我在我的网站上有一个申请表,当有人填写一个申请表时,它可以正常发送所有数据,但是我们每天多次收到完全空白的电子邮件。 (客户很满意,其人员填写表格,并随机删除他们的信息 - 我不认为这是可能的)
以下是我的代码片段:
if($_SERVER['REQUEST_METHOD'] == "POST") {
if (trim($_POST['fname']) == "") {
$errors[] = "Please enter your first name";
}
if (trim($_POST['lname']) == "") {
$errors[] = "Please enter your last name";
}
if (trim($_POST['address1']) == "") {
$errors[] = "Please enter your address";
}
if (trim($_POST['city']) == "") {
$errors[] = "Please enter your city";
}
if (trim($_POST['state']) == "") {
$errors[] = "Please enter your state";
}
if (trim($_POST['zip']) == "") {
$errors[] = "Please enter your zip code";
}
if (trim($_POST['email']) == "") {
$errors[] = "Please enter your email";
}
if (trim($_POST['phone']) == "") {
$errors[] = "Please enter your phone number";
}
if (trim($_POST['school']) == "") {
$errors[] = "Please enter your High School";
}
if (trim($_POST['school_study']) == "") {
$errors[] = "Please enter your course of study";
}
if (trim($_POST['school_years']) == "") {
$errors[] = "Please enter your school years completed";
}
if (trim($_POST['school_degree']) == "") {
$errors[] = "Please enter your diploma/degree";
}
if (trim($_POST['employer1']) == "") {
$errors[] = "Please enter Employer #1";
}
if (trim($_POST['employer1_telephone']) == "") {
$errors[] = "Please enter Employer #1 Telephone";
}
if (trim($_POST['employer1_title']) == "") {
$errors[] = "Please enter Employer #1 Title";
}
if (trim($_POST['employer1_supervisor']) == "") {
$errors[] = "Please enter Employer #1 Supervisor";
}
if (trim($_POST['employer1_from']) == "") {
$errors[] = "Please enter Employer #1 Start Date";
}
if (trim($_POST['employer1_to']) == "") {
$errors[] = "Please enter Employer #1 End Date";
}
if (trim($_POST['employer1_salary']) == "") {
$errors[] = "Please enter Employer #1 Salary";
}
if (trim($_POST['employer1_duties']) == "") {
$errors[] = "Please enter Employer #1 Duties";
}
if (trim($_POST['sig2']) == "") {
$errors[] = "Please complete the Signature Field";
}
if (trim($_POST['date2']) == "") {
$errors[] = "Please complete the Date Field";
}
if(is_array($errors))
{
echo '<div class="error"><span>The following errors occurred:</span><ul>';
while (list($key,$value) = each($errors))
{
echo '<li>'.$value.'</li><br />';
}echo'</ul></div>';
}
else {
require_once('recaptchalib.php');
$privatekey = "(private key thing here not sure if that should be shared)";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
} else {
// convert the application to a pdf. not going to include all this jarble
// also insert the application into a database - not including
$mpdf=new mPDF();
$mpdf->WriteHTML($html);
$content = $mpdf->Output('', 'S');
$content = chunk_split(base64_encode($content));
$eol = PHP_EOL;
$mailto = "$setting[apps_email]";
$from_name = 'Employment Application';
$from_mail = 'no-reply';
$replyto = 'no-reply';
$uid = md5(uniqid(time()));
$subject = "".$row[fname]." ".$row[lname]." - ".$row1[position]."";
$filename = "".$row[fname]."".$row[lname]."-".$row[submitted].".pdf";
$header = "From: ".$from_name." <".$from_mail.">".$eol;
$header .= "Reply-To: ".$replyto.$eol;
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"".$eol;
$header .= "Content-Transfer-Encoding: 7bit".$eol;
$message .= "--".$uid.$eol;
$message .= "Content-type:text/plain; charset=\"iso-8859-1\"\r\n";
$message .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
$message .= $eol."".$row[fname]." ".$row[lname]." has submitted an employment application for the ".$row1[position]." position. Please see the attached .pdf file to save and/or print the application.".$eol;
$message .= "--".$uid.$eol;
$message .= "Content-Type: application/pdf; name=\"".$filename."\"\r\n";
$message .= "Content-Transfer-Encoding: base64\r\n";
$message .= "Content-Disposition: attachment".$eol.$eol;
$message .= $eol.$content;
$message .= "--".$uid."--".$eol;
$is_sent = @mail($mailto, $subject, $message, $header);
}
}}
我觉得我已采取一切措施来确保首先提交,验证必填字段,我甚至投入了一个我讨厌做的傻瓜验证码
任何想法为什么(我假设爬虫)发送空白电子邮件?