Question:

So I've got a functioning (but not yet completely ideal) contact form on my site (specifically, this page: http://www.pixelparlor.com/contact.html) - and I seem to be getting lots of gibberish emails now, via the PHP script - they appear to be randomly generated, by crawling bots of some sort, maybe? These only started a week ago or so, despite the contact form being up perhaps 2 months or so.

I'm just wondering if there is a way to clean up the PHP file in order to prevent misuse? Or is there a string that I can put in there to somehow not except entries in fields that don't contain certain characters? (like a "@") and stuff.

Thanks!

-ZiP!-

9/12/2005 11:30:40 AM

use an image verification thing.

any other sort of filter would actually make it hard for spammers and harder for actual users of the site.

9/12/2005 11:33:53 AM

put in a captcha verification. google it, there are a bunch of php captcha scripts out there.

9/12/2005 11:49:47 AM

^^,^ ah, thanks - good idea(s)

-ZiP!-

9/12/2005 1:13:20 PM

The php email form on my site got hit with this recently too... the bot (in my probably naive belief that surely nobody would bother typing crap into a form and hitting F5 multiple times... yeah, erm...) was trying to send out spam including MIME-Version headers etc. As a quick-n-dirty solution before I put in a captcha verification, I'm eregi'ing all input fields to check for "MIME-Version" and telling the script to exit if it's present.

(More info: http://us2.php.net/manual/en/ref.mail.php#55256 - agree with posters above that captcha is a good way of stopping these sorts of bots.)

[Edited on September 13, 2005 at 9:44 PM. Reason : link to php.net]

9/13/2005 9:37:50 PM