Fatal编程技术网
  • php/
  • Php 联系人表单正在发送空白电子邮件

Php 联系人表单正在发送空白电子邮件

php forms

Php 联系人表单正在发送空白电子邮件,php,forms,Php,Forms,我假设这只是机器人,但我怎样才能阻止这种情况发生呢?我至少在这里进行了一些验证——输入中的HTML5和php都是“必需的”。忘记客户端验证,如果我尝试发送它而不填写信息,它将返回一个错误(使用php) 如果我不能的话,机器人怎么能发送呢?我需要补充什么 <?php $allowedFields = array( 'firstname', 'lastname', 'email', 'phone', 'address', 'pre

我假设这只是机器人,但我怎样才能阻止这种情况发生呢?我至少在这里进行了一些验证——输入中的HTML5和php都是“必需的”。忘记客户端验证,如果我尝试发送它而不填写信息,它将返回一个错误(使用php)

如果我不能的话,机器人怎么能发送呢?我需要补充什么

<?php
    $allowedFields = array(
        'firstname',
    'lastname',
    'email',
    'phone',
    'address',
    'prefer-email',
    'prefer-snail ',
);

$requiredFields = array(
        'firstname',
    'lastname',
    'email',
    'phone',
    'address',
    'prefer-email',
    'prefer-snail ',
);

$requiredEmail = array(
    'email',
);

$errors = array();
foreach($_POST AS $key => $value) {
    // first need to make sure this is an allowed field
    if(in_array($key, $allowedFields)) {
    $$key = $value;

    // is this a required field?
    if(in_array($key, $requiredFields) && $value == '') {
        $errors[] = "The field $key is required.";
    }

    // is this a required field?
    if(in_array($key, $requiredEmail) && !filter_var($value, FILTER_VALIDATE_EMAIL))    {
        $errors[] = "A valid email is required.";
    }
    }   
}

// were there any errors?
if(count($errors) > 0) {
    $errorString = '<div class="error2"><h1>There was an error with the form.</h1><br />';
    $errorString .= '<ul>';
    foreach($errors as $error) {
        $errorString .= "<li>$error</li>";
    }
    $errorString .= '</ul></div>';

    // display the previous form
    include 'index.php';
} else {
    $first_name = $_POST['firstname'];
    $last_name = $_POST['lastname'];
    $email = $_POST['email'];
    $phone = $_POST['phone'];
    $address = $_POST['address'];
    $preferemail = $_POST['prefer-email'];
    $prefersnail = $_POST['prefer-snail'];


    $formcontent = "$firstname $lastname \r\n$email \r\n$phone \r\n$address \r\nPrefer Samples By: $preferemail $prefersnail \r\n";
    //$recipient = "Tester <test@test.com>";
    $recipient = "Tester <test@test.com>";
    $subject = "Test.com Form Submission";
    //$mailheader = "Landing Page <test@test.com>";
    mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
        header("Location: http://www.test.com/thanks.html");
}

您只检查$\u POST变量中的错误。机器人程序可能正在使用GET提交表单,因此会跳过您设置的验证,该验证取决于$\u POST变量的存在


我建议对所有请求变量进行验证:$\u request。或者,您可以检查是否存在任何post变量,如果不存在,则返回错误-从而强制post。
是,将整个内容包装在
if($\u post)中{
,从而防止在使用另一种方法时发生任何事情。在这种情况下,只需重定向到您的主页。好的,那么我是否应该只查找每个$\u帖子,并将其替换为$\u请求?这样做行吗?我按照halfer的建议做了,这样我们就会看到结果。谢谢,伙计们!