Blank Contact Form Submission - Suspected SPAM

[sss_1234]

Hello all,

I have a contact form on my website and I keep getting blank submissions from it which I suspect are SPAM.

Here is the php code I use to stop SPAM, can anyone see where it is going wrong or suggest what can be added to stop these blank submissions.

<?php
$to = "info@mydomain.co.uk";
$subject = "Customer Contact Phone";
$body = $_POST["realname"];
$body .= "\n";
$body .= $_POST["number"];
$email = "info@mydomain.co.uk";

function is_valid_email($to) {
return preg_match('#^[a-z0-9.!\#$%&\'*+-/=?^_`{|}~]+@([0-9.]+|([^\s]+\.+[a-z]{2,6}))$#si', $to);
}

function contains_bad_str($str_to_test) {
$bad_strings = array(
"content-type:"
,"mime-version:"
,"multipart/mixed"
,"Content-Transfer-Encoding:"
,"bcc:"
,"cc:"
,"to:"
);

foreach($bad_strings as $bad_string) {
if(eregi($bad_string, strtolower($str_to_test))) {
echo "$bad_string found. Suspected injection attempt - mail not being sent.";
exit;
}
}
}

function contains_newlines($str_to_test) {
if(preg_match("/(%0A|%0D|\\n+|\\r+)/i", $str_to_test) != 0) {
echo "newline found in $str_to_test. Suspected injection attempt - mail not being sent.";
exit;
}
}

if (!is_valid_email($to)) {
echo 'Invalid email submitted - mail not being sent.';
exit;
}

contains_bad_str($email);
contains_bad_str($subject);
contains_bad_str($body);
contains_bad_str($to);

contains_newlines($email);
contains_newlines($subject);
contains_newlines($to);

$headers = "From: $email";
mail($to, $subject, $body, $headers);
echo "";
die();
?>

Thanks in advance for any help with this!

Kind regards, Mike

[Jarrod1937]

If they're blank just test that the string length (using strlen() ) is greater than 0, else trigger an error.

[sss_1234]

Hi Jarrod, thanks very much for the reply.

I'll do some research on strlen() and give it a go! I'm new to all this so may have to post back if I can't get it to work!

Thanks again,

Mike