0

我的网站上有一份申请表,当有人填写一份申请表时,它可以正常发送所有数据,但是每天多次收到完全空白的电子邮件。(客户确信其人员填写表格并将其发送为空白随机删除他们的信息 - 我认为这是不可能的)

以下是我的代码片段:

if($_SERVER['REQUEST_METHOD'] == "POST") {  
if (trim($_POST['fname']) == "") {  
       $errors[] = "Please enter your first name";
    }
if (trim($_POST['lname']) == "") {  
       $errors[] = "Please enter your last name";
    }  
if (trim($_POST['address1']) == "") {  
       $errors[] = "Please enter your address";
    }  
if (trim($_POST['city']) == "") {  
       $errors[] = "Please enter your city";
    }  
if (trim($_POST['state']) == "") {  
       $errors[] = "Please enter your state";
    }  
if (trim($_POST['zip']) == "") {  
       $errors[] = "Please enter your zip code";
    }  
if (trim($_POST['email']) == "") {  
       $errors[] = "Please enter your email";
    }  
if (trim($_POST['phone']) == "") {  
       $errors[] = "Please enter your phone number";
    }  
if (trim($_POST['school']) == "") {  
       $errors[] = "Please enter your High School";
    }  
if (trim($_POST['school_study']) == "") {  
       $errors[] = "Please enter your course of study";
    }  
if (trim($_POST['school_years']) == "") {  
       $errors[] = "Please enter your school years completed";
    } 
if (trim($_POST['school_degree']) == "") {  
       $errors[] = "Please enter your diploma/degree";
    }
if (trim($_POST['employer1']) == "") {  
       $errors[] = "Please enter Employer #1";
    }
if (trim($_POST['employer1_telephone']) == "") {  
       $errors[] = "Please enter Employer #1 Telephone";
    }
if (trim($_POST['employer1_title']) == "") {  
       $errors[] = "Please enter Employer #1 Title";
    }
if (trim($_POST['employer1_supervisor']) == "") {  
       $errors[] = "Please enter Employer #1 Supervisor";
    }
if (trim($_POST['employer1_from']) == "") {  
       $errors[] = "Please enter Employer #1 Start Date";
    }
if (trim($_POST['employer1_to']) == "") {  
       $errors[] = "Please enter Employer #1 End Date";
    } 
if (trim($_POST['employer1_salary']) == "") {  
       $errors[] = "Please enter Employer #1 Salary";
    }
if (trim($_POST['employer1_duties']) == "") {  
       $errors[] = "Please enter Employer #1 Duties";
    }
if (trim($_POST['sig2']) == "") {  
       $errors[] = "Please complete the Signature Field";
    }
if (trim($_POST['date2']) == "") {  
       $errors[] = "Please complete the Date Field";
    }
    if(is_array($errors))
    {
        echo '<div class="error"><span>The following errors occurred:</span><ul>';
        while (list($key,$value) = each($errors))
            {

            echo '<li>'.$value.'</li><br />';
        }echo'</ul></div>';
    }
    else {

        require_once('recaptchalib.php');
        $privatekey = "(private key thing here not sure if that should be shared)";
        $resp = recaptcha_check_answer ($privatekey,
                    $_SERVER["REMOTE_ADDR"],
                    $_POST["recaptcha_challenge_field"],
                    $_POST["recaptcha_response_field"]);

                  if (!$resp->is_valid) {
                    // What happens when the CAPTCHA was entered incorrectly
                    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
                         "(reCAPTCHA said: " . $resp->error . ")");
                  } else {
// convert the application to a pdf. not going to include all this jarble
// also insert the application into a database - not including

$mpdf=new mPDF(); 


$mpdf->WriteHTML($html);

$content = $mpdf->Output('', 'S');

$content = chunk_split(base64_encode($content));

$eol = PHP_EOL;
$mailto = "$setting[apps_email]";

$from_name = 'Employment Application';
$from_mail = 'no-reply';
$replyto = 'no-reply';
$uid = md5(uniqid(time())); 
$subject = "".$row[fname]." ".$row[lname]." - ".$row1[position]."";
$filename = "".$row[fname]."".$row[lname]."-".$row[submitted].".pdf";


$header = "From: ".$from_name." <".$from_mail.">".$eol;
$header .= "Reply-To: ".$replyto.$eol;
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"".$eol;
$header .= "Content-Transfer-Encoding: 7bit".$eol;

$message .= "--".$uid.$eol;
$message .= "Content-type:text/plain; charset=\"iso-8859-1\"\r\n";
$message .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
$message .= $eol."".$row[fname]." ".$row[lname]." has submitted an employment application for the ".$row1[position]." position. Please see the attached .pdf file to save and/or print the application.".$eol;

$message .= "--".$uid.$eol;
$message .= "Content-Type: application/pdf; name=\"".$filename."\"\r\n";
$message .= "Content-Transfer-Encoding: base64\r\n";

$message .= "Content-Disposition: attachment".$eol.$eol;
$message .= $eol.$content;
$message .= "--".$uid."--".$eol;

$is_sent = @mail($mailto, $subject, $message, $header); 
                  }
}}

我觉得我已经采取了一切措施来确保它首先提交,验证必填字段,我什至扔了一个我讨厌做的愚蠢的验证码

知道为什么(我假设爬虫)发送空白电子邮件吗?

4

0 回答 0