联系表格中的垃圾邮件过滤器

【问题标题】:Spam Filter in Contact Form联系表格中的垃圾邮件过滤器
【发布时间】:2014-08-07 15:06:05
【问题描述】:

使用 HTML 联系表单,例如

HTML 联系表

<h1>Contact Form</h1>
<p>Please fill in the following details and click on SEND.</p>
<form action="mail_contact.php" method="POST">
    <p>Name<br> <input type="text" name="name"></p>
    <p>Email Address<br> <input type="email" name="email"></p>
    <p>Message<br><textarea name="message" rows="6" cols="50"></textarea><br>
    <input type="submit" value="Send"><input type="reset" value="Clear"></p>
</form>

我正在尝试通过检查邮件中使用的某些词来阻止垃圾邮件的通过。

我有一个 .txt 文件,其中包含我想要过滤的字词,例如

文件:spamwords.txt

CAN-SPAM
SEO
keywords
Keywords

在我的 PHP 编码中

ma​​il_contact.php

<?php
        // Create Variables
        $name = $_POST['name'];
        $email = $_POST['email'];
        $message = $_POST['message'];

        // Function to deal with errors
        function died($error) {
            echo 'We are very sorry, but there were error(s) found with the form you submitted.';
            echo 'These errors appear below.<br><br>';
            echo $error.'<br>';
            echo 'Please press <b>back</b> and fix these errors.';
            die();
        }

        // Validate email address
        $error_message = "";
        if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
            $error_message .= 'The email address you entered does not appear to be valid.<br>';
        }
        if(strlen($error_message) > 0) {
            died($error_message);
        }

        // Prevent spammers from using contact form
            //Create an array containing the words in the message
            $MessageArray = explode(" ", $message);
            //Get SPAM words from file and store them in an array
            $SpamWords = file_get_contents('/spamwords.txt');
            $SpamArray = explode("\r\n", $SpamWords);
            //Cycle through all the words in the message
            foreach($MessageArray as $word){
                //Check the word for SPAM words, if it is don't send the email
                if(in_array($word, $SpamArray)){
                    echo '<h1>Spam Guard</h1>';
                    echo '<p>Here in European Community, the <a href="http://www.legislation.gov.uk/uksi/2003/2426/pdfs/uksi_20032426_en.pdf">Privacy and Electronic Communications Regulations 2003</a> cover the sending of email marketing. This legislation says that organisations must only send marketing emails to anyone if they have agreed to receive them, except where there is a clearly defined customer relationship.</p>';
                    echo '<p>It appears that you are attempting to send an unsolicited message (e.g. a marketing message).</p>';
                    echo '<p>We as an organisation do not send unsolicited messages and we request that you do the same for us.</p>';
                    echo '<p>If you are not attempting to send an unsolicited message, there may be an error in the system so please accept our apologies.</p>';
                    die();
                }
            }
            //If we've made it to this point, our message doesn't contain any obvious SPAM words

        // Formulate Email
        $formcontent='Message: \n $message \n \n From: $name $email';
        $recipient = << my email address >>;
        $subject = 'Contact Form Message';
        $mailheader = 'From: $name <$email> \r\n';
        mail($recipient, $subject, $formcontent, $mailheader) or die('Error!');
        echo 'Thank you for contacting us.  We will be in touch with you very soon via your email address<br>' . $email;
        ?>

当我使用包含单词 SEO 的消息(例如 SEO test message)对此进行测试时,它应该向访问者显示垃圾邮件防护消息 - 因此是 echo 命令 - 然后不向我发送电子邮件,但它会显示谢谢你的消息并给我发电子邮件。

谁能看到我哪里出错了,因为它让我很困惑

[补充说明] 我一直在使用 CAPTCHA 机制,但有些仍然通过

【问题讨论】:

  • 您还应该考虑实施CAPTCHA-机制,以防止机器人。
  • 我一直在使用 CAPTCHA 机制,但有些仍然通过
  • print_r($MessageArray)print_r($SpamArray) 以确保它们包含您所期望的内容。
  • 也许循环通过$SpamArray 并使用stripos() 会更容易?

标签: php


【解决方案1】:

您的 explode 函数需要在其分隔符周围加上双引号:

$SpamArray = explode("\r\n", $SpamWords);

使用单引号,explode 将尝试拆分 \r\n 文字。

或者您可以使用file() 而不是filter_get_contents(),它将文件作为数组返回,每个键的每一行。 trim() 返回的每一行,你就有了你的结果数组:

$SpamArray = array_map("trim", file('/spamwords.txt'));

【讨论】:

  • 您可以发布一小段您尝试以$message 发布的文本吗?
  • 测试信息的一个例子是“SEO 测试信息”,因为它包含 SEO 这个词,所以应该丢弃它
  • 我已经重现了这个问题,并且收到了您所期望的警告。你能确认$SpamArray 正在返回一个包含垃圾邮件的数组吗?
【解决方案2】:

尤里卡!!!

我必须去掉$SpamWords = file_get_contents('/spamwords.txt');的正斜杠

ma​​il_contact.php [已编辑]

<?php
        // Create Variables
        $name = $_POST['name'];
        $email = $_POST['email'];
        $message = $_POST['message'];

        // Function to deal with errors
        function died($error) {
            echo 'We are very sorry, but there were error(s) found with the form you submitted.';
            echo 'These errors appear below.<br><br>';
            echo $error.'<br>';
            echo 'Please press <b>back</b> and fix these errors.';
            die();
        }

        // Validate email address
        $error_message = "";
        if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
            $error_message .= 'The email address you entered does not appear to be valid.<br>';
        }
        if(strlen($error_message) > 0) {
            died($error_message);
        }

        // Prevent spammers from using contact form
            //Create an array containing the words in the message
            $MessageArray = explode(" ", $message);
            //Get SPAM words from file and store them in an array
            $SpamWords = file_get_contents('spamwords.txt');
            $SpamArray = explode("\r\n", $SpamWords);
            //Cycle through all the words in the message
            foreach($MessageArray as $word){
                //Check the word for SPAM words, if it is don't send the email
                if(in_array($word, $SpamArray)){
                    echo '<h1>Spam Guard</h1>';
                    echo '<p>Here in European Community, the <a href="http://www.legislation.gov.uk/uksi/2003/2426/pdfs/uksi_20032426_en.pdf">Privacy and Electronic Communications Regulations 2003</a> cover the sending of email marketing. This legislation says that organisations must only send marketing emails to anyone if they have agreed to receive them, except where there is a clearly defined customer relationship.</p>';
                    echo '<p>It appears that you are attempting to send an unsolicited message (e.g. a marketing message).</p>';
                    echo '<p>We as an organisation do not send unsolicited messages and we request that you do the same for us.</p>';
                    echo '<p>If you are not attempting to send an unsolicited message, there may be an error in the system so please accept our apologies.</p>';
                    die();
                }
            }
            //If we've made it to this point, our message doesn't contain any obvious SPAM words

        // Formulate Email
        $formcontent='Message: \n $message \n \n From: $name $email';
        $recipient = << my email address >>;
        $subject = 'Contact Form Message';
        $mailheader = 'From: $name <$email> \r\n';
        mail($recipient, $subject, $formcontent, $mailheader) or die('Error!');
        echo 'Thank you for contacting us.  We will be in touch with you very soon via your email address<br>' . $email;
        ?>

【讨论】:

    【解决方案3】:

    看看这个,会有用的

    Spam Word Blocker PHP

    【讨论】:

      【解决方案4】:

      您可以为隐藏输入生成随机变量名称和随机值并保存在会话中。提交表单后,您可以在 $_REQUEST var 中检查它们。您也可以使用表单呈现和提交之间的间隔。不要试图检查垃圾邮件词,只是保护免受机器人攻击,不要使用简单的验证码。

      【讨论】:

        猜你喜欢
        • 2017-04-12
        • 1970-01-01
        • 1970-01-01
        • 1970-01-01
        • 1970-01-01
        • 2011-09-18
        • 1970-01-01
        • 1970-01-01
        • 2014-09-17
        相关资源
        最近更新 更多
        热门标签
        Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode