Ryan Swanson
Reputation: 390
Php if statements/contact form anti spam integration
I am trying to integrate this tutorial into my existing contact form. However if it not working. Basically I want to have a blank url input field that I hide with CSS. If that field is filled in the form will not send. Here is my original mailer script:
<?php
// My modifications to mailer script from:
// http://blog.teamtreehouse.com/create-ajax-contact-form
// Added input sanitizing to prevent injection
// Only process POST reqeusts.
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Get the form fields and remove whitespace.
$name = strip_tags(trim($_POST["name"]));
$name = str_replace(array("\r","\n"),array(" "," "),$name);
$email = filter_var(trim($_POST["email"]), FILTER_SANITIZE_EMAIL);
$message = trim($_POST["message"]);
// Check that data was sent to the mailer.
if ( empty($name) OR empty($message) OR !filter_var($email, FILTER_VALIDATE_EMAIL)) {
// Set a 400 (bad request) response code and exit.
http_response_code(400);
echo "Oops! There was a problem with your submission. Please complete the form and try again.";
exit;
}
// Set the recipient email address.
// FIXME: Update this to your desired email address.
$recipient = "[email protected]";
// Set the email subject.
$subject = "New contact from $name";
// Build the email content.
$email_content = "Name: $name\n";
$email_content .= "Email: $email\n\n";
$email_content .= "Message:\n$message\n";
// Build the email headers.
$email_headers = "From: $name <$email>";
// Send the email.
if (mail($recipient, $subject, $email_content, $email_headers)) {
// Set a 200 (okay) response code.
//http_response_code(200);
echo "Thank You! Message Received! Click to close. ";
} else {
// Set a 500 (internal server error) response code.
//http_response_code(500);
echo "Oops! Something went wrong and we couldn't send your message.";
}
} else {
// Not a POST request, set a 403 (forbidden) response code.
// http_response_code(403);
echo "There was a problem with your submission, please try again.";
}
?>
This is the code that I need to integrate in...
<?php
// if the url field is empty
if(isset($_POST['url']) && $_POST['url'] == ''){
// then send the form to your email
mail( '[email protected]', 'Contact Form', print_r($_POST,true) );
}
// otherwise, let the spammer think that they got their message through
?>
I'm sure this is easy enough, I just don't know PHP very well. Any help would be appreciated.
Upvotes: 0
Views: 193
Answers (1)
andrew
Reputation: 9583
Try changing :
if (mail($recipient, $subject, $email_content, $email_headers)) {...
To:
if (isset($_POST['url']) && $_POST['url'] == '' &&
mail($recipient, $subject, $email_content, $email_headers)) {...
Also, your hidden input is known as a 'honey pot' and it is known to be more effective if set to :
position:absolute;
top: -100;
rather than
display:none
EDIT
I forgot that the if statement validates from left to right, please see revision above. also make sure your input is named 'url'
<input name="url" />
Upvotes: 2
Related Questions
- Spam Filter in Contact Form
- anti spam security question php contact form
- Adding Spam Control in the Php Contact Form
- Issue with PHP Contact Form Spam
- Php contact form coding issue
- Weeding out spammers/bots via php
- Avoid emails being considered as spam when sent via a PHP contact form
- How to Code phpMailer to prevent sending email if hidden field is filled in contact form
- PHP Script for contact form to email
- PHP sendmail if elseif