[RESOLVED] Having problems with my mailing script.

EPJS

Edit: Ok I put it in an array instead and now it works 🙂

Btw, I wasn't sending any code in hidden fields, that was just the time and date they sent the email in hidden fields. And it's only for convince (so I can see it at a glance in the email), I also have the info saved in a flat file unaware to the user, so it's fine.

dbchip2000

Your current prevention is not extremely effective which I'll explain in a second; but as to your question:

$codes = "NG75" || "B1C2" || "DR21" || "KJG4" || "387C" || "HK47" || "K21B" || "92DK" || "H542" || "FJ521";

This is simply a boolean statement that will ALWAYS evaluate $codes to true (1). So you always are comparing 1 to true in the response. Consider using $codes as an array of those values or consider using CAPTCHA technology for better prevention and confirmation. http://codewalkers.com/seecode/630.html is a good starting point for that.

As far as flood prevention: if someone were serious about using the page for flooding, they'd simply have to remove the cookie that you set. An alternative is to use a database and record each time an IP address submits the form.

In your current method, you're also sending the code to the user as a 'hidden' field. A bot simply has to parse the source to get it and send it back.

Hopefully this helps you