kake26/contactform
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Copied form my website. This merged the HTML and PHP to support additional anti spam code, bluma was added to make it nicer and passfail got fixed

Browse source
This commit is contained in:
Paul M 2023-11-17 13:28:12 -06:00
parent 0371201671
commit f9cf02d133
1 changed files with 126 additions and 93 deletions
Download patch file Download diff file Expand all files Collapse all files

219
contactform.php
View file

@ -1,13 +1,12 @@
<?php
// Form code for mail submissions
// For usage with hugo site
// Anti exploit code, not perfect but should throw a wrench into a bot's plan
// This code has been used on several sites before and does seem to do a decent job, not perfect but pretty good
// The form code is now part of the php file so when the form is loaded the php can run to extend the
// functionality of the rate limiting code
// Using Bluma for the html parts really does make things look and work better
session_start();
$csrf_token = bin2hex(random_bytes(32));
if (!isset($_SESSION['csrf_token'])) {
@ -22,7 +21,7 @@ class antibot {
public $token;
function __constructor(){
$passfail = 0;
$this->passfail = 0;
// beter way to filter input data
$_POST = filter_var_array($_POST, FILTER_SANITIZE_STRING);
$_GET = filter_var_array($_GET, FILTER_SANITIZE_STRING);
@ -32,7 +31,7 @@ class antibot {
private function fromtest() {
if ($_SERVER['HTTP_REFERER'] = "https://urandom.link/contactform.php"){
$passfail = 1;
$this->passfail++;
}
}
@ -40,16 +39,17 @@ class antibot {
private function ratetest() {
if (!$_SESSION['last_submit']){
$_SESSION['last_submit'] = time(); // May not stick to a bot but doing it anyhow
$passfail = 2;
$this->passfail = 1;
}else{
//print "Session found";
if (time()-$_SESSION['last_submit'] < 60){
// Purposefully not letting them know what the interval is
die('Error: Message not sent, rate limit hit. Please wait a few minutes and try again.');
$passfail = 0;
die('Error: Message not sent, rate limit hit. Please wait a few minutes and try again.');
}else{
$_SESSION['last_submit'] = time();
$passfail = 2;
$this->passfail++;
}
}
@ -57,11 +57,20 @@ class antibot {
private function traptest() {
if($_POST['website']){
$passfail = 0;
$this->passfail = 0;
}else{
$passfail = 3;
$this->passfail++;
}
return $passfail;
return $this->passfail;
}
private function emptytest() {
if (empty($_POST['fname']) || empty($_POST['lname']) || empty($_POST['email']) || empty($_POST['comments'])){
$this->passfail = 0;
}else{
$this->passfail++;
}
}
private function sndmsg($target) {
@ -78,10 +87,11 @@ class antibot {
public function do_tests(){
$this->fromtest();
$this->ratetest();
$result = $this->traptest();
if($result == 3) {
$this->traptest();
$this->emptytest();
if($this->passfail == 4) {
$this->sndmsg("webmaster@pngpst.net");
return 3;
return 4;
}else{
return 0;
}
@ -107,7 +117,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Token is valid, process the form
// ... Your form processing logic goes here ...
$winner = $antibot->do_tests();
if ($winner == 3){
if ($winner == 4){
echo "Form Submitted thank you!";
}else{
echo "Error: Send failed, please try again. -1";
@ -140,7 +150,9 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.min.css">
<title>Urandom.link contact form</title>
@ -148,92 +160,113 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
<body>
<section class="hero">
<div class="hero-body">
<p class="title">
URANDOM.LINK Contact Form
</p>
<p class="subtitle">
Embrace the random
</p>
</div>
</section>
<div id="container">
<div id="header">
<div id="headerleft">
<div id="title"><a href="https://urandom.link">Urandom.link</a><br />
<h3>Embrace the random!</h3>
</div>
</div>
<div id="headerright">
<div id="flickr">
</div>
</div>
<section class="section">
<div class="container">
<form action="https://urandom.link/contactform.php" method="post" id="contact">
<div class="field is-horizontal">
<div class="field-label is-normal">
<label class="label">From</label>
</div>
<div class="field-body">
<div class="field">
<p class="control is-expanded has-icons-left">
<input class="input" type="text" placeholder="Your Name" name="fname">
<span class="icon is-small is-left">
<i class="fas fa-user"></i>
</span>
</p>
</div>
<div class="field">
<p class="control is-expanded has-icons-left has-icons-right">
<input class="input is-success" type="email" placeholder="Email" name="email">
<span class="icon is-small is-left">
<i class="fas fa-envelope"></i>
</span>
<span class="icon is-small is-right">
<i class="fas fa-check"></i>
</span>
</p>
</div>
</div>
</div>
<div id="content">
<div id="center">
<div class="post">
<h1><a href="#">Contact us</a></h1>
<div class="storycontent">
<div>
<form action="https://urandom.link/contactform.php" method="post" id="contact">
<table>
<tr>
<td>
Your Name: <input type="text" name="fname" />
</td></tr>
<tr>
<td>
Subject:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input type="text" name="lname" />
</td>
</tr>
<tr>
<td>
E-mail:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input type="text" name="email" />
</td>
</tr>
<tr>
<td>
Message:&nbsp;&nbsp;&nbsp; <textarea name="comments" cols="50" rows="25"></textarea>
</td>
</tr>
<tr>
<td>
<div class="field is-horizontal">
<div class="field-label is-normal">
<label class="label">Subject</label>
</div>
<div class="field-body">
<div class="field">
<div class="control">
<input class="input is-danger" type="text" placeholder="Subject" name="lname">
</div>
<p class="help is-danger">
This field is required
</p>
</div>
</div>
</div>
<div class="field is-horizontal">
<div class="field-label is-normal">
<label class="label">Message</label>
</div>
<div class="field-body">
<div class="field">
<div class="control">
<textarea class="textarea is-danger" placeholder="Your message here" name="comments"></textarea>
</div>
<p class="help is-danger">
This field is required
</p>
</div>
</div>
</div>
<div class="field is-horizontal">
<div class="field-label">
<!-- Left empty for spacing -->
</div>
<div class="field-body">
<div class="field">
<div class="control">
<button class="button is-primary">
Send message
</button>
</div>
</div>
</div>
</div>
</div>
<input type="text" name="website" style=" display: none;"/>
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>"/>
<button type="submit">Send Message </button>
</td>
</tr>
</table>
</form>
</div>
</form>
</section>
</div>
</div>
</div>
<div id="sidebar">
<div id="left">
</div>
</div>
<div style="clear: both"><br /></div>
<div id="footer">
<div id="footernote">
</div>
</div>