Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Contact_us anti spam protection


Guest

Recommended Posts

Hello

 

I've find this part of code on the net,

it seems to work (integrate on my own website)

 

But i've even try to install it on Oscommerce ms2, but still have some error :-"

 

I've passed by 403 when, put it as tell "over mail function"

Header already send when add direct in contact_us

 

I'm shure you all help me to insert it to ms2 :blush:

 

<?php

// First, make sure the form was posted from a browser.
// For basic web-forms, we don't care about anything
// other than requests from a browser:  
if(!isset($_SERVER['HTTP_USER_AGENT']))
{
 die ("Forbidden - You are not authorized to view this page");
 exit;
}

// Make sure the form was indeed POST'ed:
//  (requires your html form to use: action="post")
if(!$_SERVER['REQUEST_METHOD'] == "POST")
{
 die ("Forbidden - You are not authorized to view this page");
 exit;  
}

// Host names from where the form is authorized
// to be posted from:
$authHosts = array ("webserviteur.com");

// Where have we been posted from?
$fromArray = parse_url(strtolower($_SERVER['HTTP_REFERER']));

// Test to see if the $fromArray used www to get here.
$wwwUsed = strpos ($fromArray['host'], "www.");

// Make sure the form was posted from an approved host name.
if(!in_array(($wwwUsed === false ? $fromArray['host'] : substr(stristr($fromArray['host'], '.'), 1)), $authHosts))
{  
 //logBadRequest();
 header("HTTP/1.0 403 Forbidden");
  exit;  
}

// Attempt to defend against header injections:
$badStrings = array("Content-Type:",
 "Content-Type: text/plain;",
 "MIME-Version:",
 "Content-Transfer-Encoding:",
 "Content-Transfer-Encoding: 7Bit",
 "bcc:",
 "cc:");

// Loop through each POST'ed value and test if it contains
// one of the $badStrings:
foreach($_POST as $k => $v)
{
 foreach($badStrings as $v2)
 {
  if(strpos($v, $v2) !== false)
  {
//logBadRequest();
header("HTTP/1.0 403 Forbidden");
 exit;
  }
 }
}  

// Made it past spammer test, free up some memory
// and continue rest of script:  
unset($k, $v, $v2, $badStrings, $authHosts, $fromArray, $wwwUsed);

// Add your mail function
?>

 

Hope this code will help you all !

Sincerly yours

Link to comment
Share on other sites

Nobody is interested in integrate this system to his shop ?

 

Janssens,

 

Did this code help stop SPAM on your site?, Did you include this code in the contact_us.php, that seems to be one of the venerable places where SPAM can be relay to other emails.

 

-Foxtel

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...