Php 联系人表单正在发送空白电子邮件
我假设这只是机器人,但我怎样才能阻止这种情况发生呢?我至少在这里进行了一些验证——输入中的HTML5和php都是“必需的”。忘记客户端验证,如果我尝试发送它而不填写信息,它将返回一个错误(使用php) 如果我不能的话,机器人怎么能发送呢?我需要补充什么Php 联系人表单正在发送空白电子邮件,php,forms,Php,Forms,我假设这只是机器人,但我怎样才能阻止这种情况发生呢?我至少在这里进行了一些验证——输入中的HTML5和php都是“必需的”。忘记客户端验证,如果我尝试发送它而不填写信息,它将返回一个错误(使用php) 如果我不能的话,机器人怎么能发送呢?我需要补充什么 <?php $allowedFields = array( 'firstname', 'lastname', 'email', 'phone', 'address', 'pre
<?php
$allowedFields = array(
'firstname',
'lastname',
'email',
'phone',
'address',
'prefer-email',
'prefer-snail ',
);
$requiredFields = array(
'firstname',
'lastname',
'email',
'phone',
'address',
'prefer-email',
'prefer-snail ',
);
$requiredEmail = array(
'email',
);
$errors = array();
foreach($_POST AS $key => $value) {
// first need to make sure this is an allowed field
if(in_array($key, $allowedFields)) {
$$key = $value;
// is this a required field?
if(in_array($key, $requiredFields) && $value == '') {
$errors[] = "The field $key is required.";
}
// is this a required field?
if(in_array($key, $requiredEmail) && !filter_var($value, FILTER_VALIDATE_EMAIL)) {
$errors[] = "A valid email is required.";
}
}
}
// were there any errors?
if(count($errors) > 0) {
$errorString = '<div class="error2"><h1>There was an error with the form.</h1><br />';
$errorString .= '<ul>';
foreach($errors as $error) {
$errorString .= "<li>$error</li>";
}
$errorString .= '</ul></div>';
// display the previous form
include 'index.php';
} else {
$first_name = $_POST['firstname'];
$last_name = $_POST['lastname'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$preferemail = $_POST['prefer-email'];
$prefersnail = $_POST['prefer-snail'];
$formcontent = "$firstname $lastname \r\n$email \r\n$phone \r\n$address \r\nPrefer Samples By: $preferemail $prefersnail \r\n";
//$recipient = "Tester <test@test.com>";
$recipient = "Tester <test@test.com>";
$subject = "Test.com Form Submission";
//$mailheader = "Landing Page <test@test.com>";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
header("Location: http://www.test.com/thanks.html");
}
您只检查$\u POST变量中的错误。机器人程序可能正在使用GET提交表单,因此会跳过您设置的验证,该验证取决于$\u POST变量的存在
我建议对所有请求变量进行验证:$\u request。或者,您可以检查是否存在任何post变量,如果不存在,则返回错误-从而强制post。是,将整个内容包装在if($\u post)中{
,从而防止在使用另一种方法时发生任何事情。在这种情况下,只需重定向到您的主页。好的,那么我是否应该只查找每个$\u帖子,并将其替换为$\u请求?这样做行吗?我按照halfer的建议做了,这样我们就会看到结果。谢谢,伙计们!