Posts Tagged ‘php’

php: a simple way to fight SPAM on your contact form

Contact forms are a vital part of a business’ website. Your content is useless if you do not have a way for potential customers to contact you. ‘Back in the day’, it was a generally accepted practice to simply put your email address(es) on the site. However, spammers quickly found an easy target for their junk emails.

Enter the ‘Contact Form’.

Contact forms provided a means by which customers could send you a message without knowing your email address. These forms also keep people on your site, instead of sending them away to write a message in their preferred email program (or site). Sadly, spammers have now found a way to send a message through these contact forms. Many forms have simple data validation, which requires that you fill out specific fields with specific information (phone number, email address, etc). Other forms use CAPTCHA tests, which provide an image of text that the visitor must re-type into a field on the form. While this works well for responses on blog sites or registering for an online community, we don’t feel that it is appropriate for the average business website.

So, after some thought, we decided to try some ‘negative validation’. Instead of having more required fields, we created a field that must be empty, then we used simple CSS to hide that field from human visitors. Because the spam bots have learned to fill out every single field on a contact form, they will see this field in the code and put something in it and our form will know to simply reject this message.

Enough talk, lets get to the example…

This code can be added to nearly any php-based contact form.

First, we are going to add a new field to the form itself. It doesn’t matter where this field is located, as long as it is inside the <form> tags. We originally tried using an arbitrary name for this field, but it did not fool all of the spambots. We decided to rename our real email field and use “Email” for this input. At the time of this writing, it has worked for us.

<div class="email"><input type="text" name="Email" id="Email" value="" size="20" /></div>
(If you already have a class named “.email”, please rename class=”email” as you see fit)

At first, this simple field will be visible because you will want to test it before hiding it.

Next, we need to look at the form action value. This will tell us where the form submits to. Our contact forms submit to themselves (contact.php submits to contact.php) and all of the server-side code used to send the email is at the top of the code (above the <html> tag).

Once we have located the code that actually sends the message, we need to put it inside a simple if-statement around the code that specifically executes sending the e-mail. Every contact form is different, so we must assume that you know how your specific form works.

<?php if ($_POST['Email'] == '') {
Put your 'send the message' code here;
} ?>

We decided to take it a step further. Instead of simply not allowing the ‘send the message’ code to be executed, we decided to send the spambots away from our site.

<?php if ($_POST['Email'] == '') {
Put your 'send the message' code here;
} else { header( 'Location:' ); } ?>

In this example, we just sent them to Google, but you are free to send them wherever you like.

Now that we have added the new field and conditional region, we can go ahead and load the contact page in the browser. Fill out the form however you like and make sure to type something (anything) into that new field. Submit the form and you should be instantly re-directed to Google.

Lastly, we need to return to the new field. To make sure that it is not visible to humans, we need to apply a little bit of CSS. Originally, we used “display:none;”, but learned that the spambots already knew this trick, so we had to resort to some different code. Unfortunately, the time may come where the spambots learn this trick, but for the time being, it works just fine.

Open your stylesheet and add this line:

.email {position:absolute;margin-left:-5000px;}

After saving the stylesheet, reload your form, and you will see that the field is hidden. Submit your contact form and you should get an email, just like before.

This method should apply to virtually any php contact form. If you find a compatibility issue, we would love to hear it!

That’s all folks!
If you have an idea or article that you would like to contribute, send it on! We’re always looking for good, quality articles. Note that we will not republish an article that has been published elsewhere, so keep it original!

php: IF versus SWITCH

Often times, a PHP developer will need to display different information depending on the circumstances. In the case of our SE Content Management System, there are dozens of these scenarios: from where to display the image gallery on a particular page to whether or not to show breadcrumbs. In every instance, we have to determine how to evaluate the situation. Is it a simple show or don’t show item, or are there several possible outcomes?

In this example, we will be using the months of the year as our ‘variable’.

First we must define the current month:

php:<?php $currentmonth = date("m"); ?>Now, if we wanted to introduce special code in only one month, such as saying ‘Happy New Year’ in January, then an IF statement would work just fine:

php:<?php if ($currentmonth == '01') { ?>
<strong>Happy New Year!</strong>
<?php } ?>
You see that the if statement is always enclosed in parenthesis and the result is always enclosed in squiggly brackets. In this example, we chose to output in HTML, so we had to close and re-open our php tags. We could have also chosen to do this:

php:<?php if ($currentmonth == '01') {
echo "Happy New Year!";
} ?>
Lets say that you needed a ‘Happy New Year’ for January, ‘Happy Valentines Day’ for February, ‘Happy Thanksgiving’ for November and ‘Merry Christmas’ for December. An If statement is not practical for this situation, so we need to use the php SWITCH statement instead. With a switch statement, we first present the variable:

php:<?php switch ($currentmonth) {Next, we present each ‘case’, followed by the intended output and a break. Lets start with January, which is ’01′:

php:case 01:
echo "Happy New Year";

Now, lets put it all together:

php:<?php switch ($currentmonth) {
case 01:
echo "Happy New Year";

case 02:
echo "Happy Valentines";

case 11:
echo "Happy Thanksgiving";

case 12:
echo "Merry Christmas";

echo "Just another month...";

You see that we also added a ‘default’ condition for all other months. This is, of course not required, but it is often useful.

As this is a php tutorial, a php-capable server is required for this code to function properly.

That’s all folks!
If you have an idea or article that you would like to contribute, send it on! We’re always looking for good, quality articles. Note that we will not republish an article that has been published elsewhere, so keep it original!

php: keeping your site’s copyright up to date

This one is very quick and easy, but can save you a great deal of time if you have more than one web site, or if your web site consists of static pages rather than dynamic ones. Enough talking, let’s get into what’s involved:

For PHP:
If you use PHP on your web site, then you can include this line in your footer.txt (or equivalent file) to achieve the desired result:
Copyright © <?php echo date('Y'); ?> Your Company Name, Inc.

For ASP:
Ditto with ASP, this code will get you going.
Copyright © <%=year(date)%> Your Company Name, Inc.

Now remember, these won’t work on plain .html pages, or on a server that does not support PHP or ASP.

That’s all folks!

If you have an idea or article that you would like to contribute, send it on! We’re always looking for good, quality articles. Note that we will not republish an article that has been published elsewhere, so keep it original!

DynamiX Web Design

DynamiX Labs is Copyright © 2016 DynamiX Web Design, LLC.
DynamiX Labs is proudly powered by WordPress

Entries & Comments.  |  thanks & about.

The DynamiX Mascot button submit it! Background
hire dynamix!