Problem Form - I think they put a BOT

Asked

Viewed 81 times

0

I’m getting every 5 in 5 minutes 1 email coming from my form with the information in numbers looking like a type of BOT.

I am using PHP MAILER

<?php
    session_start();
    ob_start();

    $nome = $_POST['nome'];
    $email = $_POST['email'];
    $mensagem = $_POST['mensagem'];

    if($_POST['nome'] != '' && $_POST['mensagem'] != ''){
        require("phpmailer/class.phpmailer.php");

        // Inicia a classe PHPMailer

        $mail = new PHPMailer();

        // Define os dados do servidor e tipo de conexão

        // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

        $mail->IsSMTP(); // Define que a mensagem será SMTP

        $mail->SMTPAuth = true; // Usa autenticação SMTP? (opcional)

        $mail->Username = '[email protected]'; // Username de acesso ao e-mail

        $mail->Password = '###'; // Senha do servidor SMTP

        // Define o remetente

        // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

        $mail->From = "[email protected]"; // Seu e-mail
        $mail->FromName = "Contato Pixel"; // Seu nome

        // Define os destinatário(s)

        // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
        $mail->AddAddress('[email protected]');
        $mail->AddReplyTo($email);

        // Define os dados técnicos da Mensagem

        // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

        $mail->IsHTML(true); // Define que o e-mail será enviado como HTML
        $mail->CharSet = 'utf-8'; // Charset da mensagem

         // Define a mensagem (Texto e Assunto)
        // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
        $mail->Subject  = "Mensagem de Contato Pixel"; // Assunto da mensagem
        $mail->Body = "<font style=\"font-size:16px\"><b>Nome:</b> $nome; <br /><b>E-mail:</b> $email; <br /><b>Telefone:</b>$telefone; <br /><br /><b>Mensagem:</b><br />$mensagem</font>";
        $mail->AltBody = "Nome: $nome;\r\n E-mail: $email;\r\n\r\n Mensagem:\r\n $mensagem";
        // Envia o e-mail

        $enviado = $mail->Send();

        // Limpa os destinatários e os anexos
        $mail->ClearAllRecipients();
        $mail->ClearAttachments();
    }
    header("Location: index.php");

?>

1 answer

1


Without going into code details, I think the ideal would be for you to do the following:

1º - Validate sending with captcha: Do not need to leave in definitive, but implant and accompany for a period. If you really have some bot attacking your page, this should solve.

2º - Validate with ip sessions + sending time: An "elegant" solution that stays in the server is to validate the user’s ip and a time interval. I suggest to put that each ip can send 1 message every 30 minutes, it would be a reasonable time.

3º - Check your server: You can never be too careful. Check your server, your codes. Make sure there’s nothing "weird". You may have some malicious script in your project.

With any of these suggestions your problem should be solved.

  • 1

    I’m thinking about putting the captcha on, but first I changed the variables to see if this guy’s Paw. The validation method will only delay Spaw to 30 minutes

Browser other questions tagged

You are not signed in. Login or sign up in order to post.