Php 联系人表单验证：用于筛选消息中允许的字符的代码_Php_Forms_Validation_Spam_Contact Form

Php 联系人表单验证：用于筛选消息中允许的字符的代码

php forms validation

Php 联系人表单验证：用于筛选消息中允许的字符的代码,php,forms,validation,spam,contact-form,Php,Forms,Validation,Spam,Contact Form,我的联系方式中有垃圾邮件发送者的问题。我注意到他们在消息中使用了非标准字符，所以我想添加代码，只允许包含标准字符0-9 a-z a-z！@$&'“，.？/和空格，并显示一条错误消息，“您的消息包含禁止使用的字符”。下面是我用于我的Process.php的代码 <?php if( isset($_POST) ){ //form validation vars $formok = true; $errors = array(); //sumbission data $ipaddress =

我的联系方式中有垃圾邮件发送者的问题。我注意到他们在消息中使用了非标准字符，所以我想添加代码，只允许包含标准字符0-9 a-z a-z！@$&'“，.？/和空格，并显示一条错误消息，“您的消息包含禁止使用的字符”。下面是我用于我的Process.php的代码

<?php
if( isset($_POST) ){

//form validation vars
$formok = true;
$errors = array();

//sumbission data
$ipaddress = $_SERVER['REMOTE_ADDR'];
$date = date('d/m/Y');
$time = date('H:i:s');

//form data
$name = $_POST['name'];    
$email = $_POST['email'];
$telephone = $_POST['telephone'];
$subject = $_POST['subject'];
$message = $_POST['message'];

//form validation to go here....

}
//validate name is not empty
if(empty($name)){
$formok = false;
$errors[] = "You have not entered a name";
}

//validate email address is not empty
if(empty($email)){
$formok = false;
$errors[] = "You have not entered an email address";
//validate email address is valid
}elseif(!filter_var($email, FILTER_VALIDATE_EMAIL)){
$formok = false;
$errors[] = "You have not entered a valid email address";
}

//validate message is not empty
if(empty($message)){
$formok = false;
$errors[] = "You have not entered a message";
}
//validate message is greater than 20 charcters
elseif(strlen($message) < 20){
$formok = false;
$errors[] = "Your message must be greater than 20 characters";
}

//send email if all is ok
if($formok){
$headers = "From: contactform@example.com.au" . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";

$emailbody = "<p>You have recieved a new message from the enquiries form on your website.</p>
              <p><strong>Name: </strong> {$name} </p>
              <p><strong>Email Address: </strong> {$email} </p>
              <p><strong>Telephone: </strong> {$telephone} </p>
              <p><strong>Message: </strong> {$message} </p>
              <p>This message was sent from the IP Address: {$ipaddress} on {$date} at {$time}</p>";

mail("john@example.com.au","New Enquiry",$emailbody,$headers);
}
//what we need to return back to our form  
$returndata = array(  
    'posted_form_data' => array(  
        'name' => $name,  
        'email' => $email,  
        'telephone' => $telephone,  
        'message' => $message  
    ),  
    'form_ok' => $formok,  
    'errors' => $errors  
);  
//if this is not an ajax request
if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest'){

//set session variables
session_start();
$_SESSION['cf_returndata'] = $returndata;

//redirect back to form
header('location: ' . $_SERVER['HTTP_REFERER']);

}

您可以使用正则表达式验证消息：
if(!preg_match('/^[0-9a-z\!@\$\&\'",\.\?\/\s]*$/i', $message))
{
    $formok = false;
    $errors[] = "You entered invalid character";
}

谢谢，我只需要在$/I之前添加一个elseif语句A-Z和A*，所以表达式现在读为elseif（！preg\u match（'/^[0-9a-zA-Z\！@$\\&'，\.\？\/\s]*$/I'，$message））{$formok=false；$errors[]=“您输入了无效字符”}@user3021928大写字母A-Z是不必要的，因为我使用了/I修饰符，这使得regexp不区分大小写。是的，*是必要的，我编辑了答案。使用capcha，系统将自动停止输入联系人表单。