我是一名业余网页设计师,我在stackoverflow.com和其他网站上搜索了许多解决我遇到问题的方法,但它们都没有起作用(可能因为我实施它们时出现了问题)。我希望有更多知识的人可以帮助我找到简单的解决方案或者向我展示如何实施我找到的其中一个解决方案。
问题是:我的企业网站上有一个非常简单的php联系表格。它多年来一直很好用,但在过去的一周里已经被黑客攻击了。现在我每天接收到数百个联系表单提交,里面没有评论,只有(明显有效的)电子邮件地址和姓名字段中一串字符(例如“58ee8b52eef46”)。
我尝试了几种技术来防止这些垃圾邮件,但它们要么破坏了我的php表单,要么无法防止垃圾邮件。如果可能,我想要一个不需要扭曲文本测试的Captcha解决方案,并且不要求填写表单的所有字段。
以下是我的完整PHP代码:
<?php
if(isset($_POST['email'])) {
$email_to = "myemail@example.com";
$email_subject = "website form submission";
function died($error) {
echo "We are very sorry, but there were error(s) found with the form you submitted. ";
echo "These errors appear below.<br /><br />";
echo $error."<br /><br />";
echo "Please go back and fix these errors.<br /><br />";
die();
}
if (!isset($_POST['name']) ||
!isset($_POST['email']) ||
!isset($_POST['telephone']) ||
!isset($_POST['comments'])) {
died('We are sorry, but there appears to be a problem with the form you submitted.');
}
$name = $_POST['name'];
$email_from = $_POST['email'];
$telephone = $_POST['telephone'];
$comments = $_POST['comments'];
$error_message = "";
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Form details below.\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "Name: ".clean_string($name)."\n";
$email_message .= "Email: ".clean_string($email_from)."\n";
$email_message .= "Telephone: ".clean_string($telephone)."\n";
$email_message .= "Comments: ".clean_string($comments)."\n";
$headers = 'From: '.$email_from."\r\n" .
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
?>
Thank you for contacting us. We will be in touch with you soon. You will now be redirected back to example.com.
<META http-equiv="refresh" content="2;URL=http://www.example.com">
<?php
}
die();
?>
captcha
吗? - RiggsFolly