Hi,
To prevent spam sent with my contact form, i found these usefull functions on php.net:
PHP Code:
/** Check single-line inputs: Returns false if text contains newline character */
function has_no_newlines($text) {
return preg_match("/(%0A|%0D|\n+|\r+)/i", $text);
}
/** Check multi-line inputs: Returns false if text contains newline followed by email-header specific string*/
function has_no_emailheaders($text) {
return preg_match("/(%0A|%0D|\n+|\r+)(content-type:|to:|cc:|bcc:)/i", $text);
}
if (has_no_emailheaders($_POST['message']) == false) {
//error
}
Now i admit i do not understand the preg_match funtion, but i would say that these functions would output TRUE when a match is found, instead of FALSE like mentioned in the comment. Am i wrong?
thanks!
Matt
Last edited by killerwhale65; 01-22-2009 at 11:16 AM..
|
