post your comment   print   send to a friend
Rate:  80% | Views: 2137
Question categories:  Form Mail

php formmail with validation code for spam protection.

Answer by: Stuart Pierce, Aplus.Net Knowledge Base Support

You can see below complete source code examples of an online form which will ask the user to input a validation code upon submission. This validation code will prevent automatic internet bots from spamming your online form with unappropriate entries. If you use the files below without any modification, your form will look like this:





As you can see, the user has to enter four digits into the respective text field. If they are not correct, the form message will not be sent to the recipient email address. The implementation of this online form consists of three different files: the HTML form and two PHP scripts. All three of them should be uploaded to the same web directory.

Note: This formmail application is supported on our Unix-based hosting plans only.

Important: In order to use this PHP formmail, it is required that you enable the GD2 module in PHP. Here is how to achieve this:

Note: The coding examples below might get corrupted, if you use a regular copy/paste in order to create your own form. To avoid this, please click the link below to download a ZIP archive of the three form files:


I. The form file - formmail.php. This file is the actual location of your form. If you upload to your main html directory, the form will be available at http://yourdomain.com/formmail.php, where "yourdomain.com" is your actual hosted domain name.

<?php
session_start();
$_SESSION['random_number']=rand(1000, 9999);
?>
<html>
<head>
<title>Formmail</title>
</head>
<body>
<!-------------begin form------------>
<FORM ACTION="mail.php" METHOD="POST" NAME="contact_form">
 <TABLE>
 <TR>
  <TD><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Name:</font></TD>
  <TD><input type=text name="contact_name"></TD> 
 </TR>
 <TR>
  <TD><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Email Address:</font></TD>
  <TD><input type=text name="contact_email"></TD>
 </TR>
 <TR>
  <TD><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Comments:</font></TD>
  <TD><textarea name="comment" cols="40" rows="3"></textarea></TD>
 </TR>
<tr>
<td>
<font size="2" face="Verdana, Arial, Helvetica, sans-serif">Please enter the digits you see below: </font>
</td>
<TD><input type=text name="val_code"></TD> 
 </tr>
<tr>
 <td><img  src="http://yourdomain.com/image_number1.php?n=<?=rand(1000, 9999)?>" alt="number" /> <TR> //Please replace with your hosted domain name
  <TD><input type="reset" value="Reset" name="Reset"></TD>
  <TD><input type="submit" value="Submit" name="Submit"></TD>
 </TR>
</TABLE>

II. PHP formmail script - mail.php. Please pay attention to the text in bold, where you have to replace you@yourdomain.com with your email address. Do not remove the quotes.


<?
session_start();
function checkOK($field)
{
if (eregi("\r",$field)){
die("Invalid Input!");
}
}
$val_code=$_POST['val_code'];
$name=$_POST['contact_name'];
checkOK($name);
$email=$_POST['contact_email'];
checkOK($email);
$comments=$_POST['comment'];
checkOK($comments);
$to="you@yourdomain.com"; //Replace with an email address where the form results will be sent
if ("{$_SESSION['random_number']}"!="{$val_code}") {
 echo "Wrong Validation Code. Try again.";
}
else {
$message="$name just filled in your comments form. They said:\n$comments\n\nTheir e-mail address was: $email\n;
if(mail($to,"Comments From Your Site",$message, "From: $email")) {
echo "Thanks for your comments.";
} else {
echo "There was a problem sending the mail. Please check that you filled in the form correctly.";
}
}
?>

III. PHP script for the image with the randomly generated digits - image_number.php.


<?php
session_start();
header('Pragma: no-cache');
header('Expires: -1');
header('Cache-control: no-cache');
$number=$_SESSION['random_number'];
//$number=123;
header ("Content-type: image/png");
$im = @imagecreatetruecolor(60, 19)
     or die("Cannot Initialize new GD image stream");
$text_color = imagecolorallocate($im, 199, 224, 212);
$text_color1 = imagecolorallocate($im, 0, 0, 0);
$background = imagecolorallocate($im, 121, 179, 11);
$e=imagefilledrectangle ( $im, 0, 0,100, 50, $background);
imagestring($im, 8, 2, 2,  $number, $text_color);
imagestring($im, 8, 4, 4,  $number, $text_color1);
imagegif($im);
imagedestroy($im);
?>

Note: The coding examples above are considered secure. However, we are not responsible for any security issues they might lead to.

Customer Feedback
Rate:  80% | Views: 2137 | Please Rate:  
 
If you have other comments or ideas for future technical tips, please type them here:

Email: (optional)

Comments: (optional)
 Email Hosting | Domain Name Registration    Back to serch results
Browse the Base
Knowledge Base
Web Design
  Do It Yourself
    Form Mail
Messages
 

IP Blocker tool

Block abusers from your site with the IP Blocker tool! If you notice a specific IP address draining resources, leaving inappropriate comments, or attacking your site in any way, the IP Blocker tool gives you the power to block the abuser from returning to your site. This tool becomes especially useful in the case of major issues, such as DDoS attacks . Check it out in the Control Panel today (under "Setup tools")!
Control Panel Tools

Private Area
 
Ask
in Private
   
Personal
Folder
 
Related Questions
 
1. What can I do with Form mail?
 
2. How do I use the formmail.pl script when designing my own html pages?
 
3. Formmail example.
 
4. I have a shared hosting account and want to use the formmail.pl script that Aplus.Net provides. What should be the correct "action line" of my form?
 
5. How can I use formmail with Dreamweaver MX?
 
Home Browse Search Ask in Private Personal Folder   Help
powered by web hosting 
  Logged as: Guest