Php 联系人表单验证:用于筛选消息中允许的字符的代码
我的联系方式中有垃圾邮件发送者的问题。我注意到他们在消息中使用了非标准字符,所以我想添加代码,只允许包含标准字符0-9 a-z a-z!@$&'“,.?/和空格,并显示一条错误消息,“您的消息包含禁止使用的字符”。下面是我用于我的Process.php的代码Php 联系人表单验证:用于筛选消息中允许的字符的代码,php,forms,validation,spam,contact-form,Php,Forms,Validation,Spam,Contact Form,我的联系方式中有垃圾邮件发送者的问题。我注意到他们在消息中使用了非标准字符,所以我想添加代码,只允许包含标准字符0-9 a-z a-z!@$&'“,.?/和空格,并显示一条错误消息,“您的消息包含禁止使用的字符”。下面是我用于我的Process.php的代码 <?php if( isset($_POST) ){ //form validation vars $formok = true; $errors = array(); //sumbission data $ipaddress =
<?php
if( isset($_POST) ){
//form validation vars
$formok = true;
$errors = array();
//sumbission data
$ipaddress = $_SERVER['REMOTE_ADDR'];
$date = date('d/m/Y');
$time = date('H:i:s');
//form data
$name = $_POST['name'];
$email = $_POST['email'];
$telephone = $_POST['telephone'];
$subject = $_POST['subject'];
$message = $_POST['message'];
//form validation to go here....
}
//validate name is not empty
if(empty($name)){
$formok = false;
$errors[] = "You have not entered a name";
}
//validate email address is not empty
if(empty($email)){
$formok = false;
$errors[] = "You have not entered an email address";
//validate email address is valid
}elseif(!filter_var($email, FILTER_VALIDATE_EMAIL)){
$formok = false;
$errors[] = "You have not entered a valid email address";
}
//validate message is not empty
if(empty($message)){
$formok = false;
$errors[] = "You have not entered a message";
}
//validate message is greater than 20 charcters
elseif(strlen($message) < 20){
$formok = false;
$errors[] = "Your message must be greater than 20 characters";
}
//send email if all is ok
if($formok){
$headers = "From: contactform@example.com.au" . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$emailbody = "<p>You have recieved a new message from the enquiries form on your website.</p>
<p><strong>Name: </strong> {$name} </p>
<p><strong>Email Address: </strong> {$email} </p>
<p><strong>Telephone: </strong> {$telephone} </p>
<p><strong>Message: </strong> {$message} </p>
<p>This message was sent from the IP Address: {$ipaddress} on {$date} at {$time}</p>";
mail("john@example.com.au","New Enquiry",$emailbody,$headers);
}
//what we need to return back to our form
$returndata = array(
'posted_form_data' => array(
'name' => $name,
'email' => $email,
'telephone' => $telephone,
'message' => $message
),
'form_ok' => $formok,
'errors' => $errors
);
//if this is not an ajax request
if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest'){
//set session variables
session_start();
$_SESSION['cf_returndata'] = $returndata;
//redirect back to form
header('location: ' . $_SERVER['HTTP_REFERER']);
}
您可以使用正则表达式验证消息:
if(!preg_match('/^[0-9a-z\!@\$\&\'",\.\?\/\s]*$/i', $message))
{
$formok = false;
$errors[] = "You entered invalid character";
}
谢谢,我只需要在$/I之前添加一个elseif语句A-Z和A*,所以表达式现在读为elseif(!preg\u match('/^[0-9a-zA-Z\!@$\\&',\.\?\/\s]*$/I',$message)){$formok=false;$errors[]=“您输入了无效字符”}@user3021928大写字母A-Z是不必要的,因为我使用了/I修饰符,这使得regexp不区分大小写。是的,*是必要的,我编辑了答案。使用capcha,系统将自动停止输入联系人表单。