javascript - what improvements do i need to make to my form submission (for email) to stop the spam i am receiving and make my form more secure? -


every morning @ 10:53am hit 1-2 blank emails sort of entity using send.php file.

i know result of php send file on website, dont have knowledge of php. spent lot of time several weeks ago looking clear cut information telling me how setup input form php send , got far. know there absolutely glaringly obvious security holes in code.

i know doing wrong on form lock down dont hit spam anymore.

i have javascript honeypot, input field if hidden field gets selected changes value true false , form no longer submit form instead give user alert saying have submitted form, , page reloads (probably not great of solution).

i went ahead , replaced email some@email.com

<?php   $sname = $_post['name'];   $slastname = $_post['last-name'];   $semail = $_post['email'];   $semailconfirm = $_post['confirm-email'];   $sphone = $_post['phone-number'];   $smessage = filter_var($_post['message'], filter_sanitize_string );      $formerrors = false;      if ($sname === '') :     echo "<div>sorry, first name required field</div>";   endif; //input field empty    if (!(preg_match('/[a-za-z]+/', $sname)) ) :     echo "<div>sorry, first name doesnt follow allowed pattern</div>";   endif; //pattern doesnt match    if ($slastname === '') :     echo "<div>sorry, last name required field</div>";   endif; //input field empty    if (!(preg_match('/[a-za-z]+/', $slastname)) ) :     echo "<div>sorry, last name doesnt follow allowed pattern</div>";   endif; //pattern doesnt match     if ($semail === '') :     echo "<div>sorry, email required field</div>";   endif; //input field empty    if ($semailconfirm !== $semail) :     echo "<div>sorry, emails must match</div>";   endif; //input field empty    if ($smessage === '') :     echo "<div>sorry, message has no content</div>";   endif; //input field empty      if (!($formerrors)) :     $to       = "some@email.com";     $subject  = "from $sname $slastname -- $semail -- $sphone";     $message  = "$sname filled out form";      $replyto  = "from: $semail \r\n".                 "reply-to: some@email.com \r\n";      if (mail($to, $subject, $smessage)):       $msg = "thanks filling out contact form";     else:       $msg = "problem sending message";     endif; //mail form data    endif; //check errors   ?>

the email every day says

from -- --

and doesnt have in text body

you never set $formerrors so

 if ($sname === '') :     echo "<div>sorry, first name required field</div>";   endif; //input field empty

and other checks output error still process form.

try:

 if ($sname === '') :     echo "<div>sorry, first name required field</div>";     $formerrors = true;   endif; //input field empty

Comments

Post a Comment

Popular posts from this blog

get url and add instance to a model with prefilled foreign key :django admin -

Image
i have page in each contest shown in row. each row contains contest id , link other model names have foreign key contest. news model: class news(models.model): title = models.charfield(max_length=50, null=true) description = models.textfield() time = models.timefield( default= datetime.datetime.now().time()) contest = models.foreignkey(contest) i want use admin adding , changing these models. want when user clicks on 'news' has foreign key contest id=1, shows list of news value foreign key. use {% instance in instances %} <tr class="{% cycle 'row1' 'row2' %}"> <td>{{ instance.title }}</td> <td>{{ instance.starttime }}</td> <td>{{ instance.timespan }}</td> <td>{{ instance.date }}</td> <td><a href="/adm...
Read more

css - Make div keyboard-scrollable in jQuery Mobile? -

from can tell, although jquery-mobile-powered pages can contain divs overflow set scroll or auto, , these divs can scrolled one-screen bar or mouse wheel, cannot scrolled using arrow keys, page-up/page-down, or home/end. instead, official "page" div (with data-role="page") absorbs input. perhaps other divs can't acquire focus, i'm not sure. is there way around this? edit: jsfiddle of simple example: https://jsfiddle.net/qogz0shx/ <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/jquery.mobile.min.js"> </script> <link rel="stylesheet" href="https://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.css"/> <style> #outer { overflow:scroll; height: 50vh; width: 50vw; } #inner { height: 500vh; width: 500vw; } ...
Read more

android - Keyboard hides my half of edit-text and button below it even in scroll view -

i having trouble keyboard covers edit-text , half of button in scroll view. here's layout , please tell me how should resolve problem. many questions on topic none of them s working me. <?xml version="1.0" encoding="utf-8"?> <linearlayout xmlns:android="http://schemas.android.com/apk/res/android" android:layout_width="match_parent" android:background="@drawable/bg" android:layout_height="match_parent"> <scrollview android:layout_width="match_parent" android:fillviewport="true" android:layout_height="match_parent"> <relativelayout android:layout_width="match_parent" android:layout_height="wrap_content" android:orientation="vertical"> <linearlayout android:layout_width="match_parent" android:layout_height="w...
Read more