Been getting cursed with some gobbledegook from my own domain, and Googled “PHP Form Spam”, to find that this is as common as muck.
Anyway a couple of nice fixes:
- One from Paul Silver
// Function to check for spam
function checkforspam() { $problem = ‘N’; foreach ($_POST as $key => $value) { if (stristr($value,‘Content-Type:’) || stristr($value,‘bcc:’)) { $problem = ‘Y’; } } if ($problem == ‘Y’) { return ‘Y’; } else { return ‘N’; }
}
if (checkforspam() == ‘N’) {
// Your mail code here
}
[Scrub this – this seems to cause more problems!]
- A slightly more sophisticated script posted on Search Engine Forums
……. get all the email form data
$ems = ‘’;
// stop email server hacks
$ems .= $message;
$ems .= $subject;
$ems .= $address;
if ( stristr( $ems, ‘content-type:’ ) ¦¦ stristr( $ems, ‘multipart/mixed’ ) ¦¦ stristr( $ems, ‘boundary=”’ ) ¦¦ stristr( $ems, ‘cc:’ ) ¦¦ stristr( $ems, ‘multi-part message in mime format’ ) ¦¦ stristr( $ems, ‘to:’ ) ¦¦ eregi( “(%[a-f0-9])”, $ems ) ¦¦ stristr( $ems, ‘0x’ ))
// the last two are in case they try using hex or other non standard characters
{
$error .= “
Don’t bother
“;}
if ( $error )
{
echo $error;
}
else
{
…… finish email sending
NB Need to replace half pipes with full pipes