防止我的表单发送垃圾邮件
问题描述:
我想创建发送给好友的表单,而不是将其用于垃圾邮件。防止我的表单发送垃圾邮件
我已经在网上搜索,发现这些有用的
http://www.nyphp.org/phundamentals/8_Preventing-Email-Header-Injection http://www.nyphp.org/phundamentals/6_Spoofed-Form-Submissions
来源是低于不够好这个代码?
- 它删除所有新行,并返回字符,以便新的消息不能被添加
- 它使用一个会话变量,使得形式不能被伪造
function nospam($name)
{
return(str_replace(array("\r", "\n", "%OA", "%oa", "%OD", "%od",
"Content-Type:","BCC:","bcc:", "CC:","cc:"), "", $name));
}
//the form posts to itself
if(isset($_POST['submit'])){
if($_POST['secret'] == $_SESSION['secret']){
$_POST['email'] = nospam($_POST['email']);
$_POST['sendername'] = nospam($_POST['sendername']);
$_POST['link'] = nospam($_POST['link']);
$_POST['message'] = nospam($_POST['message']);
$_POST['senderemail'] = nospam($_POST['senderemail']);
$to = $_POST['email'];
$subject = $_POST['sendername'] . " has sent you this link.";
$message = "Hi " . $_POST['name'] . ",\n\n";
$message .= "The following link was sent to you by " . $_POST['sendername'] . ".\n\n";
$message .= $_POST['link'] . "\n\n";
$message .= $_POST['message'] . "\n\n";
$from = $_POST['senderemail'];
$headers = "From:" . $from;
mail($to,$subject,$message,$headers);
echo "Mail Sent.";
}
exit;
}else{
//set the secret variable when the page opens - only email if it exists
$secret = md5(uniqid(rand(), true));
$_SESSION['secret'] = $secret;
?>
<!--html form code here -->
<?php } ?>
答
您可以在表单底部使用reCaptcha来阻止这种事情发生。
http://vidiame.com/php/how-to-implement-recaptcha-with-your-php-project
您可以使用CAPTCHA,你应该限制的提交数量,以每分钟1为例。 – Songo 2012-03-27 00:48:50