I maintain a website for a state-wide collectors club. Recently, I've been having a running battle with spammers sending garbage membership forms to our website. I noticed that they had one thing in common: the value of the total dues was always zero.
I thought I had the problem solved by creating a server-side script (PHP) to pre-process the incoming forms before sending them on to the membership chairperson. And, it seemed to be working ... sort of.
The problem now is that when a form is processed that has a total value of zero, it's sent to a separate mailbox -- as it's supposed to -- and it appears that a blank email (no subject, no body) is also sent to the membership mailbox.
I'm wondering if the PHP routine could be sending the blank email.
Could someone please look over the code and see if that's what could be happening?
Here's the code I'm using:
<?php
$send_to = "membership@ohiobuttons.org";
$total = $POST[Total];
if((is_int($total) and $total==0) or strlen($total) == 1) $send_to = "postmaster@ohiobuttons.org";
$subject = "$POST[subject]";
$headers = "From: $POST[email]";
$message = "\n\n";
foreach($POST as $field => $value)
{
if($field != "subject" and $field != "email" and $field != "Submit" and $value != " " and $value != "")
$message .= "$field: $value\n\n" ;
}
$message = str_replace("_"," ",$message);
$message = stripslashes($message);
mail($send_to,$subject,$message,$headers);
echo "<script>window.close(true)</script>";
?>
Thanks in advance for your help.
Jim
