User Name Password Register
DaniWeb IT Discussion Community
Home
Forums
Tutorials
Code Snippets
Blogs
Link Directory
All
What is DaniWeb IT Discussion Community?
You're currently browsing the PHP section within the Web Development category of DaniWeb, a massive community of 422,412 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 5,046 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Join our community!
Please support our PHP advertiser: Lunarpages PHP Web Hosting
Views: 704 | Replies: 0
Reply
Join Date: Jun 2008
Location: Poole, Dorset
Posts: 1
Reputation: Tig is an unknown quantity at this point 
Rep Power: 0
Solved Threads: 0
Tig Tig is offline Offline
Newbie Poster

Using preg_match to block spam URLs in PHP forms

  #1  
Jun 12th, 2008
Hello

I have a PHP website form that gets filled out with spam - mostly URLs. To try and stop this I have inserted the following code into my form:

Help with Code Tags
php Syntax (Toggle Plain Text) 
  1. $SpamErrorMessage = "No website URLs permitted";
  2.  
  3. if (preg_match("/http/i", "$telephone")) {echo "$SpamErrorMessage"; exit();}
  4. if (preg_match("/http/i", "$website")) {echo "$SpamErrorMessage"; exit();}
  5. if (preg_match("/http/i", "$email")) {echo "$SpamErrorMessage"; exit();}
  6.  
  7. /* If e-mail is not valid show error message */
  8. if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email))
  9. {
  10.     show_error("E-mail address not valid");
  11. }
  12.  
  13. /* If URL is not valid set $website to empty */
  14. if (!preg_match("/^(https?:\/\/+[\w\-]+\.[\w\-]+)/i", $website))
  15. {
  16.     $website = '';
  17. }
However, I have another field in the form that asks the user what their website address is. Of course when they fill that out, the above code blocks it meaning that when they click on 'Send' it tells them that "no URLs are allowed", so they can't submit the form. If I take out the line:

if (preg_match("/http/i", "$website")) {echo "$SpamErrorMessage"; exit();}

the form works - though the person filling it out would have no way of knowing that of course - but on the thank you page gives an error message.

I'm not sure how to escape the above code about the website. If it wasn't for the fact I ask them for their own URL the code would work fine to stop spammers!

Any advice hugely appreciated!

Thanks.

Tig
Last edited by peter_budo : Jun 16th, 2008 at 7:55 am. Reason: Code tag correction, closing tag is [code] not <code>
AddThis Social Bookmark Button
Reply With Quote  
Reply

Only community members can participate in forum threads. You must register or log in to contribute.

Register
DaniWeb PHP Marketplace
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

 

Thread Tools Display Modes
Linear Mode Linear Mode

adobe advertisment advive blog botnet bt business cellphone competition crime daniweb development email facebook gentoo gmail google help help.forensic hotmail information kittens legal linux malware mobile naked news opinion pdf phishing php pump and dump research rss searchmonkey security skype spam spammer spammers spamming trojan video web world of warcraft xslt y!os yahoo ydn
Other Threads in the PHP Forum

Advertising Opportunities on DaniWeb
Contact Us - Newsletter Archive - Sitemap - Privacy Statement
All times are GMT -4. The time now is 9:30 am.
Forum system based on vBulletin Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
©2003 - 2008 DaniWeb® LLC