Jump to content
Larry Ullman's Book Forums

Recommended Posts

2 problems with my code, the filter_var doesn't seem to work at all for any of my variables, also the spam_scrubber function doesn't seem to clean \r, and \n, when put in my contact form, it cleans all the rest though just fine. 

 

<?php

// resources.php 

function spam_scrubber($value){

$very_bad = array('to:', 'cc:', 'bcc:', 'content-type:', 'mime-version:', 'multipart-mixed:', 'content-transfer-encoding:');

foreach ($very_bad as $v){

if (stripos($value, $v) !== false) return '';

}

$value = str_replace(array( "\r", "\n", "%0a", "%0d"), ' ', $value);

return trim($value);

}//end of spam_scrubber function

$scrubbed = array_map('spam_scrubber', $_POST);

$comments = strip_tags($scrubbed['comments']);

 

$url = $scrubbed['url'];

if (isset($url)){

filter_var($url, FILTER_VALIDATE_URL, FILTER_SANITIZE_URL);

} else {

echo NULL;

}

$url2 = $scrubbed['url2'];

if (isset($url2)){

filter_var($url2, FILTER_VALIDATE_URL, FILTER_SANITIZE_URL);

} else {

echo NULL;

}

$linkpageurl = $scrubbed['linkpageurl'];

if (isset($linkpageurl)){

filter_var($linkpageurl, FILTER_VALIDATE_URL, FILTER_SANITIZE_URL);

} else {

echo NULL;

}

$linkpageurl2 = $scrubbed['linkpageurl2'];

if (isset($linkpageurl2)){

filter_var($linkpageurl2, FILTER_VALIDATE_URL, FILTER_SANITIZE_URL);

} else {

echo NULL;

}

$email = $scrubbed['email'];

if (isset($email)){

filter_var($email, FILTER_VALIDATE_EMAIL, FILTER_SANITIZE_EMAIL);

} else {

echo NULL;

}

$pagerank = $scrubbed['pagerank'];

if (isset($pagerank)){

filter_var($pagerank, FILTER_VALIDATE_INT, FILTER_SANITIZE_NUMBER_INT);

} else {

echo NULL;

}

 


if (!empty($email) && !empty($url) && !empty($linkpageurl) && !empty($comments) && !empty($pagerank)){

 

$body = "Email: {$email}\n\n Url: {$url}\n\n Url2: {$url2}\n\n Pagerank: {$pagerank}\n\n Linkpageurl: {$linkpageurl} \n\n Linkpageurl2: {$linkpageurl2}\n\n Comments: {$comments}";

$body = wordwrap($body, 70);

$headers = "From: {$email}\r\n";

mail('email@example.com', 'Link Exchange Form Submission', $body, $headers);

echo '<p><em>Thank you for contacting us.</em></p><div id="formecho"><h3>Form submission received, we will get back to you soon.</h3></div>';

$_POST = array();

} else {

echo '<p style="font-weight: bold; color: #C00">Please fill out the form completely.</p>';

}

 

?>

 


<div id="form">

<form action="linkexchangecontactform2.php" method="post">

<p><b>Email:</b> <input type="text" size="30" maxlength="50" name="email" value="<?php if(isset($scrubbed['submit']))echo $scrubbed['email']; ?>" /></p>

<p><b>Url:</b> <input type="text" size="30" maxlength="50" name="url" value="<?php if(isset($scrubbed['url']))echo $scrubbed['url']; ?>" /></p>

<p><b>2nd Url (leave empty if you have just 1 website):</b><br /> <input type="text" size="30" maxlength="50" name="url2" value="<?php if(isset($scrubbed['url2']))echo $scrubbed['url2']; ?>" /></p>

<p><b>Pagerank:</b> <input type="text" size="5" maxlength="10" name="pagerank" value="<?php if(isset($scrubbed['pagerank']))echo $scrubbed['pagerank']; ?>" /></p>

<p><b>Link page url:</b> <input type="text" size="30" maxlength="50" name="linkpageurl" value="<?php if(isset($scrubbed['linkpageurl']))echo $scrubbed['linkpageurl']; ?>" /></p>

<p><b>2nd Link page url (leave empty if you have just 1 website):</b><br /> <input type="text" size="30" maxlength="50" name="linkpageurl2" value="<?php if(isset($scrubbed['linkpageurl2']))echo $scrubbed['linkpageurl2']; ?>" /></p>

<p><b>Comments:</b><br>

 <textarea name="comments" rows="7" cols="40"><?php if (isset($scrubbed['comments'])) echo $scrubbed['comments']; ?></textarea></p>

<p><input type="submit" name="submit" value="Submit" /></p>

</form></div>

Share this post


Link to post
Share on other sites

You're not using filter_var() properly. You should recheck how it's used in the book. As for \r and \n, how do you know those aren't working?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...