为什么我的PHP电子邮件表单吸引了垃圾邮件? [英] Why is my PHP E-mail form attracting spam?
问题描述
我已经建立了一个网站,我想在网页上有一个电子邮件联系表单,以便有人可以给我发消息。
我是使用本网站的代码: http://www.w3schools.com/php/php_secure_mail.asp
我正在使用说明 PHP停止电子邮件注入
的部分尽管我的网站每天获得的访问次数很少(比如少于10次访问者),我发现我每天从垃圾邮件发送者那里得到3或4条消息,而这些垃圾邮件发送者似乎正在向我发送不相关的随机消息对于网站的主题。
我对此很新,所以我想问一个问题:为什么我的PHP电子邮件形式吸引垃圾邮件,可以做些什么来阻止它?
理想情况下,我希望让真实用户尽可能轻松地与我联系,如果我不需要我,我宁愿这样做如果可能,请参阅ea CAPTCHA。
非常感谢
我正在使用的代码:
< html>
< body>
<?php
功能spamcheck($ field)
{
// filter_var()使用FILTER_SANITIZE_EMAIL
清理电子邮件
//地址$ field = filter_var($ field,FILTER_SANITIZE_EMAIL);
// filter_var()使用FILTER_VALIDATE_EMAIL
验证电子邮件
// address(filter_var($ field,FILTER_VALIDATE_EMAIL))
{
返回TRUE;
}
else
{
return FALSE;
}
}
if(isset($ _ REQUEST ['email']))
{//如果电子邮件被填写,则继续
//检查邮件地址是否无效
$ mailcheck = spamcheck($ _ REQUEST ['email']);
if($ mailcheck == FALSE)
{
echoInvalid input;
}
else
{//发送电子邮件
$ email = $ _REQUEST ['email'];
$ subject = $ _REQUEST ['subject'];
$ message = $ _REQUEST ['message'];
mail(someone@example.com,Subject:$ subject,
$ message,From:$ email);
echo谢谢你使用我们的邮件表单;
}
}
else
{//如果email未填写,则显示窗体
echo< form method ='post'action = 'mailform.php'>
电子邮件:< input name ='email'type ='text'>< br>
主题:< input name ='subject'type ='text '>< br>
消息:< br>
< textarea name ='message'rows = '15'cols ='40'>
< / textarea> < br>
< input type ='submit'>
< / form>;
}
?>
有一个简单的方式来摆脱大多数垃圾邮件发送者:
在窗体中输入一个输入字段,如显示:无; 作为样式。理想情况下,这是在外部的css文件中指定的。
将该输入字段放在表单中,并给它一个重要的名称,如name2或某些东西。
然后,当浏览输入时,丢弃在该字段内具有avalue的所有请求,因为实际用户看不到,因此无法输入值。而垃圾邮件机器人最有可能填满他们在网页上找到的所有字段。
I have built a website and I want to have an e-mail contact form on the web page, so that someone can send me a message.
I am using the code from this website: http://www.w3schools.com/php/php_secure_mail.asp
I am using the part that says PHP Stopping E-mail Injections
Even though my site gets very few hits per day (like less than 10 visitors) I am finding that I am getting 3 or 4 messages every day from "spammers" who just seem to be sending me random messages that are not related to the subject matter of the website.
I am fairly new to all this, so I would like to ask the question: Why is my PHP e-mail form attracting Spam and what can I do to stop it?
Ideally I would like to make it as easy as possible for the real users to contact me, and I would prefer it if I didn't have to use a CAPTCHA if possible.
Thanks so much
Code I am using:
<html>
<body>
<?php
function spamcheck($field)
{
//filter_var() sanitizes the e-mail
//address using FILTER_SANITIZE_EMAIL
$field=filter_var($field, FILTER_SANITIZE_EMAIL);
//filter_var() validates the e-mail
//address using FILTER_VALIDATE_EMAIL
if(filter_var($field, FILTER_VALIDATE_EMAIL))
{
return TRUE;
}
else
{
return FALSE;
}
}
if (isset($_REQUEST['email']))
{//if "email" is filled out, proceed
//check if the email address is invalid
$mailcheck = spamcheck($_REQUEST['email']);
if ($mailcheck==FALSE)
{
echo "Invalid input";
}
else
{//send email
$email = $_REQUEST['email'] ;
$subject = $_REQUEST['subject'] ;
$message = $_REQUEST['message'] ;
mail("someone@example.com", "Subject: $subject",
$message, "From: $email" );
echo "Thank you for using our mail form";
}
}
else
{//if "email" is not filled out, display the form
echo "<form method='post' action='mailform.php'>
Email: <input name='email' type='text'><br>
Subject: <input name='subject' type='text'><br>
Message:<br>
<textarea name='message' rows='15' cols='40'>
</textarea><br>
<input type='submit'>
</form>";
}
?>
There is a simple way to get rid of most spammers:
output an input field inside your form that as display: none; as a style. Ideally that is specified in an external css file.
Put that input field inside your form and give it an important name, like "name2" or something.
Then, when eveluating input, discard all requests that have avalue inside that field, as a real user can not see and and thus can't enter a value. Whereas spam bots most likely fill all fields they find on a page.
这篇关于为什么我的PHP电子邮件表单吸引了垃圾邮件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
