Interesting PHP mailer Issue - Blank emails on the half hour

What script you using? Could be someone trying to abuse it. Check your access logs.

As Buddha says really. If it's a custom built script, check to make sure it can't be exploited.
I'd be more than willing to look over some code if needs be

David

I'ld more than will to take a quick peek too.

Here's the code. Some names have been deleted to protect the....

Thank you for the help! I'm sure this code is exploitable. Any help in securing it up would be greatly appreciated.

The use here for people on other hosts that don't have the ability to use CDONTS asp email forms. Their form gets directed through my domain and the php script shown below. The thankyou.htm resides back on the submitting domain.

Again, Thanks!
Jim


-----------------Begin Code-------------------
<?
$message.="\nName: ";
$message.=$HTTP_POST_VARS['Name'];
$message.="\nAdd1: ";
$message.=$HTTP_POST_VARS['Address1'];
$message.="\nAdd2: ";
$message.=$HTTP_POST_VARS['Address2'];
$message.="\nCity: ";
$message.=$HTTP_POST_VARS['City'];
$message.="\nState: ";
$message.=$HTTP_POST_VARS['State'];
$message.="\nZip: ";
$message.=$HTTP_POST_VARS['Zip'];
$message.="\nPhone: ";
$message.=$HTTP_POST_VARS['Phone'];
$message.="\nEmail: ";
$message.=$HTTP_POST_VARS['Email'];
$message.="\nRequest: ";
$message.=$HTTP_POST_VARS['Request'];
$email = $HTTP_POST_VARS['Email'];


if(!check_email($email)):
$email = "No@AddressSupplied.Sorry";
endif;

mail("walter@thesubmittingdomain.com", "Contact Us Request from Web Page", $message, "From: $email " );
mail("webinfo@thesubmittingdomain.com", "Contact Us Request from Web Page", $message, "From: $email " );

header("Location: http://www.thesubmittingdomain.com/thanks.htm");

function check_email($str)
{
//returns 1 if valid email, 0 if not
if(ereg("^.+@.+\\..+$", $str))
return 1;
else
return 0;
}
?>
---------------End Code---------------

Follow up info....

Looked into my logs. Ultimately found something identical to wha tis listed below happening, which has since stopped. It there a way I can block IP's in my domains at Dathorn?

Thanks again.
Jim

----------------------
Had to block W3CRobot
I discovered that someone from Korea had sucked down a lot of posts from my blog, using this little robot:

W3CRobot/5.4.0 libwww/5.4.0

It's a free robot from W3C, and it may be misused.

This one first did a head on many posts, then downloaded them.

Unless someone can tell me this bot has legitimate uses, I'd say block it.

The IP numbers are in this range:
221.148.44.
-------------------------------

The TO addresses in that script are hard coded so that really shouldn't be an issue other than the possibility of you receiving lots of spam.

No spam getting out.

Ban the robot, same robot has cause problems else where.

You might want to wrap your code in something like this:

It should keep people and robots from doing a GET instead of a POST on the action URL for the form. Would help to check that some of those $_POST variable aren't empty too. In otherwords, require a few of the form fields.

The important thing is it's not a spam hazard. Good work!

I thought i'd make a few amendmants to your code. Feeel free to use them if you wish or completly ignore them!
The most important change is from $HTTP_POST_VARS to $_POST. The first style is no longer supported which means this script wouldn't be portable in later years.
You could quite easily add in some checking as Buddha says. This would stop you getting blank emails from someone just clicking the submit button without entering any information.

David

Wow! Thanks, everyone, for the valuable assistance. I had form field validation turned on from the beginning. Seems as though this bot found my script which explains the blank emails I suppose. My access logs showed the exact IP shown in my earlier posts so I banned it. That IP seems somewhat popular. sdjl, I will look at your code. Looks much more concise than mine! Thanks.

-Jim