PHP联系表单垃圾邮件问题

时间:2022-11-28 15:11:01

So recently I fixed my contact form on my website but I have a problem. People can send me emails without needing to put anything in the contact form boxes.

最近我在我的网站上修改了我的联系表格,但我遇到了问题。人们可以向我发送电子邮件,而无需在联系表格框中添加任何内容。

So pretty much people can just press the Send Button without needing to type anything which is really annoying.

所以很多人只需按下发送按钮,无需键入任何真正烦人的东西。

Anyway to fix this?

有任何解决这个问题的方法吗?

Here is my PHP Code: https://hastebin.com/ukowawovab.pl

这是我的PHP代码:https://hastebin.com/ukowawovab.pl

Here is my HTML Code: https://hastebin.com/hisayacuji.xml

这是我的HTML代码:https://hastebin.com/hisayacuji.xml

Thanks! TrifleTower

谢谢! TrifleTower

1 个解决方案

#1

1  

As I stated in comments, check for any empty fields.

正如我在评论中所述,检查任何空字段。

Even with required added, bots may be accessing the php file directly, or others.

即使有必要添加,机器人可能直接访问php文件或其他人。

<?php

if(!empty($_REQUEST['name'])

&& !empty($_REQUEST['email'])

&& !empty($_REQUEST['skype'])

&& !empty($_REQUEST['message'])){

 $to = "email@example.com";
 $subject = "FluxDesigns Contact Form";
 $name = $_REQUEST['name'];
 $email = $_REQUEST['email'];
 $skype = $_REQUEST['skype'];
 $message = $_REQUEST['message'];
 $ip = $_SERVER['REMOTE_ADDR'];
 $body = " Name: $name \n Email: $email \n Skype: $skype \n Message: $message \n\n IP Address: $ip";
 if (mail($to, $subject, $body)) {
   header('Location: /thanks');
   exit; // added that to prevent further execution
  }

 }
 else{
     echo "Fill in all fields";

     }

You could additionally add a checkbox and check if it is set with isset() and handle it accordingly.

您还可以添加一个复选框,并检查它是否使用isset()设置并相应地处理它。

However, you should use full headers as outlined in the mail() manual. Otherwise, you may not receive it or it can also be treated as spam.

但是,您应该使用mail()手册中概述的完整标题。否则,您可能无法收到它,也可能被视为垃圾邮件。

Full headers means having a valid From email address.

完整标题表示具有有效的发件人电子邮件地址

Example from the manual:

手册中的示例:

<?php
$to      = 'nobody@example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster@example.com' . "\r\n" .
    'Reply-To: webmaster@example.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();

mail($to, $subject, $message, $headers);

You should also create an SPF record, but that's beyond the scope of this question.

您还应该创建一个SPF记录,但这超出了本问题的范围。

#1

1  

As I stated in comments, check for any empty fields.

正如我在评论中所述,检查任何空字段。

Even with required added, bots may be accessing the php file directly, or others.

即使有必要添加,机器人可能直接访问php文件或其他人。

<?php

if(!empty($_REQUEST['name'])

&& !empty($_REQUEST['email'])

&& !empty($_REQUEST['skype'])

&& !empty($_REQUEST['message'])){

 $to = "email@example.com";
 $subject = "FluxDesigns Contact Form";
 $name = $_REQUEST['name'];
 $email = $_REQUEST['email'];
 $skype = $_REQUEST['skype'];
 $message = $_REQUEST['message'];
 $ip = $_SERVER['REMOTE_ADDR'];
 $body = " Name: $name \n Email: $email \n Skype: $skype \n Message: $message \n\n IP Address: $ip";
 if (mail($to, $subject, $body)) {
   header('Location: /thanks');
   exit; // added that to prevent further execution
  }

 }
 else{
     echo "Fill in all fields";

     }

You could additionally add a checkbox and check if it is set with isset() and handle it accordingly.

您还可以添加一个复选框,并检查它是否使用isset()设置并相应地处理它。

However, you should use full headers as outlined in the mail() manual. Otherwise, you may not receive it or it can also be treated as spam.

但是,您应该使用mail()手册中概述的完整标题。否则,您可能无法收到它,也可能被视为垃圾邮件。

Full headers means having a valid From email address.

完整标题表示具有有效的发件人电子邮件地址

Example from the manual:

手册中的示例:

<?php
$to      = 'nobody@example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster@example.com' . "\r\n" .
    'Reply-To: webmaster@example.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();

mail($to, $subject, $message, $headers);

You should also create an SPF record, but that's beyond the scope of this question.

您还应该创建一个SPF记录,但这超出了本问题的范围。

标签:

相关文章