I have an email contact form and im wanting to intergrate a flood protection system between each email sent. What is the best way to go about this?
My code is as follows:
Form.php
<html>
<head>
</head>
<body>
<form method="POST" action="filter.php">
<label>Name: </label>
<input type="text" name="name" size="19"><br>
<br>
<label>Email: </label>
<input type="text" name="email" size="19"><br>
<br>
<label>Telephone: </label>
<input type="text" name="telephone" size="19"><br>
<br>
<label>Message: </label>
<textarea rows="9" name="message" cols="30"></textarea>
<input type="hidden" name="ip" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>">
<br>
<br>
For security reason please enter the word <b>windsor</b> into the box below.
<br>
<br>
<input type="number" name="sec" size="19"><br>
<br>
<input type = "checkbox" value = "yes" name="sendcopy">Send me a copy!<P>
<br>
<br>
<input type="submit" value="Submit" name="submit">
</form>
</body>
</html>
Filter.php
<?php
//PHP Contact Form
//Sebastian Hughes (sebhughes@gmail.com)
//06.04.07
// Configuration-------------------------------------------------------------
//Enter the email to which the message should be sent to.
$mailto = "sebhughes@gmail.com";
//Enter words you wish to prevent the email from being sent.
$profanity = array("****", "****");
$hasProfanity = false;
//Email Subject
$subject = "Website Contact Form";
//Name Field Min Length (chars)
$nameminlength = 5;
//Message Field Min Length (chars)
$messageminlength = 10;
//End Of Configuration-----------------------------------------------------
//Setting Variables----------------------------------------------------------
$sendername = Trim(stripslashes($_POST['name']));
$senderemail = $_POST['email'];
$sendertelephone = Trim(stripslashes($_POST['telephone']));
$message = Trim(stripslashes($_POST['message']));
$senderip = $_POST['ip'];
$sec = $_POST['sec'];
$copy = $_POST['sendcopy'];
//End Of Setting Variables ------------------------------------------------
//Validation------------------------------------------------------------------
if (strlen($sendername)<$nameminlength || preg_match("/\d/", $sendername)!=0) {
die("One Of The Following Errors Has Occured:<br><br> The Name Field is less than $nameminlength characters or the Name Field contains numbers.");
}
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$", $senderemail)) {
die("The Following Error Has Occured:<br><br> The email address you entered is not in the correct format.");
}
if(isset($sendertelephone)) {
if (preg_match("/\d/", $sendertelephone)==0) {
die("The Following Error Has Occured:<br><br> The telephone number you have entered contains letters. It should only contain numbers.");
}
}
if (strlen($message)<$messageminlength) {
die("The Following Error Has Occured:<br><br> The Message field is less than $messageminlength characters.");
}
foreach($profanity as $swear) {
$hasProfanity = strpos($message, $swear)!==false;}
if ($hasProfanity) {
die("Cannot send message due to filtered profanity.");
}
$message = str_replace(":", "%3a", $message);
$message = $message = str_replace(array("bbc%3a", "cc%3a", "to%3a"), array("", "", ""), $message);
if($sec !== "windsor") {
die("The security word you enter was incorrect");
}
//End Of Validation---------------------------------------------------------
//Sending Mail---------------------------------------------------------------
$body = "Windsor School Contact Form
Name: $sendername
Email: $senderemail
Telephone: $sendertelephone
Ip:$senderip
Message:
$message";
$bodyone = "Windsor School Contact Form
Name: $sendername
Email: $senderemail
Telephone: $sendertelephone
Ip:$senderip
Requested Copy: Yes
Message:
$message";
if($copy == "yes") {
$send = mail($senderemail, $subject, $body);
$send = mail($mailto, $subject, $bodyone);
} else {
$send = mail($mailto, $subject, $body);
}
if ($send){
print "<meta http-equiv=\"refresh\" content=\"0;URL=\msg\ok.htm\">";
}
else{
print "<meta http-equiv=\"refresh\" content=\"0;URL=\msg\error.htm\">";
}
//End Of Sending Mail------------------------------------------------------
?>
