I am trying to create a hidden email field in my contact form that, when filled out, will not send me an email (meaning a spammer filled in the hidden email field), instead, just sending the spammer to a confirmation page saying that the email was sent.
I can't get it to work properly.
Test site - http://www.webexplosive.com/s1/contact.html
Here is my php script for the contact form:
<?php
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email1 = $_POST ['email1'];
$phone = $_POST ['phone'];
$comments = $_POST ['comments'];
$testBot = $_POST ['email2'];
$headers = "MIME-Version: 1.0\r\n";
$headers = "From: $email1";
$to = 'beefjelly69@yahoo.com';
$subject = 'Contact Form Submitted - Virginia Subsite';
$message = "
First name: $firstname \n
Last name: $lastname \n
Email: $email1 \n
Phone: $phone \n
Comments: $comments \n";
mail($to, $subject, $message, $headers);
header("Location: thankyou.html");
if(email2 == "") { //If email2 form section is blank then...
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email1 = $_POST ['email1'];
$phone = $_POST ['phone'];
$comments = $_POST ['comments'];
$testBot = $_POST ['email2'];
$headers = "MIME-Version: 1.0\r\n";
$headers = "From: $email1";
$to = 'beefjelly69@yahoo.com';
$subject = 'Contact Form Submitted - Virginia Subsite';
$message = "
First name: $firstname \n
Last name: $lastname \n
Email: $email1 \n
Phone: $phone \n
Comments: $comments \n";
mail($to, $subject, $message, $headers);
header("Location: thankyou.html");
}
else {
header("Location: thankyou.html");
}
?>
This is because you always call the mail form first. You need to validate it before you call it. Call the mail function after you have checked that the email2 field is empty.
As it is, it will always send the mail, before hitting the if statement.
Suggestion: Look into implementing a captcha or something similar than that.