发表新帖
发表新帖

PHP email form shooting blank emails

前端 未结
关注
4 2090
[愿得一人]
[愿得一人] 2020-12-06 23:02

I put together a simple PHP email form for a website, but it keeps sending blank emails every so often. Most of the the fields are \"required\" and I was using a captcha sys

4条回答
  • 鱼传尺愫
    鱼传尺愫 (楼主)
    2020-12-06 23:52

    That could happen if your HTML form and PHP are inside the same file while you're not checking if any of those inputs are empty or not. And if not in the same file, not checking for emptyness, still applies.

    You could be the victim of bots, or some joker visiting your site ever so often just to tick you off.

    Or that the form's method's URL is being accessed directly by someone or something, which is what I feel may be the issue here, since you do have required for your inputs.

    • Check your access logs.

    So, use a conditional !empty() against all your inputs.

    • http://php.net/manual/en/function.empty.php

    I.e.:

    Sidenote: || checks to see if one or any are empty.

    if( !empty($_POST['name']) || !empty($_POST['email']) ){

   $name = $_POST['name'];
   $email = $_POST['email'];

   // process mail

}

    You can add the other ones in.

    Or give your submit a name attribute:

    Then check if the button is set and that the inputs are not empty:

    if(isset(_POST['submit'])){

    if(!empty($_POST['name']) || !empty($_POST['email']) ){

       $name = $_POST['name'];
       $email = $_POST['email'];

       // process mail

    }

}

    You should also use filters, for the email input:

    • http://php.net/manual/en/function.filter-var.php
    • http://php.net/manual/en/filter.examples.validation.php

    Plus, if you decide to use radios/checkboxes later on, use isset() against those.

    Sidenote:

    You could add a checkbox to your form to check if it was checked or not, and handle it with a conditional statement.

    Footnotes:

    "Most of the the fields are "required" and I was using a captcha system for a while, but the blank emails kept coming."

    There isn't any captcha code in your question to support this.

    N.B.:

    The required attribute only works in HTML5 supported browsers. Therefore, if any of those bots or visitors to your site are using a browser that doesn't support HTML5, or technology that can bypass it, then that too could be another (contributing) factor.

    0 讨论(0)
 看不清?
提交回复
热议问题