一旦表单字段通过bootstrapvalidator验证,我的联系表单中的消息将通过名为sendmessage.php(phpmailer)的文件发送。
<form action="sendmessage.php" class="well form-horizontal" id="contact_form" method="post" name="contact_form">
问题在于,如果某人直接在他们的网络浏览器中输入www.mydomain.com/sendmessage.php,则会发送一封空电子邮件(因此这意味着所有字段验证都被绕过)。
我该如何防止这种情况?
非常感谢
验证
$(document).ready(function() {
$('#contact_form').bootstrapValidator({
feedbackIcons: {
valid: 'fa fa-check',
invalid: 'fa fa-times',
validating: 'fa fa-refresh'
},
fields: {
first_name: {
validators: {
stringLength: {
min: 2,
},
notEmpty: {
message: 'Veuillez indiquer votre prénom'
}
}
},
last_name: {
validators: {
stringLength: {
min: 2,
},
notEmpty: {
message: 'Veuillez indiquer votre nom'
}
}
},
email: {
validators: {
notEmpty: {
message: 'Veuillez indiquer votre adresse e-mail'
},
regexp: {
regexp: '^[^@\\s]+@([^@\\s]+\\.)+[^@\\s]+$',
message: 'Veuillez indiquer une adresse e-mail valide'
}
}
},
message: {
validators: {
stringLength: {
min: 10,
max: 1000,
message:'Votre message doit faire plus de 10 caractères et moins de 1000.'
},
notEmpty: {
message: 'Veuillez indiquer votre message'
}
}
}
}}).on('success.form.bv', function (e) {
e.preventDefault();
$('button[name="submit"]').hide();
var bv = $(this).data('bootstrapValidator');
// Use Ajax to submit form data
$.post($(this).attr('action'), $(this).serialize(), function (result) {
if (result.status == 1) {
$('#success_message').slideDown({
opacity: "show"
}, "slow")
$('#contact_form').data('bootstrapValidator').resetForm();
} else {
$('#error_message').slideDown({
opacity: "show"
}, "slow") }
}, 'json');
}
);
});
SENDMESSAGE.PHP
<?php
require 'PHPMailer/PHPMailerAutoload.php';
$mail = new PHPMailer;
$mail->CharSet = 'utf-8';
$email_vars = array(
'message' => str_replace("\r\n", '<br />', $_POST['message']),
'first_name' => $_POST['first_name'],
'last_name' => $_POST['last_name'],
'phone' => $_POST['phone'],
'email' => $_POST['email'],
'organisation' => $_POST['organisation'],
'server' => $_SERVER['HTTP_REFERER'],
'agent' => $_SERVER ['HTTP_USER_AGENT'],
);
//Enable SMTP debugging.
$mail->SMTPDebug = false;
//Set PHPMailer to use SMTP.
$mail->isSMTP();
//Set SMTP host name
$mail->Host = "smtp.sendgrid.net";
//Set this to true if SMTP host requires authentication to send email
$mail->SMTPAuth = true;
//Provide username and password
$mail->Username = "";
$mail->Password = "";
//If SMTP requires TLS encryption then set it
$mail->SMTPSecure = "tls";
//Set TCP port to connect to
$mail->Port = 587;
$mail->FromName = $_POST['first_name'] . " " . $_POST['last_name'];
$mail->From = ('mail@');
$mail->addReplyTo($_POST['email']);
$mail->addAddress("conta");
//CC and BCC
$mail->addCC("");
$mail->isHTML(true);
$mail->Subject = "Nouveau message depuis xyz";
$body = file_get_contents('emailtemplate.phtml');
if(isset($email_vars)){
foreach($email_vars as $k=>$v){
$body = str_replace('{'.strtoupper($k).'}', $v, $body);
}
}
$mail->MsgHTML($body);
/* $mail->Body = $_POST['message']."<br><br>Depuis la page: ". str_replace("http://", "", $_SERVER['HTTP_REFERER']) . "<br>" . $_SERVER ['HTTP_USER_AGENT'] ; */
$response = array();
if(!$mail->send()) {
$response = array('message'=>"Mailer Error: " . $mail->ErrorInfo, 'status'=> 0);
} else {
$response = array('message'=>"Message has been sent successfully", 'status'=> 1);
}
/* send content type header */
header('Content-Type: application/json');
/* send response as json */
echo json_encode($response);
?>
答案 0 :(得分:1)
你需要将邮件功能放在一个回发语句中
if(isset($_POST["submit"])){
// put mail function here
}
else
{ ?> <h1>Youve reached this page in error</h1> <?php } ?>
答案 1 :(得分:0)
试试这个
if(isset($_POST["submit"])){
// put mail function here
}
else
{
echo '<script>history.go(-2);</script> ';
// you can also use php header function also
// header("Location:form.php");
}
答案 2 :(得分:-1)
当用户访问您的网站时,您拥有他的IP。如果IP ==&#39; your-server-ip&#39;然后执行