Spam sent through web forms

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

sheila
Forum Commoner
Posts: 98
Joined: Mon Sep 05, 2005 9:52 pm
Location: Texas

Post by sheila »

This code

Code: Select all

$test = "     ";
echo "test = [$test]\n";
$test = trim($test);
echo "test = [$test]\n";
produces this output

Code: Select all

test = [     ]
test = []
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

You need to strip \r and \n that are posted.. Otherwise, it's pretty easy to fake some headers ;) And you are wide open for spammers ;)
hairyjim
Forum Contributor
Posts: 219
Joined: Wed Nov 13, 2002 9:04 am
Location: Warwickshire, UK

Post by hairyjim »

I tested the form and put in spaces for everything other than email address and the form still threw the correct errors.
sheila
Forum Commoner
Posts: 98
Joined: Mon Sep 05, 2005 9:52 pm
Location: Texas

Post by sheila »

What does _getValue() do? Is it testing isset($message)?

As far as your original question about get 50+ messages a day you should post isEmailAddress and let us have a look. If it is properly testing for an invalid email address then you are probably not being used to send spam. There is nothing much you can do to stop repeated testing. You could look for a pattern in the tests, like $email always has the same address or you could rename the script and hope it takes them a while to find it again.
Post Reply