send | spam | bots | from | response | header | validation archive
Send
Q: How do I send the email message to more than one person?
A: Add recipients separated by commas to the "SendTo" line.
For example:
$sendTo = "sales@yourdomain.com,hr@yourdomain.com";
Spam
Q: I'm getting attacked by spammers. Help!
A: Attackers often try
to use web forms to submit the text "bcc:" or "cc:" followed by a test
email address in the hope that the form processor inadvertently sends a copy
of the message to the test email address. PERFECT appears to be
impervious to these attacks, but the resulting barrage of test messages can be
annoying. You can enhance PERFECT's simplistic spam check with additional
rules.
Update the line:
$valid = str_word_count(reset($_POST)) > 2;
with additional checks, such as:
$valid = str_word_count(reset($_POST)) > 2 && !stristr($body, "cc: ");
If you want even more protection, incorporate something more advanced, like reCAPTCHA.
Bots
Q: How do I prevent the bots from triggering emails?
A: As they spider the web, some search engine robots will follow
the link in your HTML form causing PERFECT to send an email message with
no values. You can solve this annoyance by sending emails only if
at least one form field has a value.
Just before the "mail" line, add a line using the "count()" function as follows:
if (count($_POST) > 0)
mail($sendTo, $subjectLine, $msgBody,
"From: $sendFrom");
From
Q: How do I set the From: field to the submitter's email address?
A: Don't. Doing so creates an easy way for someone to hack into
your server by
injecting
malicious content into your emails.
Response
Q: How do I send an automatic response to the submitter?
A: Don't. Doing so will give spammers an easy way to use your
server to send their spam. Actually, don't put any user input into
the header of the email message as spammers could then
inject
malicious content into your emails.
Header
Q: How do I add a field to the email header?
A: If you have a need to supplement the email header with a field,
like "Return-Path" or "Bcc", add a variable to hold the desired value:
$returnPath = "xyz@yourdomain.com";
Then add the new header to the "mail" command:
mail($sendTo, $subjectLine, $msgBody,
"From: $sendFrom\r\nReturn-Path: $returnPath");
Replace the header name ("Return-Path) and variable ("$returnPath") as appropriate for the header field you require.
Validation
Q: How do I add field validation (error checking) to my form?
A: For most websites, simple client-side validation is sufficient.
Client-side validation entails having the user's browser
perform the error checking, such as making sure the user entered his or
her name, before the data is submitted to PERFECT. This client-side
validation is typically done with
JavaScript.
There is no need to modify the PERFECT script unless you have stringent
validation needs.
Archive
Q: What if I need an older version of PERFECT?
A: You don't. However, you can dig through the archive
for fun or marvel at the amazing logo.