Home/ Questions/Q 4013392
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T09:21:56+00:00

Is there any better way to stop spam coming through on my phpmailer script?

  • 0

Is there any better way to stop spam coming through on my phpmailer script?

Also how would I go about adding formatting to this so its more readable when it gets sent through to email e.g. break lines

I hope my php syntax is correct – as i do not understand PHP.

<?php
        # bool has_injection (String $var, [String $var, ...])
        function has_injection () {
            $values = func_get_args();
            for ($i=0, $count=func_num_args(); $i<$count; $i++) {
                if ( stristr($values[$i], "%0A") || stristr($values[$i], "%0D") || stristr($values[$i], "\\r") || stristr($values[$i], "\\n") 
                    || stristr($values[$i], "Bcc") || stristr($values[$i], "Content-Type") ) {
                    return true;
                }
            }
            return false;
        }

        $error = '';
        if (isset($_POST) && count($_POST)>0) {
            # The form has been submitted
                $course_title = $_POST['course_title'];
                $course_date = $_POST['course_date'];
                $course_code = $_POST['course_code'];
                $course_fee = $_POST['course_fee'];
                $break .= "\n";
                $qual_subject_level = $_POST['qual_subject_level'];
                $break .= "\n";
                $email = $_POST['email'];

            if ($name && $email && $subject) {
                if (has_injection($name, $email, $subject)) {
                    # You've got another spammer at work here
                    $error = 'No spamming';
                    exit(0);
                }
                else {
                    # It's safe to send the message
                    mail('my@gmail.com', 
                    $subject,
                    $course_title, 
                    $course_code, 
                    $course_fee,
                    $break,
                    $qual_subject_level,
                    $break,
                    $subject,
                    "From: $name <$email>");
                }
            }
            else {
                $error = 'Please fill in all the forms';
            }
        }


    ?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    One i use is have a text area and use your .css file to display:none it most bots dont read the css and thus think that the text box is shown and if it has content in it it’s a bot if it does not then send your email.

    E.G CSS
    .antiBot{display:none};

    HTML
    <input type="text" class="antiBot" name="antibot" value="" />

    PHP

    <?php
if($_REQUEST['antibot'] == ""){
  // send your email
}else{
  // bot using your system
}
?>

    How ever change the name or bot will get be able to notice its a trap and will get around it with little work insted of having to parse the CSS file for your site

    So in your case just rap the if above around your code as for formatting of an email if its plain text use dubble quotes and \n (newline) but it wont work in single quotes.

    • 0