SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Enthusiast
    Join Date
    May 2007
    Posts
    44
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    mail form validation (advice needed)

    Hi
    I have small recomendation form, which is expected to collect name, e-mail, message, than sent e-mail and also update mysql database.
    What is done ?
    - when fields are empty - ok
    - email validation - ok

    what i want to do is to make sure that no one can use
    my form to spam, and also i will not get spam too.

    and to applay basic formating of e-mail and mysql input.

    and last most important issue is my so called captcha.
    As you will see in the script form is called serval times (if error). So when my form is displayed again, captcha image is not changing, is not refreshing each time form is called, but $thevalue is refreshing, and then $yourcode (re-type) is not equal to $thevalue1.

    i need some advice on this topic ... please

    thanks a lot in advance

    nita

    my code so far ..

    PHP Code:
    // PHP_SELF safely! 
    $php_self basename(htmlentities($_SERVER['PHP_SELF'])); 

    //image 
    $im ImageCreate(6020);  //create image 
    $white ImageColorAllocate($im0,00); 
    $black ImageColorAllocate($im12020068); 
    $md5 md5(microtime() * mktime()); 
    $string substr($md5,0,5); 
    $verification $string
    $thevalue$string
    ImageFill($im00$black); 
    ImageString($im4103$thevalue$white); 
    Imagejpeg($im"inc/verify.jpeg"); 
    ImageDestroy($im); 
    //this is recommendation form 
    $form .= 
        <table width='100%'  border='0' cellspacing='0' cellpadding='10'> 
        <tr> 
        <td> 

        <form action='"
    .$php_self."' method='post'> 
        <table width='444' align='left' class='info4'> 
        <tr> 
        <td valign='top' align='right'><b>Name:</b></td> 
        <td valign='top'> 
        <input name='name' size='30'> 
        </td> 
        </tr> 
        <tr> 
        <td valign='top' align='right'><b>E-mail:</b></td> 
        <td valign='top'> 
        <input name='email' size='30'> 
        </td> 
        </tr> 
        <tr> 
        <td valign='top' align='right'><b>Recomendation:</b></td> 
        <td valign='top'> 
        <textarea name='message' rows='10' cols='30'></textarea> 
        </td> 
        </tr> 
        <tr> 
        <td> 
        <img src='inc/verify.jpeg' border='0'> 
        <input type='hidden' value='"
    .$thevalue."' name='thevalue1'> 
        </td> 
        <td> 
        <input type='text' name='yourcode' size='5' maxlength='5'> 
        </td> 
        </tr> 
        <td valign='top' align='right'></td> 
        <td valign='top' align='left'> 
        <input class='button1' type='submit' value='Send' name='submitreco'> 
        <input class='button1' type='reset' value='Reset' name='reset'> 
        </td> 

        </tr> 
        </table> 
        </form> 
        </td> 
        </tr> 
        </table><br>"



    if (isset(
    $_POST['submitreco'])) { 


            
    $yourcode=$_POST['yourcode']; 
            
    $thevalue1=$_POST['thevalue1']; 
            
    $myemail "aaa@bbb.com"
            
    $name $_POST['name']; 
            
    $email $_POST['email']; 
            
    $message $_POST['message']; 
            
            
    // check if any of the fields are empty 
            
    if ($name=="" or $message=="" or $email=="") { 
            echo 
    "Please fill up all fields !"
            echo(
    $form); 
            } 
            else 
            { 
            
    $messagehtml str_replace("\r"''$message); 
            
    $thanks 
            <span class='info2'> 
            Thank you !. Your recomendation has sucessfuly been sent!<br> 
            <br></span>"

            
    $subject "New Movie Recomendation from '$name'"
            
    $headers "From: kris@nita-on-line.com"

            
    $messagetoemail "Hi Kris. You recived a new movie recomendation. 
            Name: 
    $name 
            E-mail: 
    $email 
            Recomendation: 
    $messagehtml 
            "

             
            function 
    check_email($email) {  
            
            
    // check that there's one @ symbol, and that the lengths are right  
                    
    if (!ereg("^[^@]{1,64}@[^@]{1,255}$"$email)) 
                    {    
                    return 
    false
                    }  
            
            
    // Split it into sections to make life easier  
                    
    $email_array explode("@"$email);  
                    
    $local_array explode("."$email_array[0]);  
                    for (
    $i 0$i sizeof($local_array); $i++) 
                    {      
                            if (!
    ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$"$local_array[$i])) 
                            {      
                            return 
    false;    
                            }  
                    }    
                    
                    if (!
    ereg("^\[?[0-9\.]+\]?$"$email_array[1])) 
                    { 
            
    // Check if domain is IP. If not, it should be valid domain name    
                    
    $domain_array explode("."$email_array[1]);    
                            if (
    sizeof($domain_array) < 2
                            {        
                            return 
    false// Not enough parts to domain    
                            
    }    
                            for (
    $i 0$i sizeof($domain_array); $i++) 
                            {      
                            if (!
    ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$"$domain_array[$i])) 
                                    { 
                                    return 
    false;      
                                    }    
                            }  
                    }  
            return 
    true
            } 
            
            if (
    check_email($email)) 
                    { 
                    if(
    $yourcode == $thevalue1){ 
                echo 
    "$thanks"
                            
    mail($myemail$subject$messagetoemail$headers); 
                            } 
                            
                            else 
                            { 
                            
                echo 
    "<span class='info2'> 
                            You verification code is not right. Please go back and try again. 
                            </span>"

                echo(
    $form); 
                    }       
                 } 
                 else 
                    
                    { 
                    echo 
    "Make sure that you fill in your e-mail corectly !"
                    echo(
    $form); 
                    
                     
                    } 
            } 

            
            

    else{ 
            echo(
    $form); 
            } 

  2. #2
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    >what i want to do is to make sure that no one can use
    >my form to spam, and also i will not get spam too.

    Take a look at this post:
    abuse free contact form

    I got that and many more solutions by visiting: http://www.sitepoint.com/forums/search.php
    and entering email form spam

    Try similar for your captcha problem.

    You say your looking for advice on these issues, and you will find many answers already dealt with in the forums.

    Come back when you get stuck on an issue, but try and ask just one question at a time.

    Good luck.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •