DaniWeb IT Discussion Community

DaniWeb IT Discussion Community (http://www.daniweb.com/forums/index.php)
-   PHP (http://www.daniweb.com/forums/forum17.html)
-   -   Using preg_match to block spam URLs in PHP forms (http://www.daniweb.com/forums/thread129034.html)

Tig Jun 12th, 2008 1:11 pm
Using preg_match to block spam URLs in PHP forms
 
Hello

I have a PHP website form that gets filled out with spam - mostly URLs. To try and stop this I have inserted the following code into my form:

$SpamErrorMessage = "No website URLs permitted";



if (preg_match("/http/i", "$telephone")) {echo "$SpamErrorMessage"; exit();}

if (preg_match("/http/i", "$website")) {echo "$SpamErrorMessage"; exit();}

if (preg_match("/http/i", "$email")) {echo "$SpamErrorMessage"; exit();}



/* If e-mail is not valid show error message */

if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email))

{

    show_error("E-mail address not valid");

}



/* If URL is not valid set $website to empty */

if (!preg_match("/^(https?:\/\/+[\w\-]+\.[\w\-]+)/i", $website))

{

    $website = '';

}
However, I have another field in the form that asks the user what their website address is. Of course when they fill that out, the above code blocks it meaning that when they click on 'Send' it tells them that "no URLs are allowed", so they can't submit the form. If I take out the line:

if (preg_match("/http/i", "$website")) {echo "$SpamErrorMessage"; exit();}

the form works - though the person filling it out would have no way of knowing that of course - but on the thank you page gives an error message.

I'm not sure how to escape the above code about the website. If it wasn't for the fact I ask them for their own URL the code would work fine to stop spammers!

Any advice hugely appreciated!

Thanks.

Tig


All times are GMT -4. The time now is 2:13 pm.

Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC