Stop the spam
Posted: Mon May 21, 2007 10:25 am
I keep getting spammed from my contact form. I want to avoid putting a captcha so it is easy to use. I have looked into mail header injection and think that this could be the problem but shouldn't the regex stop that. Is there anything else I can do?
Please help
Please help
Code: Select all
foreach ($_POST as $key => $value) {
$$key = mysql_real_escape_string($value);
}
$error == '0';
$error_message = "";
// validating email
if(empty($email) or (!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/", $email))) {
$error1 = 1;
$error_message .="Please enter a valid email address.";
} else {
$error1 = '0';
}
if(empty($name)) { $error2 = '1'; $error_message .="Please enter your name."; } else { $error2='0'; }
if(empty($message)) { $error3 = '1'; $error_message .="Please enter a message."; } else { $error3='0'; }
$error = $error1+$error2+$error3;
if($error =='0') {
$format_message = "From: ".$name."\n\n".$message;
// sending email
$headers = "From: ".$email."\r\n";
$headers .= "Reply-To: ".$email."\r\n";
$headers .= "Return-Path: ".$email."\r\n";
$site_email = get_shop_details('email');
mail($site_email, $subject, $format_message, $headers);
mail("xxx@xxx.co.uk", $subject, $format_message, $headers);
mail("xxx@xxx.co.uk", $subject, $format_message, $headers);
header("Location:contact_sent.php");
} }