最近我开始从一个网站上获取机器人,不断在我的"客户反馈"形成。我想让我的表单拒绝任何包含" http://"或者我将添加的任何其他单词/短语(他们肯定会找到绕过" http://")的方法,但问题是我不知道该怎么做。这是代码(需要检查的表单" http://"是$ name和$ comment):
if(isset($_POST['add'])){
$name = $_POST['name'];
$email = $_POST['email'];
$comment = $_POST['comment'];
$ip = $_SERVER['REMOTE_ADDR'];
$datetime = date('Y-m-d H:i');
$checkIp = mysql_query("SELECT ip from comments WHERE ip = '$ip'");
if (mysql_num_rows($checkIp) > 0) {
echo "Only 1 feedback per IP allowed!";
$IP = mysql_fetch_array($checkIp);
print_r($IP);
}
if($name){
if($email){
if($comment){
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
mysql_query("INSERT INTO comments (id, name, email, comment, ip, datetime) VALUES ('','$name','$email','$comment','$ip','$datetime')");
}
else
echo "The email address is invalid!<br><br>";
}
else
echo "You haven't entered any comment!<br><br>";
}
else
echo "You haven't entered an email address!<br><br>";
}
else
echo "You haven't entered your name!<br><br>";
}
谢谢!
答案 0 :(得分:0)
您需要检查并查看$name或$comment变量中是否包含子字符串,如下所示:
if (strpos($comment,'http://') === false and strpos($name, 'http://') === false) {
echo 'continue executing your code here';
}else{
echo 'Its a bot!';
}