隐藏'”>'我有这样的HTML和PHP联系表格:从检查元素
<?php
$valid = true;
$errors = array();
$contact = array(
'name' => null,
'email' => null,
'message' => null
);
// Check if the form has been posted
if (isset($_POST['name'], $_POST['email'], $_POST['message'])) {
$contact = filter_input_array(INPUT_POST, array(
'name' => FILTER_SANITIZE_STRING,
'email' => FILTER_SANITIZE_STRING,
'message' => FILTER_SANITIZE_STRING,
), true);
if (empty($_POST['name'])) {
$valid = false;
$errors['name'] = "You must enter your name.";
}
if (empty($_POST['email'])) {
$valid = false;
$errors['email'] = "You must enter your email address.";
} elseif (!filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL)) {
$valid = false;
$errors['email'] = "You must enter a valid email address.";
}
if (empty($_POST['message'])) {
$valid = false;
$errors['message'] = "You must enter a message and/or subject.";
}
if ($valid) {
// The email address the email will be sent to
$to = "[email protected]";
// The email subject
$subject = $_POST['subject'];
// Set the from and reply-to address for the email
$headers = "From: ".$_POST['email'];
"X-Mailer: PHP/" . phpversion();
// Build the body of the email
$mailbody = "The contact form has been filled out.\n\n"
. "Name: " . $_POST['name'] . "\n"
. "Email: " . $_POST['email'] . "\n"
. "Message:\n" . $_POST['message'] . "\n"
. "IP: " . $_POST['userIP'];
// Send the email
mail($to, $subject, $mailbody, $headers);
// Go to the thank you page
header("location: contact.php");
exit;
}
}
?>
<div id="contactform">
<input type="text" class="field_a" name="name" value="<?php echo htmlspecialchars($contact['name']);?>" placeholder="Enter your name here">
<br>
<br>
<input class="field_a" name="email" type="email" value="<?php echo htmlspecialchars($contact['email']);?>" placeholder="And your email is?">
<br>
<br>
<input class="field_a" name="subject" type="text" value="<?php echo htmlspecialchars($contact['subject']);?>" placeholder="We need to know what your message is about">
<br>
<br>
<textarea class="field_b" name="message" rows="10" cols="25" placeholder="Finally, the message.."><?php echo htmlspecialchars($contact['message']);?></textarea>
<br>
<br>
<input class="field_c" style="width:830px;" name="send_mail" type="submit" value="Ready to send your message to All Things Roblox? Click me!">
<input type="hidden" name="userIP" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>">
</div>
</form>
我使用代码<input type="hidden" name="userIP" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>">
来抓取用户的IP地址,但他们可以很容易地通过使用inspect元素来防止这段代码。
如何防止<input type="hidden" name="userIP" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>">
显示?
再次感谢!
为什么你必须从HTML发送它,而不是只使用PHP? –
我以为你还必须在HTML中包含它.. – JugglingBob
如果它被发送到客户端客户端可以看到它。没有什么可以做的。 – user3783243