0

I have a form that gets spammed by random junk so im adding captca however most of my people are not that smart or foreign. So not really good option my alt is to use this a php script to use a xtttp request to check which country they are from but block all but US and CA now one option I have is geoip however that requires me to upload a database every 30days. so I want to turn this JavaScript into a php script that is run when the user visits the page where the loc is saved as a global variable that i can use in the php mailer script but the spammer cant see in the background.(yes if they get smart and use a US proxy it will not work)

here is the site that pulls the country code

https://www.cloudflare.com/cdn-cgi/trace

as you can see the only var i need to save to is loc=US

fl=573f158
h=www.cloudflare.com
ip=
ts=
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0
colo=IAD
sliver=none
http=http/2
loc=US
tls=TLSv1.3
sni=plaintext
warp=off
gateway=off
rbi=off
kex=X25519

here is the JavaScript that I can use to display on my page and that the spammer can see

<html>
<head>
  <script type="text/javascript">
    var xhttp = new XMLHttpRequest();
    xhttp.onreadystatechange = function() {
      if (this.readyState == 4 && this.status == 200) {
        var country_code = this.responseText.replace(/(\r\n|\n|\r)/gm,"").split('loc=');
        
        
        document.getElementById("countrycode-container").innerHTML = country_code;
      }
    };
    //OPEN HTTP Request
    xhttp.open("GET", "https://www.cloudflare.com/cdn-cgi/trace", true);
    xhttp.send();
  </script>
</head>
<body>
    <br><br><br>
<div id="countrycode-container"></div>
<br><br><br>
</body>
</html>

I would like the submit button when submitted to check the value of country_code and do somin like this

if (isset($_POST['submit'])){

//when user hits submit button and not from US,CA send to spam2


    if ($country_code != US,CA) {
    place spam2 mailer script here
    die();
    } else {
       continue the mailer script
        
    }

doing this I should be able to eliminate 90% of the spam and not add capcha and I will send the mail to a spam address I have so I can review them and make sure they are legit spam but not affect employees from getting these spam email.

Improve this question
8
  • if ($country_code != 'US' && $country_code != 'CA') Commented Nov 25, 2024 at 20:47
  • 1
    If you're getting spammed, they're not going through the web page, they're using custom scripts. So this won't help. Commented Nov 25, 2024 at 20:50
  • tks for 1st part can u link a script so i can see how i can prevent it? is captcha my only option? Commented Nov 25, 2024 at 20:53
  • 1
    If they use a script they can put whatever they want into the country code field. Commented Nov 25, 2024 at 21:32
  • 1
    BTW, you need to put the country code in the value of a hidden input. DIVs aren't sent when a form is submitted. Commented Nov 25, 2024 at 21:34
Related questions
5136
Reference Guide: What does this symbol mean in PHP? (PHP Syntax)
3111
Deleting an element from an array in PHP
2738
Why shouldn't I use mysql_* functions in PHP?
Load 6 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.