87,996
社区成员
发帖
与我相关
我的任务
分享reCAPTCHA 验证问题
我有个 php发送留言到 email的小代码,其中邮箱字段判断我用的是Validform 担心表单恶意提交,就加入google的人机验证
发现不管有没有验证都可以提交 留言,这个怎么破
前端
feedback.php
smtp.php
发现不管有没有验证都可以提交 留言,这个怎么破
前端
<div role="tabpanel" class="tab-pane fade" id="Section4">
<p>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<form class="registerform" action="feedback.php" method="post">
<table width="100%" style="table-layout:fixed;">
<tr>
<td class="need" style="width:10px;">*</td>
<td style="width:70px;">Name:</td>
<td style="width:205px;"><input type="text" value="" name="k_name" id="name" class="inputxt" datatype="s1-18" nullmsg="Please enter a name!" errormsg="Please enter the correct name!" /></td>
<td><div class="Validform_checktip"></div></td>
</tr>
<tr>
<td class="need" style="width:10px;">*</td>
<td style="width:70px;">Email:</td>
<td style="width:205px;"><input type="text" value="" name="k_email" id="k_email" class="inputxt" datatype="e" nullmsg="Please enter email!" errormsg="Please enter the correct email!" /></td>
<td><div class="Validform_checktip"></div></td>
</tr>
<tr>
<td class="need" style="width:10px;">*</td>
<td style="width:70px;">Company:</td>
<td style="width:205px;"><input type="text" value="" name='k_cp' id="k_cp" class="inputxt" datatype="s6-68" nullmsg="Please enter company!" errormsg="Please enter the correct company" /></td>
<td><div class="Validform_checktip"></div></td>
</tr>
<tr>
<td class="need"></td>
<td></td>
<td colspan="2" style="padding:10px 0 18px 0;">
<div class="g-recaptcha" data-sitekey="6LcxXuIZAAAAAL9eBBZu-PjJR5Rrq8YNIzXgKs_T"></div>
<input type="submit" value="submit" /> <span id="msgdemo2" style="margin-left:30px;"></span>
</td>
</tr>
</table>
</form>
</p>
<script type="text/javascript" src="/js/Validform_v5.3.2.js"></script>
<script type="text/javascript">
$(function(){
$(".registerform").Validform({
tiptype:2,
postonce:true,
});
})
</script>
</div>feedback.php
<?php require("smtp.php");
//使用163邮箱服务器
//$smtpserver = "smtp.163.com";
$smtpserver = "ssl://smtp.163.com";
//163邮箱服务器端口
$smtpserverport = 465;
//例如163服务器邮箱账号
$smtpusermail = "账号@163.com";
//收件人邮箱 $smtpemailto = "$_POST[k_email]";
$smtpemailto = "$_POST[k_email]";
//你的邮箱账号(去掉@163.com)
$smtpuser = "账号";//SMTP服务器的用户帐号
//你的邮箱密码
$smtppass = "密码"; //SMTP服务器的用户密码,开启授权码请填授权码
//邮件主题
$mailsubject = "Down pdf";
//邮件内容 name="name" name="email" name="message"
//$mailbody = "姓名:$_POST[k_name]\r\n邮箱:$_POST[k_email]\r\n公司:$_POST[k_cp]\r\n下载链接:<a href='$_POST[k_pdf]'>$_POST[k_pdf]</a>";
$mailbody = "Name:$_POST[k_name]\r\nEmail:$_POST[k_email]\r\ncompany:$_POST[k_cp]\r\n' download='filename'>$_POST[ktitle]</a>";
//邮件格式(HTML/TXT),TXT为文本邮件
$mailtype = "HTML";
//这里面的一个true是表示使用身份验证,否则不使用身份验证.
$smtp = new smtp($smtpserver,$smtpserverport,true,$smtpuser,$smtppass);
//是否显示发送的调试信息
$smtp->debug = FALSE;
//发送邮件
if($smtp->sendmail($smtpemailto, $smtpusermail, $mailsubject, $mailbody, $mailtype))
//google验证码
$post_data = array(
'secret' => '6LcxXuIZAAAAAFbcGcX_u8ImPIO3WYs0xjuzqAAC',
'response' => $_POST["g-recaptcha-response"]
);
$recaptcha_json_result = send_post('https://www.google.com/recaptcha/api/siteverify', $post_data);
$recaptcha_result = json_decode($recaptcha_json_result);
?>smtp.php
<?php
class smtp
{
/* Public Variables */
var $smtp_port;
var $time_out;
var $host_name;
var $log_file;
var $relay_host;
var $debug;
var $auth;
var $user;
var $pass;
/* Private Variables */
var $sock;
/* Constractor */
function smtp($relay_host = "", $smtp_port = 465,$auth = false,$user,$pass)
{
$this->debug = FALSE;
$this->smtp_port = $smtp_port;
$this->relay_host = $relay_host;
$this->time_out = 30; //is used in fsockopen()
$this->auth = $auth;//auth
$this->user = $user;
$this->pass = $pass;
$this->host_name = "localhost"; //is used in HELO command
$this->log_file = "";
$this->sock = FALSE;
}
/* Main Function */
function sendmail($to, $from, $subject = "", $body = "", $mailtype, $cc = "", $bcc = "", $additional_headers = "")
{
$mail_from = $this->get_address($this->strip_comment($from));
$body = ereg_replace("(^|(\r\n))(\.)", "\1.\3", $body);
$header .= "MIME-Version:1.0\r\n";
if($mailtype=="HTML")
{
//$header .= "Content-Type:text/html\r\n";
$header .= "Content-Type:text/html;Charset=\"utf-8\"\r\n";
}
$header .= "To: ".$to."\r\n";
if ($cc != "")
{
$header .= "Cc: ".$cc."\r\n";
}
$header .= "From: $from<".$from.">\r\n";
$header .= "Subject: ".$subject."\r\n";
$header .= $additional_headers;
$header .= "Date: ".date("r")."\r\n";
$header .= "X-Mailer:By Redhat (PHP/".phpversion().")\r\n";
list($msec, $sec) = explode(" ", microtime());
$header .= "Message-ID: <".date("YmdHis", $sec).".".($msec*1000000).".".$mail_from.">\r\n";
$TO = explode(",", $this->strip_comment($to));
if ($cc != "")
{
$TO = array_merge($TO, explode(",", $this->strip_comment($cc)));
}
if ($bcc != "")
{
$TO = array_merge($TO, explode(",", $this->strip_comment($bcc)));
}
$sent = TRUE;
foreach ($TO as $rcpt_to)
{
$rcpt_to = $this->get_address($rcpt_to);
if (!$this->smtp_sockopen($rcpt_to))
{
$this->log_write("Error: Cannot send email to ".$rcpt_to."\n");
$sent = FALSE;
continue;
}
if ($this->smtp_send($this->host_name, $mail_from, $rcpt_to, $header, $body))
{
$this->log_write("E-mail has been sent to <".$rcpt_to.">\n");
}
else
{
$this->log_write("Error: Cannot send email to <".$rcpt_to.">\n");
$sent = FALSE;
}
fclose($this->sock);
$this->log_write("Disconnected from remote host\n");
}
return $sent;
}
/* Private Functions */
function smtp_send($helo, $from, $to, $header, $body = "")
{
if (!$this->smtp_putcmd("HELO", $helo))
{
return $this->smtp_error("sending HELO command");
}
#auth
if($this->auth)
{
if (!$this->smtp_putcmd("AUTH LOGIN", base64_encode($this->user)))
{
return $this->smtp_error("sending HELO command");
}
if (!$this->smtp_putcmd("", base64_encode($this->pass)))
{
return $this->smtp_error("sending HELO command");
}
}
if (!$this->smtp_putcmd("MAIL", "FROM:<".$from.">"))
{
return $this->smtp_error("sending MAIL FROM command");
}
if (!$this->smtp_putcmd("RCPT", "TO:<".$to.">"))
{
return $this->smtp_error("sending RCPT TO command");
}
if (!$this->smtp_putcmd("DATA"))
{
return $this->smtp_error("sending DATA command");
}
if (!$this->smtp_message($header, $body))
{
return $this->smtp_error("sending message");
}
if (!$this->smtp_eom())
{
return $this->smtp_error("sending <CR><LF>.<CR><LF> [EOM]");
}
if (!$this->smtp_putcmd("QUIT"))
{
return $this->smtp_error("sending QUIT command");
}
return TRUE;
}
function smtp_sockopen($address)
{
if ($this->relay_host == "")
{
return $this->smtp_sockopen_mx($address);
}
else
{
return $this->smtp_sockopen_relay();
}
}
function smtp_sockopen_relay()
{
$this->log_write("Trying to ".$this->relay_host.":".$this->smtp_port."\n");
$this->sock = @fsockopen($this->relay_host, $this->smtp_port, $errno, $errstr, $this->time_out);
if (!($this->sock && $this->smtp_ok()))
{
$this->log_write("Error: Cannot connenct to relay host ".$this->relay_host."\n");
$this->log_write("Error: ".$errstr." (".$errno.")\n");
return FALSE;
}
$this->log_write("Connected to relay host ".$this->relay_host."\n");
return TRUE;;
}
function smtp_sockopen_mx($address)
{
$domain = ereg_replace("^.+@([^@]+)$", "\1", $address);
if (!@getmxrr($domain, $MXHOSTS))
{
$this->log_write("Error: Cannot resolve MX \"".$domain."\"\n");
return FALSE;
}
foreach ($MXHOSTS as $host)
{
$this->log_write("Trying to ".$host.":".$this->smtp_port."\n");
$this->sock = @fsockopen($host, $this->smtp_port, $errno, $errstr, $this->time_o
...全文
请发表友善的回复…
发表回复
