It's stopped emails like adsfsdf*asdsdf.com from being posted through, and if I just put in <a href='... into the communications field, it blocks it.
But if I put this - and this is NOT spam, just a demo of what's getting through - do not click or try any links in the text quote as they may be harmful:
[text]china cheap nba jerseys wholesale china cheap nba jerseys wholesale
fghfxhghfxghxfgh@gmail.com
china cheap nba jerseys wholesale
china cheap nba jerseys wholesale
<a href=http://www.mirdef.com/preview/louis-vui ... l><b>louis vuitton outlet store hot sale with free shipping</b></a> <a href=http://www.runkino.com><b>replica louis vuitton shoes</b></a> <a href=http://www.csraemployeewellness.com/who ... tml</b></a> <a href=http://writingthislife.com/louis-vuitto ... /><b>louis vuitton replica watches</b></a> <a href=http://www.allmygoodintentions.com><b>replica louis vuitton</b></a> <a href=http://idahostwocenttips.com><b>louis vuitton speedy 40 cheap</b></a> <a href=http://www.richersoninteriors.com/patie ... <b>replica louis vuitton handbags</b></a> <a href=http://www.johnjeffriesphotography.com/ ... >authentic louis vuitton outlet</b></a> <a href=http://www.thehillofcontent.com.au/cms/ ... <b>replica louis vuitton michael backpack</b></a> <a href=http://www.animalisticart.com/css/cheap ... p><b>cheap louis vuitton sunglasses</b></a> <a href=http://www.ecoatours.com/detalles/louis ... x><b>louis vuitton shoes outlet</b></a> <a href=http://www.nikostours.com/images/louis- ... l><b>louis vuitton online sale</b></a> <a href=http://www.excelfirepro.com><b>replica louis vuitton belts</b></a> <a href=http://www.richersoninteriors.com/patie ... asp><b>buy replica louis vuitton men shoes</b></a> <a href=http://www.richersoninteriors.com/patie ... asp</b></a> <a href=http://www.avanara.com/about-avanara/ch ... l><b>louis vuitton cheap shoes for men</b></a> <a href=http://www.calcopolychem.com><b>replica louis vuitton</b></a> <a href=http://www.photorenditionsbybob.com/lou ... m><b>louis vuitton replica wallet</b></a> <a href=http://www.realdutchbikes.com><b>cheap louis vuitton</b></a> <a href=http://www.csraemployeewellness.com/who ... l><b>louis vuitton men leather shoes wholesale</b></a>
china cheap nba jerseys wholesale http://elenakyrgos.com/images/cheap-who ... erseys.php[/text]
It does get through. what do I need to do to stop these - they are passing thru my script without a problem.
Code: Select all
$firstname = isset($_POST['firstname']) ? $_POST['firstname'] : null;
$firstname = str_replace("'", "", "$firstname");
$lastname = isset($_POST['lastname']) ? $_POST['lastname'] : null;
$lastname = str_replace("'", "", "$lastname");
$email = isset($_POST['email']) ? $_POST['email'] : null;
$phone = isset($_POST['phone']) ? $_POST['phone'] : null;
$reason = isset($_POST['reason']) ? $_POST['reason'] : null;
$reason = str_replace("'", "", "$reason");
$communication = isset($_POST['communication']) ? $_POST['communication'] : null;
$communication = str_replace("'", "", "$communication");
if (isset($firstname) && isset($lastname) && isset($communication) && !isset($c))
{
$communication = isset($_POST['communication']) ? $_POST['communication'] : null;
if (preg_match("/href/i", "$communication")) {
echo "<script>
window.location.replace('/contacttx&c=yy')
</script>";
}
$email = isset($_POST['email']) ? $_POST['email'] : null;
if (preg_match("/\*/i", "$email")) {
echo "<script>
window.location.replace('/successno')
</script>";
}
else {
$to = "info@site.co.uk";
$subject = "$reason";
$headers = "From: $email\n";
$body = "
$firstname $lastname
$email
$phone
$reason
$communication
";
mail ($to, $subject, $body, $headers);
echo "<script>
window.location.replace('/success')
</script>";
}}