mail.inc實現周密的留言發郵箱
我網站上不少地方都有給我留言的連接,這些連接指向一個地方 http://www.dushangself.site/emlog/?post=8php
(源碼使用方式:一共四個源代碼,第一個和第二個寫在一塊兒,,第三個命名爲mail.inc.php,第四個命名爲mail.php,傳到你服務器的一個目錄下,記下mail.PHP的地址,而後把第二個源碼的第20行改爲那個地址,另外,第四個提示的地方也要改) css
源代碼與講解: html
對於新手來說,這頁面很容易就能寫出來,但是如何實現它的功能和安全性就比較複雜了,由於考慮如何把郵件發出去,不讓功能代碼泄露,也不讓不良人士猛刷PHP地址而形成郵箱癱瘓這些功能的實現是須要經驗的。 正則表達式
首先,這個漂亮型的界面是如何寫的? sql
這裏的驗證碼生成我沒有使用傳統的servlet 和session來互動,由於我認爲那會加劇我寶貴的服務器的負擔,提早退休,因此就用JS小程序寫了一個,並達到相似的安全水準。
bootstrap
若是你是用的默認的樣式的話,沒法達到上面這個效果,這裏我用的bootstrap的樣式,只須要在HTML頭部最上方導入這樣的地址 小程序
<link rel="stylesheet" href="https://cdn.staticfile.org/twitter-bootstrap/3.3.7/css/bootstrap.min.css"> <script src=" <script src="https://cdn.staticfile.org/twitter-bootstrap/3.3.7/js/bootstrap.min.js"></script>
如下是頁面的HTML數組
<style> #code{
font-family:Arial;
font-style:italic;
font-weight:bold;
border:0;
letter-spacing:2px;
color:blue;
text-decoration:line-through;
}
</style>
<script>
function gengxin(){
document.getElementById('lianxi').value='';
document.getElementById('zhengwen').value='';
document.getElementById('input').value='';
form1.add.disabled=true; createCode();
}
window.onload = function (){
createCode();
document.getElementById("form1").action="http://www.dushangself.site/old_index.php";
document.getElementById('lianxi').value='';
document.getElementById('zhengwen').value='';
document.getElementById('input').value='';
form1.add.disabled=true;
}
function SaveChange()
{
var oValue = document.getElementById('input').value.toUpperCase(); var lianxi = document.getElementById('lianxi').value; var zhengwen = document.getElementById('zhengwen').value; if(lianxi ==""){document.getElementById("p2").style.backgroundColor="GREY"; alert('把您的聯繫方式寫出來,要不我怎麼知道你是誰呢?'); }else if(zhengwen ==""){ document.getElementById("p2").style.backgroundColor="GREY";alert('給我說的話不可空置'); }else if(oValue ==0){ document.getElementById("p2").style.backgroundColor="GREY";alert('輸驗證碼!若是沒有顯示,請發信息到2528852314@qq.com,感激涕零!'); }else if(oValue != code){ document.getElementById("p2").style.backgroundColor="GREY";alert('您個錘子!這種驗證碼都您都寫不對!'); oValue = ' '; document.getElementById('input').value=''; createCode(); }else{
document.getElementById("form1").action="http://www.dushangself.site/sendmailtool/mail.php";
form1.add.disabled=true;createCode();document.getElementById("p2").disabled=true;
document.getElementById("p2").style.backgroundColor="GREY";
}
}
var code;
function createCode(){
code = '';
var codeLength = 4;
var codeV = document.getElementById('code');
var random = new Array(0,1,2,3,4,5,6,7,8,9);
for(var i = 0; i < codeLength; i++){ var index = Math.floor(Math.random()*10); code += random[index]; } codeV.value = code; } function validate(){ var oValue = document.getElementById('input').value.toUpperCase(); var lianxi = document.getElementById('lianxi').value; var zhengwen = document.getElementById('zhengwen').value; if(lianxi==""){document.getElementById("p2").style.backgroundColor="GREY"; alert('把您的聯繫方式寫出來,要不我怎麼知道你是誰呢?'); }else if(zhengwen ==""){ document.getElementById("p2").style.backgroundColor="GREY";alert('給我說的話不可空置'); }else if(oValue ==0){ document.getElementById("p2").style.backgroundColor="GREY";alert('輸驗證碼!若是沒有顯示,請發信息到2528852314@qq.com,感激涕零!'); }else if(oValue != code){ document.getElementById("p2").style.backgroundColor="GREY";alert('您個錘子!這種驗證碼都您都寫不對!'); oValue = ' '; document.getElementById('input').value=''; createCode(); }else{document.getElementById("form1").action="http://www.dushangself.site/sendmailtool/mail.php"; document.getElementById("p2").style.backgroundColor="#00FF7F";createCode();document.getElementById("p2").style.color="white";document.getElementById("p2").disabled=false;document.getElementById('input').value='';} } </script>
<p style="font:13px/20px Georgia, "background-color:azure;" align="left">
<span class="glyphicon glyphicon-info-sign"> </span> 低級瀏覽器不兼容個人代碼,若寫完內容並點留言後未彈出窗口,則留言失敗。
</p>
<form name="form1" id="form1" method="post" action="http://www.dushangself.site/sendmailtool/mail.php" target="ifrm">
<p align="center">
<input name="q3" size="21" type="text" class="form-control" id="lianxi" placeholder="QQ、微信或任何能聯繫您的方式並註明" />
</p>
<p align="center">
<textarea name="q4" cols="21" class="form-control" id="zhengwen" rows="6" placeholder="請輸入您要給個人留言"></textarea>
</p>
<p align="center">
<br />
</p>
<p>
<input type="button" id="code" onclick="createCode()" /> <input type="number" id="input" value="" /> <input type="button" value="驗證" onclick="validate()" class="btn btn-warning" />
</p>
<p>
<br />
</p>
<p onclick="" align="center">
<input onclick="SaveChange(); name=" add"="" type="submit" style="color:#a8a8a9;background-color:#717171;border-color:#00FF7F;" id="p2" class="btn btn-success" disabled="disabled" value="單擊留言" />
</p>
<p onclick="" align="center">
<br />
</p>
<p onclick="" align="center">
<br />
</p>
</form>
這樣就能實現如下功能瀏覽器
1.表層功能安全
2.防不良人士使用開發工具修改灰色按鈕屬性向別人炫耀本身的技術,並形成郵箱癱瘓
3.檢測各個表單的內容是否爲空
4.驗證碼更新後原來的填寫變空
5.良好的用戶體驗(會引導用戶以正確步驟使用而沒有困惑)
尤爲是第二點,須要再檢測一遍,即JS代碼第26行起的那個函數始和終,但這個不是重點,驗證碼纔是重點
那麼驗證碼是怎麼實現的呢,我沒有那個精力去寫一個生成圖像的PHP,可是也要弄一個很難被解析的圖像,而且獲取值,這個函數叫createCode(見第41行)
,用語言表述過程就是
設計長度
創建0-9數組
用random和for排序,即隨機生成數字,並循環這個操做4遍
CSS添加加密樣式,(這裏,由於考慮到我還有其餘函數,因此就弄得簡單了,這個你們本身加密)
把值傳出去
不過本文章的最重要的重點是PHP發郵件
雖然PHP之內置函數庫巨大而著稱,但對於虛擬主機用戶仍是沒法使用發郵件的函數,由於這個函數不是內置的,並且虛擬主機用戶不能自定義安裝
因此我就把這個插件的源代碼複製了一下
點擊展開而後複製,命名爲mail.inc.php
<?php
class smtp
{
/* Public Variables */
var $smtp_port;
var $time_out;
var $host_name;
var $log_file;
var $relay_host;
var $debug;
var $auth;
var $user;
var $pass;
var $from;
var $test="test";
/* Private Variables */
var $sock;
/* Constractor */
function smtp($relay_host = "", $smtp_port = 25,$auth = false,$user,$pass,$from)
{
$this->debug = FALSE;
$this->smtp_port = $smtp_port;
$this->relay_host = $relay_host;
$this->time_out = 30; //is used in fsockopen()
#
$this->auth = $auth;//auth
$this->user = $user;
$this->pass = $pass;
$this->from = $from;
#
$this->host_name = "localhost"; //is used in HELO command
$this->log_file = "";
$this->sock = FALSE;
}
/* Main Function */
function sendmail($to,$fromname="",$subject = "", $body = "", $mailtype, $cc = "", $bcc = "", $additional_headers = "")
{
$mail_from = $this->get_address($this->strip_comment($this->from));
$body = ereg_replace("(^|(\r\n))(\.)", "\1.\3", $body);
$header = "MIME-Version:1.0\r\n";
if($mailtype=="HTML"){
$header .= "Content-Type:text/html\r\n";
}
$header .= "To: ".$to."\r\n";
if ($cc != "") {
$header .= "Cc: ".$cc."\r\n";
}
if ($fromname!="") $header .= "From: ".$fromname."<".$this->from.">\r\n";
if ($fromname=="") $header .= "From:<".$this->from.">\r\n";
$header .= "Subject: ".$subject."\r\n";
$header .= $additional_headers;
$header .= "Date: ".date("r")."\r\n";
$header .= "X-Mailer:By Redhat (PHP/".phpversion().")\r\n";
$utfheader=iconv("GBK","UTF-8//IGNORE",$header);
list($msec, $sec) = explode(" ", microtime());
$header .= "Message-ID: <".date("YmdHis", $sec).".".($msec*1000000).".".$mail_from.">\r\n";
$TO = explode(",", $this->strip_comment($to));
if ($cc != "") {
$TO = array_merge($TO, explode(",", $this->strip_comment($cc)));
}
if ($bcc != "") {
$TO = array_merge($TO, explode(",", $this->strip_comment($bcc)));
}
$sent = TRUE;
foreach ($TO as $rcpt_to) {
$rcpt_to = $this->get_address($rcpt_to);
if (!$this->smtp_sockopen($rcpt_to)) {
$this->log_write("Error: Cannot send email to ".$rcpt_to."\n");
$sent = FALSE;
continue;
}
if ($this->smtp_send($this->host_name, $mail_from, $rcpt_to, $utfheader, $body)) {
$this->log_write("E-mail has been sent to <".$rcpt_to.">\n");
} else {
$this->log_write("Error: Cannot send email to <".$rcpt_to.">\n");
$sent = FALSE;
}
fclose($this->sock);
$this->log_write("Disconnected from remote host\n");
}
return $sent;
}
/* Private Functions */
function smtp_send($helo, $from, $to, $header, $body = "")
{
if (!$this->smtp_putcmd("HELO", $helo)) {
return $this->smtp_error("sending HELO command");
}
#auth
if($this->auth){
if (!$this->smtp_putcmd("AUTH LOGIN", base64_encode($this->user))) {
return $this->smtp_error("sending HELO command");
}
if (!$this->smtp_putcmd("", base64_encode($this->pass))) {
return $this->smtp_error("sending HELO command");
}
}
#
if (!$this->smtp_putcmd("MAIL", "FROM:<".$from.">")) {
return $this->smtp_error("sending MAIL FROM command");
}
if (!$this->smtp_putcmd("RCPT", "TO:<".$to.">")) {
return $this->smtp_error("sending RCPT TO command");
}
if (!$this->smtp_putcmd("DATA")) {
return $this->smtp_error("sending DATA command");
}
if (!$this->smtp_message($header, $body)) {
return $this->smtp_error("sending message");
}
if (!$this->smtp_eom()) {
return $this->smtp_error("sending <CR><LF>.<CR><LF> [EOM]");
}
if (!$this->smtp_putcmd("QUIT")) {
return $this->smtp_error("sending QUIT command");
}
return TRUE;
}
function smtp_sockopen($address)
{
if ($this->relay_host == "") {
return $this->smtp_sockopen_mx($address);
} else {
return $this->smtp_sockopen_relay();
}
}
function smtp_sockopen_relay()
{
$this->log_write("Trying to ".$this->relay_host.":".$this->smtp_port."\n");
$this->sock = @fsockopen($this->relay_host, $this->smtp_port, $errno, $errstr, $this->time_out);
if (!($this->sock && $this->smtp_ok())) {
$this->log_write("Error: Cannot connenct to relay host ".$this->relay_host."\n");
$this->log_write("Error: ".$errstr." (".$errno.")\n");
return FALSE;
}
$this->log_write("Connected to relay host ".$this->relay_host."\n");
return TRUE;
}
function smtp_sockopen_mx($address)
{
$domain = ereg_replace("^.+@([^@]+)$", "\1", $address);
if (!@getmxrr($domain, $MXHOSTS)) {
$this->log_write("Error: Cannot resolve MX \"".$domain."\"\n");
return FALSE;
}
foreach ($MXHOSTS as $host) {
$this->log_write("Trying to ".$host.":".$this->smtp_port."\n");
$this->sock = @fsockopen($host, $this->smtp_port, $errno, $errstr, $this->time_out);
if (!($this->sock && $this->smtp_ok())) {
$this->log_write("Warning: Cannot connect to mx host ".$host."\n");
$this->log_write("Error: ".$errstr." (".$errno.")\n");
continue;
}
$this->log_write("Connected to mx host ".$host."\n");
return TRUE;
}
$this->log_write("Error: Cannot connect to any mx hosts (".implode(", ", $MXHOSTS).")\n");
return FALSE;
}
function smtp_message($header, $body)
{
fputs($this->sock, $header."\r\n".$body);
$this->smtp_debug("> ".str_replace("\r\n", "\n"."> ", $header."\n> ".$body."\n> "));
return TRUE;
}
function smtp_eom()
{
fputs($this->sock, "\r\n.\r\n");
$this->smtp_debug(". [EOM]\n");
return $this->smtp_ok();
}
function smtp_ok()
{
$response = str_replace("\r\n", "", fgets($this->sock, 512));
$this->smtp_debug($response."\n");
if (!ereg("^[23]", $response)) {
fputs($this->sock, "QUIT\r\n");
fgets($this->sock, 512);
$this->log_write("Error: Remote host returned \"".$response."\"\n");
return FALSE;
}
return TRUE;
}
function smtp_putcmd($cmd, $arg = "")
{
if ($arg != "") {
if($cmd=="") $cmd = $arg;
else $cmd = $cmd." ".$arg;
}
fputs($this->sock, $cmd."\r\n");
$this->smtp_debug("> ".$cmd."\n");
return $this->smtp_ok();
}
function smtp_error($string)
{
$this->log_write("Error: Error occurred while ".$string.".\n");
return FALSE;
}
function log_write($message)
{
$this->smtp_debug($message);
if ($this->log_file == "") {
return TRUE;
}
$message = date("M d H:i:s ").get_current_user()."[".getmypid()."]: ".$message;
if (!@file_exists($this->log_file) || !($fp = @fopen($this->log_file, "a"))) {
$this->smtp_debug("Warning: Cannot open log file \"".$this->log_file."\"\n");
return FALSE;;
}
flock($fp, LOCK_EX);
fputs($fp, $message);
fclose($fp);
return TRUE;
}
function strip_comment($address)
{
$comment = "\([^()]*\)";
while (ereg($comment, $address)) {
$address = ereg_replace($comment, "", $address);
}
return $address;
}
function get_address($address)
{
$address = ereg_replace("([ \t\r\n])+", "", $address);
$address = ereg_replace("^.*<(.+)>.*$", "\1", $address);
return $address;
}
function smtp_debug($message)
{
if ($this->debug) {
echo $message;
}
}
}
?>
而後就是後臺的代碼,插一句,我喜歡用UE寫代碼,由於啓動快
如下是PHP代碼主體
<?php
function fang_SQL_zhu_ru($chars,$encoding='utf8')
{
$pattern =($encoding=='utf8')?'/[\x{4e00}-\x{9fa5}a-zA-Z0-9,.,。?!]/u':'/[\x80-\xFF]/,.,。!?';
preg_match_all($pattern,$chars,$result);
$temp =join('',$result[0]);
return $temp;
}
$liuyanzhe = $_POST["q3"];
$zhengwen = $_POST["q4"];
$liuyanzhe = fang_SQL_zhu_ru($liuyanzhe);
$zhengwen = fang_SQL_zhu_ru($zhengwen);
include_once("mail.inc.php");
$smtp = new smtp("郵箱服務器如smtp.qq.com",25,true,"你的郵箱","你的郵箱STMP密碼","你的郵箱");//發件人信箱信息
$smtp->debug = false;
$mailto="".$_POST["email"]."";
$mailsubject="留言者:".$liuyanzhe."";
$mailfrom="留言";//來自<本身改>
$mailbody="這是我網站上的留言:<br><br>";//稱呼 <br>是換行的
$mailbody=$mailbody."".$zhengwen."";
$mailtype = "HTML";
$mailsubject = '=?UTF-8?B?'.base64_encode($mailsubject).'?=';
$mailfrom = '=?UTF-8?B?'.base64_encode($mailfrom).'?=';
if (isset($_COOKIE["visitor"]))
{}
else{
$smtp->sendmail("收件人郵箱", $mailfrom, $mailsubject, $mailbody, $mailtype);
}
setcookie("visitor","ok",time()+10);
echo "
<script>
window.onload = function (){
alert('留言成功!我會看到噠!');
window.close();
}
</script>
";
把第14行和28行我提示的改掉就好了
值得注意的是,這個能夠過濾非法字符,用的正則表達式,研究一下能夠積累一些防止sql注入的經驗。畢竟,留言板是一個最容易讓一些互聯網流氓黑客攻擊的地方。
在攻擊方面,利用單一的IP進行長時間的PING也會使服務器癱瘓,可能叫CC攻擊吧,因此,弄一個session在PHP裏也是頗有必要的。
如下是效果圖
<僅此全文>
相關文章
- 1. qq郵箱 實現郵件的發送
- 2. Python3實現郵箱發送
- 3. Springboot實現發送郵箱
- 4. Python實現QQ郵箱發送郵件
- 5. SpringBoot實現QQ郵箱郵件發送
- 6. java實現發送郵箱郵件
- 7. python實現126郵箱發送郵件
- 8. Python3實現126郵箱163郵箱SMTP發送郵件
- 9. Java實現郵箱找回密碼
- 10. Springboot實現QQ郵箱的發送
- 更多相關文章...
- • 現實生活中的 XML - XML 教程
- • PHP 發送電子郵件 - PHP教程
- • ☆基於Java Instrument的Agent實現
- • Spring Cloud 微服務實戰(三) - 服務註冊與發現
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
歡迎關注本站公眾號,獲取更多信息
相關文章