隐藏,但经常被垃圾邮件机器人检测到。您检查提交内容是否包含任何内容,如果包含您就知道这是垃圾邮件。
您还可以查看显示表单页面和提交表单之间的时间。非常快的提交表示自动垃圾邮件。
验证码应该是最后的手段,可能只有在其他技术提示垃圾邮件时才会显示。
最后,您可以使用 class 为您做很多这样的事情,例如http://stefangabos.ro/php-libraries/zebra-form/ or a form building app like http://wufoo.com