我的网站上有简单的联系表格,前几天我开始从网站上的联系表格收到半封空白的电子邮件 .
它们看起来与下面的示例相同,只填写名称和电子邮件字段,但电话和消息字段为空:
Name: 5906f36c9c72b E-mail: njhjlee@gmail.com(任何时候不同的电子邮件) Phone:
Message:
这是HTML代码:
<form id="contactform" action="assets/php/mail_submit.php" method="post">
<div class="row">
<div class="col-xs-12 col-md-4">
<input type="text" name="name" id="name" placeholder="Your Name" required/>
</div><!--column-->
<div class="col-xs-12 col-md-4">
<input type="text" name="email" id="email" placeholder="Your email" required/>
</div><!--column-->
<div class="col-xs-12 col-md-4">
<input type="text" name="phone" id="phone" placeholder="Ваш телефон" required/>
</div><!--column-->
<p class="antispam">Leave this empty: <input type="text" name="url" /></p>
<div class="col-xs-12 col-md-8">
<textarea placeholder="Message" name="message" id="message" required></textarea>
</div><!--column-->
<div class="col-xs-12 col-md-4">
<input class="btn btn-default" id="submit" type="submit" value="Send"/>
</div><!--column-->
</div><!--row-->
</form>
这是PHP脚本:
<?php
if (!isset($_REQUEST['name']) || !isset($_REQUEST['email']) ||
!isset($_REQUEST['message']) || !isset($_REQUEST['phone'])) {
die();
}
if (isset($_POST['name']) || isset($_POST['email']) ||
isset($_POST['message']) || isset($_POST['phone']) && !empty($_POST['name'])
|| !empty($_POST['email']) || !empty($_POST['message']) |
!empty($_POST['phone'])) {
$your_email="my@mail.com";
$name=$_POST['name'];
$email=$_POST['email'];
$message=$_POST['message'];
$phone=$_POST['phone'];
$to = $your_email;
$subject = "My Website: New Message! \r\n";
$message = '
<html>
<head>
<title>Message from '. $name .'</title>
</head>
<body>
<table class="table">
<tr>
<th align="right">Name:</th>
<td align="left">'. $name .'</td>
</tr>
<tr>
<th align="right">E-mail:</th>
<td align="left">'. $email .'</td>
</tr>
<tr>
<th align="right">Phone:</th>
<td align="left">'. $phone .'</td>
</tr>
<tr>
<th align="right">Message:</th>
<td align="left">'. $message .'</td>
</tr>
</table>
</body>
</html>';
$headers .= "From: no-reply@website.com\r\n";
$headers .= "Reply-To: $email \r\n";
$headers .= "Return-Path: $email\r\n";
$headers .= "X-Mailer: PHP \r\n";
$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
mail($to, $subject, $message, $headers);
} else {
die();
}
?>
这是AJAX脚本:
function IsEmail(email) {
var regex = /^([a-zA-Z0-9_\.\-\+])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]
{2,4})+$/;
return regex.test(email);
}
if($("#contactform").length!=0){
$("#contactform").submit(function (e) {
e.preventDefault();
var name = $("#name").val(),
email = $("#email").val(),
phone = $("#phone").val(),
message = $("#message").val(),
dataString = 'name=' + name + '&email=' + email+ '&phone=' + phone +
'&message=' + message;
if (name === '' || !IsEmail(email) || phone === '' || message ===
'') {
$('#valid-issue').html('Not correct data').slideDown();
} else {
$.ajax({
type: "POST",
url: "/assets/php/mail_submit.php",
data: dataString,
success: function () {
$('#contactform').slideUp();
$('#valid-issue').html('Thank you. Message was sent successfully.').show();
}
});
}
});
}
我检查了日志,发现所有垃圾邮件机器人都是来自Thor网络和不同的IP . 我试过验证码,但它没有帮助 . 请帮忙建议...
1 回答
尝试加强你的javascript检查,也使用“修剪”:
使用PHP str_word_count来强化对空消息的检查 .
例如 .
我的PHP代码很少有其他错误:你永远不应该直接访问超全局POST / GET变量 . 使用PHP内置过滤器功能或自定义过滤器功能 .
或者你可以使用
然后:
对于您可以使用的电子邮件
更多信息here和here
希望能帮助到你 ;)