Page 1 of 1

My form needs spamming protection...

Posted: Tue Aug 22, 2006 10:56 am
by bordman
Hi,
I have a form which sends an email, and in my form validation, I want to make sure only one email address can be accepted. I'm fairly new to php and can't seem to find what I need via google and othe php manuals...because I'm not sure what to look for...

I have some code that checks for a proper email address, but I need to also check to make sure there is only one so that bots can't add extra email addresses.

Here is my code:

Code: Select all

$email_address = $_POST['email_address'];


function check_email($email_address, $optional)
{
 if ( (strlen($email_address) == 0) && ($optional === true) ) {
  return true;
 } elseif ( ereg("[A-Za-z0-9_-]+\@[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+", $email_address) ) {
  return true;
 } else {
  return false;
 }
}

//Validate
if ( (! check_email($email_address, false))) {
 $validationFailed = true;
}
Any help or other ideas to prevent these bots from spamming would be great!

I also have a verification image working as well.

Spammers suck!!

Thanks!
ROB

Posted: Tue Aug 22, 2006 10:58 am
by hawleyjr
Have you looked into Captcha

Posted: Tue Aug 22, 2006 11:30 am
by Oren
You can add an extra field to the form and generate a random string, then just ask people to enter the random string in this field. Once the form is submitted, check the user-supplied string against the one which was generated by the script.

Security image in place...

Posted: Tue Aug 22, 2006 12:00 pm
by bordman
Thanks, I have a security image in place already...I'm just trying to make sure only one email address is excepted. I thought perhaps a script that checks for more than one @ or that doesn't allow a comma or ;

I'm just not such which function to use to find more than one of those characters. Similar to replace, except I don't want to replace, I just want to find and count the @ comma or ; and if there's more than 1, I want kick them out...

Thanks for your replies,
ROB

Posted: Tue Aug 22, 2006 12:20 pm
by Oren
Well, I'm not sure, but I believe commas are not allowed within a vaild email address. If so, you can use strstr() to make sure the address doesn't contain any commas.

P.S I can point out at least more 3 other ways to make sure only one email address is supplied. What I gave you is just one example from the top of my mind.

Posted: Tue Aug 22, 2006 2:01 pm
by bordman
Hi, again, thank your input...

I know a comma is not allowd as part of an email, but depending on the program sending the mail, usually a comma or ; are used to seperate the email addresses, right?

I don't see a function that will just let me count the number of @ in the string...

Posted: Tue Aug 22, 2006 2:17 pm
by hawleyjr
bordman wrote:Hi, again, thank your input...

I know a comma is not allowd as part of an email, but depending on the program sending the mail, usually a comma or ; are used to seperate the email addresses, right?

I don't see a function that will just let me count the number of @ in the string...
substr_count()

Posted: Tue Aug 22, 2006 2:31 pm
by feyd
http://svn.gna.org/viewcvs/blacknova/tr ... iew=markup may be of interest for validating RFC compliant email addresses.