Reply to Re: Contact Form Spam

Your name:

Reply:


Posted by Shelly on 01/24/08 05:21

On Jan 24, 12:09 am, Manuel Lemos <mle...@acm.org> wrote:
> Hello,
>
> on 01/24/2008 03:03 AM Shelly said the following:
>
>
>
> >> If you put the text in the form page, it is very easy to retrieve the
> >> page, get the code and emulate the form submission with the code in it.
> >> With CAPTCHA that would be harder.
>
> > Exactly. If they put the code in it (assuming they got it), and since
> > I put it in the email that is sent (both what they put in and what I
> > asked for), why would the email they send not have anything in either
> > field in the email?
>
> >> If you say you verify the presence of the correct code, maybe you are
> >> not doing it correctly.
>
> > It is done correctly. I tested this about twenty times. It only
> > succeeds if the code that is typed in is the same as the one asked
> > for. BTW, every time the page is presented there is a different set
> > of 6 characters.
>
> It seems you have a bug that only you can figure because only you know
> your code. Maybe we can help you can show your code.
>
> --
>
> Regards,
> Manuel Lemos
>
> PHP professionals looking for PHP jobshttp://www.phpclasses.org/professionals/
>
> PHP Classes - Free ready to use OOP components written in PHPhttp://www.phpclasses.org/

The calling code is (The constants are defined earlier. Also, $fld is
an instance of a class that contains information about all of the
fields on the form. The last three are not on the form and the
security field was not part of $fld.)
====================
$mail = new htmlMimeMail();
$mail->setFrom(MAIL_FROM);
$mail->setBcc(MAIL_CC);
$mail->setSubject(MAIL_SUBJECT);
$i = 0;
$message = "";

$html = '<body bgcolor="#CCFFCC">' .
'<strong>From: </strong>' . MAIL_FROM . '<webmaster@' . MAIL_FROM .
'.com><br>' .
'<strong>Sent: </strong>' . MAIL_SENT . "<br>" .
'<strong>To: </strong>' . MAIL_TO . "<br>" .
'<strong>Subject: </strong>' . MAIL_SUBJECT . "<br>" .
'<table border="1" align="center"><caption align="top"><b>' .
MAIL_SUBJECT . '</b></caption><br>';

for ($i=0; $i<$fld->size; $i++) {
$message .= $fld->fldDisplay[$i] . ": " . $fld->fldVal[$fld-
>fldName[$i]] . "\r\n";
$html .= '<tr><th>' . $fld->fldDisplay[$i] . '</th><td>' .
$fld->fldVal[$fld->fldName[$i]] . '</td></tr>';
}

$html .= '<tr><th>Security Code Generated</th><td>' .
$_POST['securityHidden'] . '</td></tr>';
$html .= '<tr><th>Security Code Entered</th><td>' .
$_POST['securityCode'] . '</td></tr>';
$html .= '<tr><th>User IP Address</th><td>' . getenv("REMOTE_ADDR") .
'</td></tr>';
$html .= '</table></body>';
$mail->setHTML($html, $message);
$sent = $mail->send(array(MAIL_TO));
=============================

The htmlMimeMail is part of the htmlMimeMail package (http://
www.phpguru.org/)

It is rather long, but can be seen at that site.

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация