dileepd26 Posted October 13, 2010 Share Posted October 13, 2010 Sir/ Madam, I have 2 files, Ex: submit-mail.htm & send-mail.php, which is used to send mail using my webmaster account..htm file is used to send mail to someone using my webmaster email account. Now .htm file shows a blank field to input email id. someone@somewhere.com, etc,. anyone can misuse it.I need to prevent users from modifying default email field, i need to put info@ambtion.com at this place.We appreciate all positive response. Thank you in advance..submit-mail.htm source is below.<html><head><title>Mail sender</title></head><body><form action="mail.php" method="POST"><b>Email</b><br><input type="text" name="email" size=40><p><b>Subject</b><br><input type="text" name="subject" size=40><p><b>Message</b><br><textarea cols=40 rows=10 name="message"></textarea><p><input type="submit" value=" Send "></form></body></html>send-mail.php source is below.<html><head><title>PHP Mail Sender</title></head><body><?php/* All form fields are automatically passed to the PHP script through the array $HTTP_POST_VARS. */$email = $HTTP_POST_VARS['email'];$subject = $HTTP_POST_VARS['subject'];$message = $HTTP_POST_VARS['message'];/* PHP form validation: the script checks that the Email field contains a valid email address and the Subject field isn't empty. preg_match performs a regular expression match. It's a very powerful PHP function to validate form fields and other strings - see PHP manual for details. */if (!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/", $email)) { echo "<h4>Invalid email address</h4>"; echo "<a href='java script:history.back(1);'>Back</a>";} elseif ($subject == "") { echo "<h4>No subject</h4>"; echo "<a href='java script:history.back(1);'>Back</a>";}/* Sends the mail and outputs the "Thank you" string if the mail is successfully sent, or the error string otherwise. */elseif (mail($email,$subject,$message)) { echo "<h4>Thank you for sending email</h4>";} else { echo "<h4>Can't send email to $email</h4>";}?></body></html> Link to comment Share on other sites More sharing options...
thescientist Posted October 13, 2010 Share Posted October 13, 2010 I'm not sure what you're asking. If you don't want someone to modify, why even show it on the page? You can define the email address to send the emails to within the PHP page by hardcoding it. Link to comment Share on other sites More sharing options...
wirehopper Posted October 13, 2010 Share Posted October 13, 2010 <input type="text" name="email" size=40 value="someone@domain.com" />Your form is going to get abused by spammers.Add some CAPTCHA or other protection. Link to comment Share on other sites More sharing options...
niche Posted October 13, 2010 Share Posted October 13, 2010 wirehopper, thanks for mentioning CAPTCHA. I've always wondered where the human test was called.Niche Link to comment Share on other sites More sharing options...
birbal Posted October 14, 2010 Share Posted October 14, 2010 <input type="text" name="email" size=40 value="someone@domain.com" />Your form is going to get abused by spammers.Add some CAPTCHA or other protection.can any one please tell me what is the other protection rather than captcha? Link to comment Share on other sites More sharing options...
Synook Posted October 14, 2010 Share Posted October 14, 2010 For example, flood control, so that people from one IP cannot post above a certain rate. Link to comment Share on other sites More sharing options...
wirehopper Posted October 14, 2010 Share Posted October 14, 2010 You can also add a hidden input - spam bots will usually complete the input, humans won't. Link to comment Share on other sites More sharing options...
dileepd26 Posted October 14, 2010 Author Share Posted October 14, 2010 Sir, I am new to php coding, by mistake email field is visible to others, i need only 1 id there to receive mail, not blank field, see source code, tell me how to correct it to prevent spammers. We appreciate all positive response. Thank you in advance.. Link to comment Share on other sites More sharing options...
Synook Posted October 15, 2010 Share Posted October 15, 2010 thescientist gave you the answer - just hardcode it into the script that sends the email. Link to comment Share on other sites More sharing options...
birbal Posted October 16, 2010 Share Posted October 16, 2010 what about using token with form? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.