0

我在http://www.kaimeramedia.com/derek/Website/contact.php有一个联系表。我在 PHPcodechecker.com 检查了我的 PHP 代码,它说没有语法错误。我认为开始的代码在某种程度上是有效的,因为每次我按下提交时,它都会进入下一个验证,我只剩下:“检测到不正确的电子邮件地址。请点击浏览器的后退按钮,然后再试一次”。

我只是想知道我是否应该以不同的方式编写代码以确保电子邮件验证通过并允许提交消息。我不确定我是否有向后编码的东西。我尝试了很多组合,但就目前而言,这是我没有mailform.php错误的最远距离。mailform.php 文件的代码是:

 <?php 
     session_start();
     $dontsendemail = 0;
     $possiblespam = FALSE;
     $strlenmessage = "";
     $email = $_REQUEST['email']; 
     $name = $_REQUEST['name']; 
     $message = $_REQUEST['message']; 
     $subject = "Regarding Your Portfolio";$emailaddress = "me@website.com"; 

     // checks if name field is empty
     function checkname() {
if (empty($name)) {
    die ("You did not enter your name.  Please hit your browser back button and try again.");
return 1;
            }
        }

// checks if the captcha is input correctly
function checkcaptcha() {
            if ($_SESSION["pass"] != $_POST["userpass"]) {
                die("Sorry, you failed the CAPTCHA. Note that the CAPTCHA is case-sensitive. Please hit your browser back button and try again.");
                return 1;
            }
        }

// checks proper syntax 
function checkemail() {
    if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $email));
    else{
        die("Improper email address detected. Please hit your browser back button and try again."); 
        return 1;
    }
}


function spamcheck($field) {
    if(eregi("to:",$field) || eregi("cc:",$field) || eregi("\r",$field) || eregi("\n",$field) || eregi("%0A",$field)){ 
        $possiblespam = TRUE;
    }else $possiblespam = FALSE;
    if ($possiblespam) {
        die("Possible spam attempt detected. If this is not the case, please edit the content of the contact form and try again.");
        return 1;
    }
}
function strlencheck($field,$minlength,$whichfieldresponse) {
    if (strlen($field) < $minlength){
        die($whichfieldresponse); 
        return 1;
    }



}

        if ($dontsendemail == 0) $dontsendemail = checkcaptcha($email);

if ($dontsendemail == 0) $dontsendemail = checkemail($email);
if ($dontsendemail == 0) $dontsendemail = spamcheck($email);
if ($dontsendemail == 0) $dontsendemail = spamcheck($name);
if ($dontsendemail == 0) $dontsendemail = strlencheck($email,10,"The email address field is too short. Please hit your browser back button and check your entry.<br />");
if ($dontsendemail == 0) $dontsendemail = strlencheck($message,10,"The message field is too short. Please hit your browser back button and check your entry.<br />");
if ($dontsendemail == 0) $dontsendemail = strlencheck($emailaddress,8,"You have not selected a recipient of your message. Please hit your browser back button and check your entry.<br />");
if ($dontsendemail == 0) $dontsendemail = strlencheck($name,3,"The Name field is too short. Please hit your browser back button and check your entry.<br />");
if ($dontsendemail == 0) {mail($emailaddress,"Subject: $subject",$message,"From: $name,$email" ); include "thankyou.php";}
?>

我在这段代码中放了一封虚拟电子邮件,但真正的电子邮件在 mailform.php 文件中 如果有人能看到我出错的地方,将不胜感激。

4

2 回答 2

2

Building on my previous answer, I went all out and cleaned up your script. I clearly have too much time on my hands. Haven't checked if it works. Goodluck!

<?PHP
session_start();
try{
    $check = new check();
    if(!isset($_REQUEST['Email']))
        throw new exception('You did not enter an email address.');

    if(!isset($_REQUEST['message']))
        throw new exception('You did not enter a message.');

    if(!isset($_REQUEST['Name']))
        throw new exception('You did not enter a name');

    $sender = $_REQUEST['Email'];
    $message = $_REQUEST['message'];
    $name = $_REQUEST['Name'];
    $recipient = 'test@test.com';

    $subject = 'Regarding Your Portfolio';

    if($check->captcha('userpass') == FALSE)
        throw new exception('Your captcha is incorrect.');

    if($check->spam($sender) == FALSE)
        throw new exception('Your email field contains spam.');

    if($check->spam($name) == FALSE)
        throw new exception('Your name field contains spam.');

    if($check->length($sender, 10) == FALSE)
        throw new exception('Your email field does not satisfy the minimum character count.');

    if($check->length($message, 8) == FALSE)
        throw new exception('Your message field does not satisfy the minimum character count.');

    if($check->length($name, 3) == FALSE)
        throw new exception('Your name field does not satisfy the minimum character count.');

    mail($recipient, $subject, $message, "From: $name <$sender>" );
    include "thankyou.php";
}catch (Exception $E){
    die($E->getMessage());
}




class check{

    function captcha($field){
        if(isset($_REQUEST[$field])==FALSE){ return false; }
        if($_SESSION['pass'] != $_REQUEST[$field]){ return false; }
        return true;
    }

    function email($email){
        if(!filter_var($email, FILTER_VALIDATE_EMAIL)){ return false;}
        return true;
    }

    function spam($field){
        if(eregi("to:",$field) || eregi("cc:",$field) || eregi("\r",$field) || eregi("\n",$field) || eregi("%0A",$field)){ return false; }
        return true;
    }

    function length($field, $min){
        if(strlen($field) < $min){ return false; }
        return true;
    }
}
于 2012-02-25T04:49:37.267 回答
0

你的脚本有两个问题。

  1. 您没有解析 $email 参数。你忘了包括它。
  2. 电子邮件的正则表达式非常挑剔,并不总是包含所有标准。

Solution: As of PHP5 you can use the following to validate an email or if you want to use the regular expression just add the $email paramater.

function checkemail($email) {
    if(filter_var($email, FILTER_VALIDATE_EMAIL)){
    }else{
        die("Improper email address detected. Please hit your browser back button and try again."); 
        return 1;
    }
}
于 2012-02-25T04:26:05.713 回答