security to email contact form, how???

Post May 11th, 2008, 7:06 am

Hey guys.

I need help adding a security code to my email contact page. I've had the conact us form active for 3-4 days now and ive been recieving 'junk' so I want to add the security code where uses type in the code in the contact form.

I'm not very experianced in coding and they person who normally does it wont be back for about another week or so, so if there is a simple way of implementing it on the site i would really appreciate it.

The current contact page can be seen at here and i just want to add the security code on there towards the bottom of the form, so if possible please send me the code or tell me where i can get it from.

thanks heaps in advanced.
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post May 11th, 2008, 7:06 am

  • Bogey
  • Ounce of 'Zu'
  • Web Master
  • User avatar
  • Joined: 14 Jul 2005
  • Posts: 4797
  • Loc: Ozzu
  • Status: Online

Post May 11th, 2008, 3:32 pm

I'll give you the code I use... Sent you a PM
My Developing Blog (7)
Wedevoy.com - In Development... should be done in about a week or so

Post May 12th, 2008, 4:44 am

please if any1 can help... not sure what ive done wrong but ive followed the instructions of this page http://www.white-hat-web-design.co.uk/a ... aptcha.php and i cant get it to work... if you look at the source code on http://www.swiftproductions.com.au/mailer2.htm (just a temp page to show you guys the code) this is the page it normally goes to http://www.swiftproductions.com.au/mailer.php after you click the submit button but as you can see it wont even ask for the security code... please help!!!

sorry forgot to mention that im talking about the contact us page on my site
  • Bogey
  • Ounce of 'Zu'
  • Web Master
  • User avatar
  • Joined: 14 Jul 2005
  • Posts: 4797
  • Loc: Ozzu
  • Status: Online

Post May 12th, 2008, 2:35 pm

I use that code for myself... how come does it not work for you?

Is PHP enabled on your hosting account? If so, is GD extension on on it?

Try this... (If it's all on the same page...)
  1. <?php
  2. session_start();
  3.  
  4. // remember to set permissions for this script! If not, you
  5. // may not get the email.....
  6.  
  7. $to = 'YOUR_EMAIL_ADDRESS';  //Your Email ADDRESS!!!!!!!!!!!!!!
  8. $subj = 'Swiftproductions Contact Form';
  9. $cr = "\n";
  10.  
  11. $name = $_POST['name'];
  12. $company = $_POST['company'];
  13. $telephone = $_POST['telephone'];
  14. $email = $_POST['email'];
  15. $messagebox = $_POST['messagebox'];
  16. $web = $_POST['web'];
  17. $graphic = $_POST['graphic'];
  18. $print = $_POST['print'];
  19. $updates = $_POST['updates'];
  20. $general = $_POST['general'];
  21. $seo = $_POST['seo'];
  22.  
  23.  
  24. if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
  25. $body .= 'Name: ' . $name . $cr . 'Company: ' . $company . $cr . 'Telephone: ' . $telephone . $cr;
  26. $body .= $body . 'email: ' . $email . $cr . 'Message Box: ' . $messagebox . $cr . $cr;
  27. $body .= $body . 'Web: ' . $web . $cr . 'Graphic: ' . $graphic . $cr . 'Print: ' . $print . $cr;
  28. $body .= $body . 'Updates: ' . $updates . $cr . 'General: ' . $general . $cr . 'seo: ' . $seo;
  29.  
  30. mail($to, $subj, $body);
  31. unset($_SESSION['security_code']);
  32. } else {
  33.   die('<p>The security image was wrong... please go back and try again.</p>'."\n");
  34. }
  35. ?>
  36.  
  37. <script type="text/javascript">
  38. gradualFader.init() //activate gradual fader
  39. </script>
My Developing Blog (7)
Wedevoy.com - In Development... should be done in about a week or so

Post May 12th, 2008, 2:59 pm

what page do I put that on?? the mailer.php or the contact_us.htm - nad yes php is active
  • Bogey
  • Ounce of 'Zu'
  • Web Master
  • User avatar
  • Joined: 14 Jul 2005
  • Posts: 4797
  • Loc: Ozzu
  • Status: Online

Post May 12th, 2008, 3:07 pm

Try it on the mailer.php... don't really know the action of your form... what is the action of your form?

What I mean is...
  1. <form action="mailer.php" method="post">

Is that how your <form...> thing looks like? If so, yes, put that code in the mailer.php
My Developing Blog (7)
Wedevoy.com - In Development... should be done in about a week or so

Post May 13th, 2008, 5:40 am

hey bogey.

mate its still not working. have a look at this page http://www.swiftproductions.com.au/codes.htm and you can see all 3 source codes and see if ive done anything wrong. that page contains all source codes for contact_us.htm , mailer.php and capturesecurityimage.php.

thanks for your help mate. i really appreciate it
  • radnor
  • Beginner
  • Beginner
  • No Avatar
  • Joined: 06 Mar 2006
  • Posts: 39
  • Status: Offline

Post May 13th, 2008, 8:20 am

What is the address that's getting spammed. When you list it, just list upto and including the at sign (eg. bob@).

I tested the form on your site some. But I included my name so you would see it was me.

Are you sure it is not BOTS harvesting addresses on your pages?
  • radnor
  • Beginner
  • Beginner
  • No Avatar
  • Joined: 06 Mar 2006
  • Posts: 39
  • Status: Offline

Post May 13th, 2008, 8:40 am

PHP4 & 5 are available on his host.

Post May 13th, 2008, 8:59 am

what do you mean bots?? the address is danny@swiftproductions.com.au thats my email address. The emails that im recieving look like this,

Name: voethbhzyh
Company: your company:
Telephone: contact : (Field Mandatory)
email: bocbnf@elgjch.com
Message Box: Nj2JcY <a href=\"http://iiljftokiymz.com/\">iiljftokiymz</a>, vtwyfbuzpxlw, [link=http://jasnvmtxwwcv.com/]jasnvmtxwwcv[/link], http://cnirzpzzmddb.com/

Web:
Graphic:
Print:
Updates:
General:
seo:


I'm recieving heaps and heaps of them. Do you know what im doing that is wrong?
  • radnor
  • Beginner
  • Beginner
  • No Avatar
  • Joined: 06 Mar 2006
  • Posts: 39
  • Status: Offline

Post May 13th, 2008, 10:16 am

What is the output of this?

[code]
<?php
phpinfo();
?>
  • Bogey
  • Ounce of 'Zu'
  • Web Master
  • User avatar
  • Joined: 14 Jul 2005
  • Posts: 4797
  • Loc: Ozzu
  • Status: Online

Post May 13th, 2008, 5:47 pm

radnor wrote:
What is the output of this?

  1.  
  2. <?php
  3. phpinfo();
  4. ?>

If he is receiving those emails, than yes, PHP is enabled. If PHP was disabled, he would not be receiving any mails...

@CircleOfLinks

Did you try sending yourself test messages? Not saying that the script doesn't work... looks like it does and works correctly...

Check if you have monofont.ttf in the same directory that your CaptchaSecurityImages.php is located in.

Try the following...
  1. <?php
  2. session_start();
  3. if(isset($_POST['submit']))
  4. {
  5. // remember to set permissions for this script! If not, you
  6. // may not get the email.....
  7.  
  8. $to = "danny@swiftproductions.com.au"; //Your Email ADDRESS!!!!!!!!!!!!!!
  9. $subj = 'Swiftproductions Contact Form';
  10. $cr = "\n";
  11.  
  12. $name = $_POST['name'];
  13. $company = $_POST['company'];
  14. $telephone = $_POST['telephone'];
  15. $email = $_POST['email'];
  16. $messagebox = $_POST['messagebox'];
  17. $web = $_POST['web'];
  18. $graphic = $_POST['graphic'];
  19. $print = $_POST['print'];
  20. $updates = $_POST['updates'];
  21. $general = $_POST['general'];
  22. $seo = $_POST['seo'];
  23.  
  24.  
  25. if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
  26. $body .= 'Name: ' . $name . $cr . 'Company: ' . $company . $cr . 'Telephone: ' . $telephone . $cr;
  27. $body .= $body . 'email: ' . $email . $cr . 'Message Box: ' . $messagebox . $cr . $cr;
  28. $body .= $body . 'Web: ' . $web . $cr . 'Graphic: ' . $graphic . $cr . 'Print: ' . $print . $cr;
  29. $body .= $body . 'Updates: ' . $updates . $cr . 'General: ' . $general . $cr . 'seo: ' . $seo;
  30.  
  31. mail($to, $subj, $body);
  32. unset($_SESSION['security_code']);
  33. } else {
  34. die('<p>The security image was wrong... please go back and try again.</p>'."\n");
  35. }
  36. }
  37. ?>
  38. <script type="text/javascript">
  39. gradualFader.init() //activate gradual fader
  40. </script>

If that doesn't work try the following script... It's a bit different and one page (Except the captchasecurityimage.php) but it still does the same thing...
  1. <?php
  2.   session_start();
  3. ?>
  4. <!-- This page is mail.php //-->
  5. <?php
  6.   if(empty($_POST['submit']))
  7.   {
  8. ?>
  9. <form action="mail.php" method="post">
  10. <div>
  11. *Name: <input type="text" name="name" size="20" /><br />
  12. Company: <input type="text" name="company" size="20" /><br />
  13. *Telephone: <input type="text" name="telephone" size="20" /><br />
  14. *E-Mail: <input type="text" name="email" size="20" /><br />
  15. Send To: <select name="to">
  16. <option value="">Select Option</option>
  17. <option value="CustomerService">Customer Service</option>
  18. <option value="CustomerSupport">Customer Support</option>
  19. </select><br />
  20. Subject: <input type="text" name="subject" size="20" /><br />
  21. *Message:<br />
  22. <textarea rows="10" cols="25" name="message"></textarea><br />
  23. Choose an option:<br />
  24. <input type="checkbox" name="WD" value="Web Design"> Web Design
  25. <input type="checkbox" name="GD" value="Graphic Design"> Graphic Design
  26. <input type="checkbox" name="WU" value="Web Updates"> Web Updates
  27. <input type="checkbox" name="GE" value="General Enquiry"> General Enquiry<br />
  28. <input type="checkbox" name="PW" value="Print Work"> Print Work
  29. <input type="checkbox" name="H" value="Hosting"> Hosting
  30. <input type="checkbox" name="SEO" value="SEO Work"> SEO Work<br />
  31. Security Image:<br />
  32. <img src="CaptchaSecurityImages.php?width=100&amp;height=40&amp;characters=5" alt="Security Code" />
  33. <input id="sCode" name="security_code" type="text" size="33.5" /><br />
  34. <input type="submit" name="submit" value="submit" class="submit" /> <input type="reset" name="reset" value="reset" class="submit" />
  35. </div>
  36. </form>
  37. <p>* = Required Field</p>
  38. <?php
  39.   } else {
  40.     //Stripping the submitted information from HTML
  41.     $_POST = array_map('strip_tags', $_POST);
  42.  
  43.     //Setting the values
  44.     $name = $_POST['name'];
  45.     $company = $_POST['company'];
  46.     $telephone = $_POST['telephone'];
  47.     $email = $_POST['email'];
  48.     $to = $_POST['to'];
  49.     $subject = $_POST['subject'];
  50.     $message = $_POST['message'];
  51.     $wd = $_POST['WD'];
  52.     $gd = $_POST['GD'];
  53.     $wu = $_POST['WU'];
  54.     $ge = $_POST['GE'];
  55.     $pw = $_POST['PW'];
  56.     $h = $_POST['H'];
  57.     $seo = $_POST['SEO'];
  58.  
  59.     //Setting the variables
  60.     $adminEmail = "danny@swiftproductions.com.au";  //The default email (YOURS)
  61.     $mMax = '5000';   //Max characters for the message
  62.     $sMax = '25';     //Max characters for the subject
  63.     $nMax = '30';     //Max characters for the name
  64.    
  65.     //Validating the fields...
  66.     if(empty($name)) //Checking if the name is filled in
  67.     {
  68.       $error[] = "<li>You forgot to fill in your name</li>\n";
  69.     } elseif(!preg_match('$[a-z]{3,'. $nMax .'}$', $name)) {
  70.       $error[] = "<li>Your name is too long, has to be no longer than $nMax characters</li>\n";
  71.     }
  72.  
  73.     if(empty($email)) //Checking if the email is filled in
  74.     {
  75.       $error[] = "<li>You forgot to fill in your email</li>\n";
  76.     } elseif(!preg_match('/[_a-z0-9-]+(.[_a-z0-9-]+)*@[_a-z0-9-]+(.[_a-z0-9-]+)*(.[_a-z]{2,3})$/', $email)) {
  77.       $error[] = "<li>Your E-Mail is of incorrect format... it has to be in <strong>yourname@domain.tld</strong> format</li>\n";
  78.     }
  79.  
  80.     if(empty($telephone)) //Checking if the phone is filled in
  81.     {
  82.       $error[] = "<li>You didn't put in your phone number</li>\n";
  83.     } elseif(!preg_match_all('$.*[[0-9]{1,2}+[-]+[0-9]{1,3}]*.$',$telephone,$matched)) {
  84.       $error[] = "<li>Your phone is of incorrect format... it has to be in <strong>###-####</strong> format</li>\n";
  85.     }
  86.  
  87.     if(!empty($to))
  88.     {
  89.       if($to == 'CustomerService')
  90.       {
  91.         $to = "sales@swiftproductions.com.au";
  92.       } elseif($to = 'CustomerSupport') {
  93.         $to = "support@swiftproductions.com.au";
  94.       } else {
  95.         $to = $adminEmail;
  96.       }
  97.     } else {
  98.       $to = $adminEmail;
  99.     }
  100.  
  101.     if(empty($subject))
  102.     {
  103.       $subject = "Web Site Mailer";
  104.     }
  105.  
  106.     if(empty($message))
  107.     {
  108.       $error[] = "<li>You didn't put in a message</li>\n";
  109.     } elseif(strlen($message) > $mMax) {
  110.       $error[] = "<li>You message is too long, has to be no longer than $mMax characters</li>\n";
  111.     }
  112.  
  113.     if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) )
  114.     {
  115.       unset($_SESSION['security_code']);
  116.     } else {
  117.       $error[] = "<li>The security image doesn't match with what you put in</li>\n";
  118.     }
  119.  
  120.     //Finding out which of the checkboxes were filled in
  121.     if(isset($wd))
  122.     {
  123.       $chose .= $wd ."<br />\n";
  124.     }
  125.  
  126.     if(isset($gd))
  127.     {
  128.       $chose .= $gd ."<br />\n";
  129.     }
  130.  
  131.     if(isset($wu))
  132.     {
  133.       $chose .= $wu ."<br />\n";
  134.     }
  135.  
  136.     if(isset($ge))
  137.     {
  138.       $chose .= $ge ."<br />\n";
  139.     }
  140.  
  141.     if(isset($pw))
  142.     {
  143.       $chose .= $pw ."<br />\n";
  144.     }
  145.  
  146.     if(isset($h))
  147.     {
  148.       $chose .= $h ."<br />\n";
  149.     }
  150.  
  151.     if(isset($seo))
  152.     {
  153.       $chose .= $seo ."<br />\n";
  154.     }
  155.  
  156.     $message = nl2br($message);
  157.     $cnt = count($error);
  158.     if($cnt > '0')
  159.     {
  160.       echo "You made $cnt errors in the form";
  161.       echo "<ol>\n";
  162.       foreach($error as $value)
  163.       {
  164.         echo $value;
  165.       }
  166.       echo "</ol>\n";
  167.       echo "<a href=\"mail.php\">Try Again</a>\n";
  168.     } else {
  169.       $body .= "<strong>Name:</strong> $name<br />\n";
  170.       $body .= "<strong>Company:</strong> $company<br />\n";
  171.       $body .= "<strong>Telephone:</strong> $telephone<br />\n";
  172.       $body .= "<strong>E-Mail:</strong> $email<br />\n";
  173.       $body .= "<strong>Message:</strong> $message<br />\n";
  174.       $body .= "<br />\n";
  175.       $body .= "$name chose the following options:<br />\n";
  176.       $body .= "<strong>$chose</strong>";
  177.       //Contact subject
  178.       $subject2 = $subject;
  179.    
  180.       //Details
  181.       $message2 = $message;
  182.  
  183.       //Mail of sender
  184.       $mail_from = $eMail;
  185.  
  186.       //From
  187.       $header = "From: $name <$email>";
  188.  
  189.       //Enter your email address
  190.       $to = $adminEmail;
  191.  
  192.       $send_contact = mail($to,$subject,$body,$header);
  193.       if($send_contact)
  194.       {
  195.         echo '<p>We have successfully recieved your email</p>'."\n";
  196.         echo "You submitted:<br />\n <p>$body</p>";
  197.       } else {
  198.         echo '<p>An error occured with the transaction. The message has not being sent</p>'."\n";
  199.       }
  200.     }
  201.   }
  202. ?>

Make sure that CaptchaSecurityImages.php and monofont.ttf are in the same directory as this file... (I named it mail.php at this example... if you want to change it just change the action at the form...

Hope that this helped you out...

[EDIT] If you copy/paste from here it may give you the line numbers at the beginning... to get the whole thing correctly, quote me and copy the code like that... (I think you know what I mean by that :) )

[EDIT 2] A function was added to the "thing". Also, it's a bit different from the one I sent to you VIA PM.
My Developing Blog (7)
Wedevoy.com - In Development... should be done in about a week or so

Post May 13th, 2008, 9:36 pm

Thanks radnor and bogey, you guys have been very helpfull.

im only have one small problem. It works fine in I.E but as soon as you try it with FF it won't work. You can 'submit' the message without enterting a security code. Any one know why??
  • radnor
  • Beginner
  • Beginner
  • No Avatar
  • Joined: 06 Mar 2006
  • Posts: 39
  • Status: Offline

Post May 14th, 2008, 4:21 am

Bogey,

If you use FF, could you test it too, please. you will see 3 required fields fill something in for them and hit send. I just tried it with vista and ff & ie and it works. WITHOUT the security code, it should clear the form and redisplay the contact us page.

Thanks,

Radnor

I dont know if is a cache issue COL is having
  • Bogey
  • Ounce of 'Zu'
  • Web Master
  • User avatar
  • Joined: 14 Jul 2005
  • Posts: 4797
  • Loc: Ozzu
  • Status: Online

Post May 14th, 2008, 7:51 am

radnor wrote:
Bogey,

If you use FF, could you test it too, please. you will see 3 required fields fill something in for them and hit send. I just tried it with vista and ff & ie and it works. WITHOUT the security code, it should clear the form and redisplay the contact us page.

Thanks,

Radnor

I dont know if is a cache issue COL is having

You want me to test his form?
My Developing Blog (7)
Wedevoy.com - In Development... should be done in about a week or so
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post May 14th, 2008, 7:51 am

Post Information

  • Total Posts in this topic: 26 posts
  • Moderators: joebert, katana
  • Users browsing this forum: No registered users and 65 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© Unmelted Enterprises 1998-2008. Driven by phpBB © 2001-2008 phpBB Group.

 
 
 
 

Need a pre-made web design for your website?

Check out our templates here: Ozzu Templates


400+ FREE Website Templates. Download Now!