Blocking submission of a web-based form
My website includes a contact form, for potential guests of our bed and breakfast. Although there is a notice that use of the form for unsolicited marketing will result in a report to the FTC, several web developers repeatedly submit the form. I cannot automatically delete their submissions from my Email account server, because the forms originate from my business' Email address -- not the submitter. I would like to know if there is a way to configure the form handler, so that certain text in the form fields would prevent form submission, and deliver feedback to the would-be submitter. The form is at www.mauitradewinds.com/contact.htm I redacted my Email address. The contact form handler code follows:
<?php
session_start();
if(!isset($_SESSION["contact_form"])){ //if contact form was not really visited, just exit.
exit;
}
if($_POST['name'] != '') { //show thankyou page and exit.
header("Location: thankyou.htm"); /* Redirect to thankyou page */
exit; }
$errors = '';
$myemail = '';//<-----Put Your email address here.
if(empty($_POST['firstname']) ||
empty($_POST['lastname']) ||
empty($_POST['email']) ||
empty($_POST['message']))
{
$errors .= "\n Error: At a minimum, we need your name, Email address and message in order to transmit your form.";
}
else
{
$firstname = array_key_exists('firstname',$_POST) ? $_POST['firstname']:'';
$lastname = array_key_exists('lastname',$_POST) ? $_POST['lastname']:'';
$Address = array_key_exists('Address',$_POST) ? $_POST['Address']:'';
$City = array_key_exists('City',$_POST) ? $_POST['City']:'';
$State = array_key_exists('State',$_POST) ? $_POST['State']:'';
$Zip = array_key_exists('Zip',$_POST) ? $_POST['Zip']:'';
$Country = array_key_exists('Country',$_POST) ? $_POST['Country']:'';
$Phone = array_key_exists('Phone',$_POST) ? $_POST['Phone']:'';
$email_address = array_key_exists('email',$_POST) ? $_POST['email']:'';
$message = array_key_exists('message',$_POST) ? $_POST['message']:'';
if (!preg_match(
'/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i',
$email_address))
{
$errors .= "\n Error: Invalid email address";
}
}
if( empty($errors))
{
$to = $myemail;
$email_subject = "Maui Tradewinds Contact form";
$email_body = "You have received a contact form from Site-1. ".
" Here are the details:\n First Name: $firstname \n Last Name: $lastname \n Address: $Address \n City: $City \n State: $State \n Zip: $Zip \n Country: $Country \n Phone: $Phone \n Email: $email_address \n Message: $message";
$headers = "From: $myemail\n";
$headers .= "Reply-To: $email_address";
mail($to,$email_subject,$email_body,$headers);
//redirect to the 'thank you' page
header('Location: thankyou.htm');
exit;//You should always "exit" immediately after a redirection request
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Contact form handler</title>
</head>
<body>
<!-- This page is displayed only if there is some error -->
<?php
echo nl2br($errors);
?>
</body>
</html>ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can use preg_match
<?php
$words = array(
"badword1",
"badword2",
"badword3",
"dogs"
);
$message = "The quick brown fox jumps over the lazy dogs";
foreach($words as $word) {
if (preg_match("/{$word}/", $message, $match)) {
echo "Bing";
}
}ASKER
Thank you both!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you both!
ASKER
There are several words which distinguish the spammers from potential guests. How would I include that list of words, rather than just the one word ?