Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New to the CF scene
    Join Date
    Nov 2010
    Posts
    3
    Thanks
    1
    Thanked 0 Times in 0 Posts

    PHP form spam filter trouble

    Hi, I am pretty new to php forms, but I have one that has been working fine, except for the spam issue. I am not sure why the http check I put in isnt working. Can anyone help? Here is the php form:
    <?php
    if(isset($_POST['submit'])) {

    # Form declarations
    $to = "cher@chernutrition.com";
    $subject = "The CityBite Submission";
    $from = "The CityBite Submission";
    $Going_to_field = $_POST['Going_to'];
    $Nutritional_goals_field = $_POST['Nutritional_goals'];
    $Food_preferences_field = $_POST['Food_preferences'];
    $name_field = $_POST['name'];
    $your_email_field = $_POST['your_email'];



    $body = "
    Going to: $Going_to_field\n
    Nutritional Goals: $Nutritional_goals_field\n
    Food preferences: $Food_preferences_field\n
    name: $name_field\n
    email: $your_email_field\n";

    $SpamErrorMessage = "No Websites URLs permitted";
    if (preg_match("/http/i", "$Going_to")) {echo "$SpamErrorMessage"; exit();}
    if (preg_match("/http/i", "$Nutritional_goals")) {echo "$SpamErrorMessage"; exit();}
    if (preg_match("/http/i", "$Food_preferences")) {echo "$SpamErrorMessage"; exit();}
    if (preg_match("/http/i", "$name")) {echo "$SpamErrorMessage"; exit();}
    if (preg_match("/http/i", "$your_email")) {echo "$SpamErrorMessage"; exit();}

    $success = mail($to, $subject, $body, "From: \"$name_field\" <$your_email_field>");

    }



    if ($success){
    header('Location: http://thecitybite.com/thankyouemail.html');
    } else {
    header('Location: http://thecitybite.com/emailerror.html');
    }
    ?>

  • #2
    Senior Coder
    Join Date
    Apr 2010
    Posts
    1,453
    Thanks
    71
    Thanked 102 Times in 101 Posts
    Are they submitting as www.google.com or http://www.google.com ?

    You may have to block www.

  • #3
    New to the CF scene
    Join Date
    Nov 2010
    Posts
    3
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Neither - I am doing test submissions with http in them, and the email is still going through and returning to thank you page. I think it has something to do with 'success' but not sure how to fix it.

  • #4
    Regular Coder
    Join Date
    Jul 2003
    Posts
    117
    Thanks
    0
    Thanked 17 Times in 17 Posts
    The wrong variable names are used in the check.
    for example
    PHP Code:
    if (preg_match("/http/i""$Going_to")) 
    should be
    PHP Code:
    if (preg_match("/http/i",$Going_to_field)) 
    The same goes with other fields too

  • Users who have thanked prasanthmj for this post:

    katecarmstrong (11-23-2010)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •