如何将空白反垃圾邮件输入字段添加到我的form.php中
[英]how to add blank antispam input field into my form.php
问题描述
I have a form that I am trying to add some steps that will minimize spam without forcing the end user to input some random number text series. 
我有一个表单,我试图添加一些步骤来最大程度地减少垃圾邮件,而不用强迫最终用户输入一些随机数字文本系列。
here's an example of my form code: 这是我的表单代码的示例:
<form action="form.php" method="post">
<label for="Name" style="some style">Enter your name:</label>
<input type="text" name="name">
<label for="Email" style="some style">Your email address:</label>
<input type="text" name="email">
<label for="City" style="some style">City:</label>
<select id="some ID" name="city" value="PQS" >
<option value="" selected disabled>Choose A City</option>
<option value="City1">City1</option>
<option value="City2">City2</option>
<input type="submit" value="Sign Up Now" class="button" id="subscribe">
</form>
<p id="error" style="some style">OOPS! Something went wrong. Please try again.</p>
<p id="success" style="some style">Success! We’ll contact you shortly</p>
My current form.php looks somewhat like this: 我当前的form.php看起来像这样:
<?php
$emailmanager = 'me@myemail.com';
$name = $_POST['name'];
$visitor_email = $_POST['email'];
$city = $_POST['city'];
error_reporting(0);
$email = trim($_POST['email']);
$Ok = ereg("^([a-zA-Z0-9_\.-]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+)) ([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$", $email);
if ($Ok) {
mail($emailmanager,'New Contact Request','You have a new contact request for homes in '.$_POST['city'].' from '.$_POST['name'].' ','From: '.$_POST['email'].' ');
if( !ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$",$UNameFrm) )
{
echo 1;
}
} }
else
{
echo 0;
}
What I am trying to incorporate is a blank field that can deter the spambots, and I found an awesome code to use but I would like to incorporate it into my code above. 我试图合并的是一个空白字段,可以阻止垃圾邮件发送程序,我发现了一个很棒的代码可以使用,但是我想将其合并到上面的代码中。 See below the code i found: 参见下面我发现的代码:
<?php
// if the url field is empty
if(isset($_POST['url']) && $_POST['url'] == ''){
// put your email address here
$youremail = 'you@yoursite.com';
// prepare a "pretty" version of the message
$body = "This is the form that was just submitted:
Name: $_POST[name]
E-Mail: $_POST[email]
Message: $_POST[message]";
// Use the submitters email if they supplied one
// (and it isn't trying to hack your form).
// Otherwise send from your email address.
if( $_POST['email'] && !preg_match( "/[\r\n]/", $_POST['email']) ) {
$headers = "From: $_POST[email]";
} else {
$headers = "From: $youremail";
}
// finally, send the message
mail($youremail, 'Contact Form', $body, $headers ); } // otherwise, let the spammer think that they got their message through ?>
This code i found requires me to create a class 我发现的这段代码要求我创建一个类
.antispam { display:none;}
...and add some html in my form ...并在我的表单中添加一些html
<label for="url" class="anti spam">Leave This Empty:</label>
<input type="text" name="url" />
how do I incorporate these 2 together? 如何将这两个结合在一起? There are some things that are obvious to me, like adding 有些事情对我来说很明显,例如添加
$url = $_POST['url'];
to my form.php on the next line following $city. 到$ city之后的下一行到我的form.php。 My challenge is where to incorporate 我的挑战是在哪里合并
// if the url field is empty
if(isset($_POST['url']) && $_POST['url'] == '')
and 和
if( $_POST['email'] && !preg_match( "/[\r\n]/", $_POST['email']) ) {
$headers = "From: $_POST[email]";
} else {
$headers = "From: $youremail";
}
into my form.php without screwing up my form function entirely. 到我的form.php中,而不会完全破坏我的表单功能。 Any help would be appreciated, and I hope I made my question clear 任何帮助将不胜感激,我希望我把问题弄清楚
3 个解决方案
解决方案1
0 2014-06-07 00:13:44
You should put the class on the input , not the label , since labels aren't sent to the server. 您应该将类放在input (而不是label ,因为标签不会发送到服务器。
<input type="text" class="antispam" name="antispam" value="">
Browsers won't send inputs that have display: none; 浏览器不会发送display: none;输入display: none; , so if you receive this input, it means it came from an automated spammer. ,因此,如果您收到此输入,则表示它来自自动垃圾邮件发送者。
if (isset($_POST['antispam'])) {
// Reject as spam
}
解决方案2
0 已采纳 2014-06-07 00:23:41
You generate a random token for each guest session (or even user's login or form page) and save in database. 您为每个来宾会话(甚至用户的登录页面或表单页面)生成一个随机令牌,并将其保存在数据库中。 When printing forms, add one hidden input. 打印表格时,添加一个隐藏的输入。
<input type="hidden" name="token" value="token_value_RANDOM1234567890">
When user submits form, then you check if given token is valid (or belongs to authenticated user, in login case). 当用户提交表单时,您将检查给定的令牌是否有效(或在登录情况下属于经过身份验证的用户)。 If belongs, then he's a valid user, else is a bot (not so simple as that). 如果属于,则表示他是有效用户,否则就是漫游器(不是那么简单)。 By the way, it complicates the process of spamming, do not block all ways of spamming. 顺便说一句,它使垃圾邮件的处理过程变得复杂,不要阻止所有垃圾邮件的方法。 And you get an improvement on your website security. 这样您的网站安全性就会得到改善。
Hope it helps. 希望能帮助到你。
解决方案3
0 2014-06-07 00:57:52
I use this honeypot tactic all the time. 我一直在使用这种蜜罐策略。 The trick is to create a field on the form that will not be visible to humans with eyes, but will be seen by bots. 诀窍是在表单上创建一个字段,该字段对于人类的眼睛是不可见的,但会被机器人看到。 I usually give it an attractive name like "url" like your example does. 我通常会像您的示例一样给它一个有吸引力的名称,例如“ url”。
<input class="honeypot" name="url" value="url" />
Then you use CSS to push it off the screen: 然后,您使用CSS将其推离屏幕:
input.honeypot {
position:absolute;
left:-5000px;
}
That can go anywhere in your stylesheet, or in a <style> tag in your html, or right on the input 它可以放在样式表中的任何位置,也可以放在html中的<style>标记中,也可以放在输入中
<input style="position:absolute; left:-5000px;" name="url" value="url" />
Then you need a test in the validation code which is the action PHP: 然后,您需要在验证代码中进行测试,这是操作PHP:
if (isset($_POST['url'] && 'url' != $_POST['url']) {
header("location:/routing-error");
}
This gives the bot a 404 for the page "routing-error" 这会给漫游器一个页面“ routing-error”的404
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.