Contact form on our website is sending us spam

The validation on your form isn't working. It seems to be done by the javascript function "validaterequest". But the console is saying this is not defined.

It then gets caught in some sort of refresh loop in sendemail.php, which causes the spam.

EDIT - There is also various javascript errors when the browser loads up http://www.laptop-repairs.com/index.html
 
Last edited:
I'd look at moving the contact form over to PHP and storing them into a database as well as sending emails if you've not already set that up.

I've no real experience with javascript but php forms are easy enough to setup.
 
With recaptcha you should be doing server-side validation too. When the form is posted to sendemail.php it is sent the recaptcha response which should then be sent to Google along with your secret key and the client's IP address.

You can use PHP and all it needs do is query the verify URL e.g.:
https://www.google.com/recaptcha/ap...esponse=CAPTCHAFORMRESPONSE&remoteip=CLIENTIP

This then tells you if the captcha was actually valid or forged.

Here's some PHP someone wrote to do that:

PHP:
#
# Verify captcha
$post_data = http_build_query(
    array(
        'secret' => CAPTCHA_SECRET,
        'response' => $_POST['g-recaptcha-response'],
        'remoteip' => $_SERVER['REMOTE_ADDR']
    )
);
$opts = array('http' =>
    array(
        'method'  => 'POST',
        'header'  => 'Content-type: application/x-www-form-urlencoded',
        'content' => $post_data
    )
);
$context  = stream_context_create($opts);
$response = file_get_contents('https://www.google.com/recaptcha/api/siteverify', false, $context);
$result = json_decode($response);
if (!$result->success) {
    throw new Exception('Gah! CAPTCHA verification failed. Please email me directly at: ', 1);
}

https://gist.github.com/jonathanstark/dfb30bdfb522318fc819
 
Last edited:
is it supposed to show on every page?

It would just be a case of going in to the code and commenting out the form using comment tags <!-- before the content and --> after.
 
We don't want it to show on the index page.
I tried that <!-- --> tag last night and it greyed out the text, but when I uploaded it, the form was still showing.

Here's the code, where abouts should I be putting the comment tags?

<script src="https://www.google.com/recaptcha/api.js?onload=myCallBack&render=explicit" async="" defer=""></script>
<script></script>
<script type="text/javascript"></script>
<section id="main-slider" class="no-margin">
<div class="carousel slide">
<div class="carousel-inner">
<div class="item active">
<div class="container">
<div class="slide-margin mac-home">
<div class="">
<div class="col-md-8 animation animated-item-4 padding">
<h1 class="animation animated-item-1">Central London's leading Laptop Repairs Specialist Since 1986</h1>
<div class="pra">
<div class="slider-img01" slide-faq="">
<div style="background-image: url('images/lap-home.png'); background-repeat: no-repeat; " class="slider-img"> </div>
</div>
</div>
<ul class="service-left">
<li>Free quotation while you wait</li>
<li>Safe data handling</li>
<li>All models repaired</li>
<li>No fix no fee</li>
<li>Collection available</li>
</ul>
</div>
<div class="col-sm-4">

<div class="contact-us-now">

<h1>Quick Enquiry</h1>
<div class="contact-box-insite">
<form name="contact_now" id="contact_now" method="post" action="sendemail.php">
<p>Fill in the form below for a quick quote</p>
<input id="fname" name="fname" class="font-color" placeholder="First Name *"/>
<span id="fn_name"></span>
<input id="email" name="email" class="font-color" type="email" placeholder="Email *"/>
<span id="ei_mail"></span>
<input id="phone" name="phone" class="font-color" placeholder="Phone *" onKeyPress="return isNumber(event);"/>
<span id="tel_name"></span>
<input id="makemodel" name="makemodel" class="font-color" placeholder="Make & Model *"/>
<span id="e_makemodel"></span>
<textarea name="mes" id="mes" class="font-color" rows="" placeholder="Enter details of fault for a quick quote"></textarea>
<input type="hidden" name="url" id="url" value=""/>
<span id=mainCaptchanyu>
<input id=mainCaptcha class=live_captcha type=button name=cap>
</span>
<input id=txtInput class=textvalue placeholder="Captcha *"/>
<span id=cap_info></span>
<div id="recaptcha1"></div>
<span style="color: red;" id="hiddenRecaptcha"></span>
<input type="hidden" class="hiddenRecaptcha required" name="hiddenRecaptcha1" id="hiddenRecaptcha1"/>
<label id="test"></label>
<input class="input-button" name="" type="submit" value="SEND" onClick="return validaterequest();"/>
</form>

</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
 
You need to comment before this div:
<div class="col-sm-4">
and after it's matching end tag too:
</div>

it might be easier to change it to:
<div class="col-sm-4" style="display:none;">
This will hide it without you having to go looking for the end tag.
 
Surprised that reCAPTCHA isn't working?

I think the form itself was fine, it was the code processing the response that was broken and seemed to get stuck in an infinite loop which presumably sent a blank email each time it loaded.

Retro Techy, if you post the code of the sendmail.php file here I'm sure somebody would be able to spot the error and fix it for you.
 
Back
Top Bottom