-3

我正在使用最初仅在example. 现在我们需要在所有页面上都有它。该表单设置为仅接受您定义的任何页面(这将是乏味的,并且必须包含变量,例如example.comand www.example.com

有没有办法定义站点中所有页面的例外提交以及别名?希望这是有道理的。不太懂代码。提前感谢您的帮助!

$replyemail="example@imieducation.com"; //change to your email address
$valid_ref1="http://www.example.com/index.htm"; //change to your domain name
$valid_ref2="http://www.example.com/index.html"; //change to your domain name
$valid_ref3="http://www.example.com/"; //change to your domain name
$valid_ref4="http://example.com/";
$valid_ref5="http://myaliassite.com/";
$valid_ref6="http://www.myaliassite.com/";
$valid_ref7="http://myaliassite.com/index.html";

// -------- No changes required below here -------------------------------------------------------------
// email variable not set - load $valid_ref1 page
if (!isset($_POST['email']))
{
 echo "";
 exit;
}
$ref_page=$_SERVER["HTTP_REFERER"];
$valid_referrer=0;
if($ref_page==$valid_ref1) $valid_referrer=1;
elseif($ref_page==$valid_ref2) $valid_referrer=1;
elseif($ref_page==$valid_ref3) $valid_referrer=1;
elseif($ref_page==$valid_ref4) $valid_referrer=1;
elseif($ref_page==$valid_ref5) $valid_referrer=1;
elseif($ref_page==$valid_ref6) $valid_referrer=1;
elseif($ref_page==$valid_ref7) $valid_referrer=1;
if((!$valid_referrer) OR ($_POST["block_spam_bots"]!=12))//if change this change it in the contact form too
{
 echo 'ERROR - not sent. Click here to go back';
 echo '

Referrer: ' . $ref_page; exit; }

4

1 回答 1

0

我猜您正在尝试保护您的表单免受垃圾邮件发送者的侵害,但是 HTTP_REFERER 是由用户浏览器设置的,并且可以被伪造。应该通过固定地址保护论坛免受垃圾邮件的影响,因此他们只能向您发送垃圾邮件。如果您仍然想这样做,您可以使用preg_replace删除 http 和 www,然后检查它是否包含您的根域。

于 2009-12-31T18:41:33.387 回答