Hi, I use this very simple php script to send email messages from my web site. <?php $name = $_REQUEST['name'] ; $phone = $_REQUEST['phone'] ; $email = $_REQUEST['email'] ; $message = $_REQUEST['message'] ; $feedback = "Name: $name \nPhone: $phone \nEmail: $email \nMessage: $message"; mail( "emailaddress@gmail.com", "Message: Web Message", $feedback, "From: $email" ); ?> Today, I got about 60 blank emails within 5 mins. Don't how it was done, but I suspect that some spammer used some script to repeatedly run the php script. How can I prevent something like this from happening again? Thanks! Terry
Use this to prevent blank mails: <?php $name = $_REQUEST['name'] ; $phone = $_REQUEST['phone'] ; $email = $_REQUEST['email'] ; $message = $_REQUEST['message'] ; $feedback = "Name: $name \nPhone: $phone \nEmail: $email \nMessage: $message"; if (strlen($message) > 0) { mail( "emailaddress@gmail.com", "Message: Web Message", $feedback, "From: $email" ); } ?> PHP:
And you will also want to make sure your script is hardened against PHP Mail Injection Attacks if it is publicly available.