PHP Forum

**FOOOD** · 05:03 PM

I saw this tip on another web site to prevent spam on contact forms. In the contact form you add a hidden field

Code:

<input name="to_address" type="hidden" value="" />

And then in the PHP file you add

Code:

if ( $_POST['to_address'] ) { echo 'Tastes Like spam!'; } else {...send email...}

But my PHP file is a little different as also activates some JavaScript on the webpage depending on whether the form is filled out correctly or not (If successful shows a little ‘Your email has been sent...’ with animation. If the fields aren’t filled out correctly it shows what’s missing).

Someone else made the contact form for me as I don’t know any PHP (or ajax), but I’ve tried to adapt the code above & add it to my PHP form. I’ve tested it & it seems to work OK, but thought I’d just check that it shouldn’t potentially cause any problems, or if it needs tweaking/formatting a little.
Here’s the last part of my original PHP file

Code:

 $Body .= "Message: ";
 $Body .= $Message;
 $Body .= "\n";
 $success = true; mail($EmailTo, $Subject, $Body, "From: <$Email>");
}

// call success or error js functions
if ($success){
  print "<div id=\"ajaxcode\">doThanks()</div>";
}
else{
  print "<div id=\"ajaxcode\">doError()</div>";
}
?>

And here it is after I added the (hopefully) anti spam code (highlighted in green)

Code:

 $Body .= "Message: ";
 $Body .= $Message;
 $Body .= "\n";
 $success = true; mail($EmailTo, $Subject, $Body, "From: <$Email>");
}

// call success or error js functions
if ( $_POST['to_address'] ) { echo 'Tastes Like spam!'; } else 

if ($success){
  print "<div id=\"ajaxcode\">doThanks()</div>";
}

else{
  print "<div id=\"ajaxcode\">doError()</div>";
}
?>

Does the code I added look OK, or does it need changing in any way in order or it to function properly?

**dark_lord** · 03-18-2009, 06:18 AM

i guess you should change this line

PHP Code:


			
// call success or error js functions
 if ( $_POST['to_address'] ) { echo 'Tastes Like spam!'; } else

if am not wrong, then u are calling a function which sends the mail in that commented line(call success or error js functions). if that is so, then you should change the order like

PHP Code:


			
  if ( $_POST['to_address'] ) { echo 'Tastes Like spam!'; } else 
// call success or error js functions;

cause only when it is not spam you should send the mail.

Another tip: Use an image verification instead of what you are using now. That's much more better.

**rogem002** · 03-18-2009, 07:39 AM

Quote:

Originally Posted by dark_lord

Another tip: Use an image verification instead of what you are using now. That's much more better.

I disagree, users tends to find those really annoying (in some cases users will just not bother with them). A puzzle only a human can solve would be better (For example, showing a picture of a cat and asking what type of creature it is).

**FOOOD** · 03-18-2009, 07:58 AM

@dark_lord
Isn't '// call success or error js functions;' just a comment? (In which case wouldn't have any effect on how the function works). Or do I have this wrong? (I know no PHP

)

Quote:

Originally Posted by dark_lord

Another tip: Use an image verification instead of what you are using now. That's much more better.

I agree with rogem002 on this one. A lot of people don't like them, myself included.

@rogem002
I like the idea of this. I've seen some simple ones like 'What's 1+1?'. Do you know of anywhere that shows you how to do this? (That isn't too complicated for an idiot like me

)

**rogem002** · 04:56 PM

Quote:

Originally Posted by FOOOD

@dark_lord
I agree with rogem002 on this one. A lot of people don't like them, myself included.

@rogem002
I like the idea of this. I've seen some simple ones like 'What's 1+1?'. Do you know of anywhere that shows you how to do this? (That isn't too complicated for an idiot like me

)

I assume it's just a matter of setting a session cookie saying what question it is, then comparing the answer with what is returned.

*Runs off to blog the code...Seriously, I'll link up when I've posted it*

**FOOOD** · 03-18-2009, 05:03 PM

Ooo, thanks I'll look forward to it.

**HivelocityDD** · 03-19-2009, 08:54 AM

Your code doesn't look okay to me.. In all cases your $success = true; So mail will be sent in all cases irrespective of any condition checking.

I think this may be the right one

Code:

if ( $_POST['to_address'] ) {
 echo 'Tastes Like spam!'; 
} else {
 
 $Body .= "Message: ";
 $Body .= $Message;
 $Body .= "\n";

 $success = false;
 $success = mail($EmailTo, $Subject, $Body, "From: <$Email>");
 
// call success or error js functions
  if ($success){
    print "<div id=\"ajaxcode\">doThanks()</div>";
  } else{
    print "<div id=\"ajaxcode\">doError()</div>";
  }

}

**FOOOD** · 10:37 AM

Thanks for your help HivelocityDD, I inserted it into the code

I'm not sure I inserted into the right place though?
In the past if someone didn't fill out a required field it would activate the <div id=\"ajaxcode\">doError()</div> part at the bottom. Which would display a message on the html page from the // validation part of the PHP file ('You forgot to add a Subject', 'You forgot to add a Message' or whatever).

Now if test the form & don't fill in one of the required fields it still sends the message & doesn't active the <div id=\"ajaxcode\">doError()</div> part.

Does it look as though I inserted the code in the right place? (I guess I should have posted the whole page of code before.) Here's the whole code below after inserting the new part:

Code:

<html>
<body>
<?php

function getPostVal($paramName)
{
 global $_POST;
 return (array_key_exists($paramName, $_POST)) ? Trim(stripslashes($_POST[$paramName])) : '';
}

$Name = getPostVal('Name');
$Company = getPostVal('Company');
$Web_Site = getPostVal('Web_Site');
$Country = getPostVal('Country');
$Email = getPostVal('Email_Address');
$Subject = getPostVal('Subject');
$Message = getPostVal('Message');
$EmailTo = "user@emailaddress.com";

// validation
$missing = '';
$success = false;
if (!$Name) $missing = "<p>You forgot to add your Name</p>\n";
if (!$Email) $missing .= "<p>You forgot to add your Email Address</p>\n";
if (!$Subject) $missing .= "<p>You forgot to add a Subject</p>\n";
if (!$Country) $missing .= "<p>You forgot to add your Country</p>\n";
if (!$Message) $missing .= "<p>You forgot to add a Message</p>\n";
if ($missing != '') {
 // include missing error messages
 print "" . $missing;
}
if ( $_POST['to_address'] ) {
 echo 'Tastes Like spam!'; 
} else {
 // prepare email body text
 $Body = "Sent via 'websiteaddress.com'";
 $Body .= "\n";
 $Body .= "\n";
 $Body .= "Name: ";
 $Body .= $Name;
 $Body .= "\n";
 $Body .= "Email Address: ";
 $Body .= $Email;
 $Body .= "\n";
 $Body .= "Company: ";
 $Body .= $Company;
 $Body .= "\n";
 $Body .= "Web Site: ";
 $Body .= $Web_Site;
 $Body .= "\n";
 $Body .= "Country: ";
 $Body .= $Country;
 $Body .= "\n";
 $Body .= "\n";
 $Body .= "Subject: ";
 $Body .= $Subject;
 $Body .= "\n";
 $Body .= "\n";
 $Body .= "Message: ";
 $Body .= $Message;
 $Body .= "\n";

 $success = false;
 $success = mail($EmailTo, $Subject, $Body, "From: <$Email>");
 
// call success or error js functions
  if ($success){
    print "<div id=\"ajaxcode\">doThanks()</div>";
  } else{
    print "<div id=\"ajaxcode\">doError()</div>";
  }

}
?>
</body>
</html>

**dark_lord** · 01:33 PM

Quote:

Originally Posted by FOOOD

@dark_lord
Isn't '// call success or error js functions;' just a comment? (In which case wouldn't have any effect on how the function works). Or do I have this wrong? (I know no PHP

)

You mistaken me, well probably HivelocityDD said you all.
i thought that is not comment and you have some logic there (like calling a function or something..., because you didn't put the whole code)

Quote:

Another tip: Use an image verification instead of what you are using now. That's much more better.

i said about that considering the technical part not the design part. if you put 1+1, you still need to put an image, and then user solve that out.
Image is better because none can automate the post in your case.

**rogem002** · 03-25-2009, 02:34 PM

Quote:

Originally Posted by rogem002

I assume it's just a matter of setting a session cookie saying what question it is, then comparing the answer with what is returned.

*Runs off to blog the code...Seriously, I'll link up when I've posted it*

I've made to post, Alternatives to CAPTCHA Image Verification in it, I made a complete system for CAPTCHA (Which you can copy for free).

Here is the class file:
http://www.fullondesign.co.uk/exampl...cha.class.phps

**FOOOD** · 04-06-2009, 08:48 AM

Sorry for the delay getting back to this. I've been away on holiday.

This looks great, thanks a lot!

How would I integrate the Dummy Field or Logic Test ones into my existing PHP contact form below? (Sorry I really know no PHP

)

Thanks again!

Code:

<html>
<body>
<?php

function getPostVal($paramName)
{
 global $_POST;
 return (array_key_exists($paramName, $_POST)) ? Trim(stripslashes($_POST[$paramName])) : '';
}

$Name = getPostVal('Name');
$Company = getPostVal('Company');
$Web_Site = getPostVal('Web_Site');
$Country = getPostVal('Country');
$Email = getPostVal('Email_Address');
$Subject = getPostVal('Subject');
$Message = getPostVal('Message');
$EmailTo = "user@emailaddress.com";

// validation
$missing = '';
$success = false;
if (!$Name) $missing = "<p>You forgot to add your Name</p>\n";
if (!$Email) $missing .= "<p>You forgot to add your Email Address</p>\n";
if (!$Subject) $missing .= "<p>You forgot to add a Subject</p>\n";
if (!$Country) $missing .= "<p>You forgot to add your Country</p>\n";
if (!$Message) $missing .= "<p>You forgot to add a Message</p>\n";
if ($missing != '') {
 // include missing error messages
 print "" . $missing;
}
if ( $_POST['to_address'] ) {
 echo 'Tastes Like spam!'; 
}
else {
 // prepare email body text
 $Body = "Sent via 'websiteaddress.com'";
 $Body .= "\n";
 $Body .= "\n";
 $Body .= "Name: ";
 $Body .= $Name;
 $Body .= "\n";
 $Body .= "Email Address: ";
 $Body .= $Email;
 $Body .= "\n";
 $Body .= "Company: ";
 $Body .= $Company;
 $Body .= "\n";
 $Body .= "Web Site: ";
 $Body .= $Web_Site;
 $Body .= "\n";
 $Body .= "Country: ";
 $Body .= $Country;
 $Body .= "\n";
 $Body .= "\n";
 $Body .= "Subject: ";
 $Body .= $Subject;
 $Body .= "\n";
 $Body .= "\n";
 $Body .= "Message: ";
 $Body .= $Message;
 $Body .= "\n";

 $success = false;
 $success = mail($EmailTo, $Subject, $Body, "From: <$Email>");
 
// call success or error js functions
  if ($success){
    print "<div id=\"ajaxcode\">doThanks()</div>";
  } else{
    print "<div id=\"ajaxcode\">doError()</div>";
  }

}
?>
</body>
</html>