Hello, I have a great working PHP contact form. BUT - I want to check for input, and if I don't want that input, I want to redirect the submission to either an error page, or just drop them (for spammers). And also I want to capture the IP address. 1st issue is when I check for IP, using: $ip = $_SERVER['REMOTE_ADDR']; PHP: When I get the form in my mail, this field is ALWAYS my website's IP address, and not the user who filled out the form. How do I capture the "real" IP of the form submitter? 2nd issue is I want to check for URLs in the textarea: What PHP code do I need to use to "filter" the textarea input for: <a href="http://www.somewhere.com">Some stupid site</a> HTML: I either want to strip out the active URL, or just kill the whole submission. TIA and happy Thanksgiving!
Hi espmartin, $_SERVER['REMOTE_ADDR'] is correct. You could try something like this for basic filtering: foreach($_POST as $key => $ val){ if(preg_match('/http[s]?:\/\//',$val)){ // do something here - capture it or just exit; } } PHP: However this will stop anybody submitting url's in your forms at all.
Thanks dtbaker! The forms on the sites are meant for feedback, and not for URL inclusions. If someone wanted to include their URL, there is a text field for URLs. The main textarea as been spammed so, so, so, so much that I even have added placeholder text that states the form is not going to generate any backlinks, as it is a simple submission for comments. Maybe I am looking at this whole solution the wrong way, but I'm just tired of spammers. Any thoughts on that?
Adding a security image is a quick solution to get rid of half the spammers - then a rather simple match/replace (or redirect) function will fix them! (like dtbaker mentioned) D