How to check for multiple @'s

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
We are trying to prevent spammers from mass mailing their list while
using our contact us script. We have a few security measures in place
but would also like to add a "check for more than 1 @'s in the to:, cc:
and bcc: fields. Can anyone point us to some code or turotials for
doing this?

Thanks in advance.

Re: How to check for multiple @'s

Quoted text here. Click to load it

 substr_count($CClist, '@')

will return the number of @ characters in $CClist

check out the PHP manual at



Re: How to check for multiple @'s

Ron Barnett wrote:
Quoted text here. Click to load it

THanks for the reply Ron.

Unfortunately, I am a newbie programmer and am having a tough time
making sense of the manual at

I can see hwo checking for the # of @'s will lead to a few statements
like if > 1 then blah. But am still lost as to actually coding this
into our current sciprt. Any more hints / tutorials / help for a newbie
in php?

Re: How to check for multiple @'s

Quoted text here. Click to load it

all you need to do is check to see if there is more than your allowed number  
of CCs in the list

I'm assuming you have the headers available in a string somewhere, if not  
the task will be difficult to explain.

If you send me  a mail with details of what you have and what you want to do  
I'll have a look at it and try to get you on the right track.

Just remove the REMOVE bits from my email address.

There are a number of excellent PHP books in the market, I can recommend the  
PHP developers cookbook published by SAMS (Angus Hughes / Andrei Zmievski)  
although not a PHP primer it does give a good easy to follow set of code  



Re: How to check for multiple @'s wrote:
Quoted text here. Click to load it


Maybe this is not needed for what you are trying to do ... but ...
Don't put in fields that have eMail return addresses in them at all.
This way, spammers can not fill in the field(s) with bogus email addys.
 If you already have a contact script maybe it would be better to
modify it so that the choices available to the surfer are 'script
aliases' instead of real email addys.  Make sure that the script
aliases used here are NOT email aliases in your email server.  For
instance, we use:

the list can go on.  To which each can point to a real email addy.
Some can be different if you wish, or all can point to the same real
email addy.

I looked at the 'picture based' form where you must enter some sort of
letters and number combination to submit but decided on the form based
above.  In either event, the surfer does not get your email addy until
YOU reply to their question or comment.

Note that I started doing this about 4 years ago and had problems with
my users as they believed it would be harder to contact using this sort
of form.  Since then, all have come on to my side of the fence and see
the benefit of less spam.  Surfer sees that something was sent as my
server replies in a web-widget that it indeed was sent.


Site Timeline