hello again. I hope you think i am god with these awsome business options for your sites and also therefor sometimes your clients!

I use a Send to a friend script for years. It is created by someone else, but they have credit in the copyright of the file.

Upload this file to your skins/SKIN direcotry

[attachmentid=235]

NOTE!! - You will need to change the SETTINGS IN THE FILE!!

$sitename, and $siteaddress

To call the function, use the following code in your skin php.

<script language="Javascript1.2">document.write('<a href="javascript:void(0)" onclick=window.open("http://***URL***/skins/**SKINNAME***/recommend.php?loc='+window.location.href+'","","he ight=280,width=260,top=150,left=200,toolbar=no,men ubar=no,location=no,status=no,resizable=1"); title="Recommend this to a friend" class="style2">Send to a Friend</a>');</script>

NOTE - You will need to change the URL Path

Have fun

Thanks Thomas,

Ok, everyone Please Please Please add this code to the recommend page:
This will stop any spambots using the script to mass email.
This code should be put in the <?php ?> tags, before any of the declarations.

// start anti injection

// First, make sure the form was posted from a browser.
****// For basic web-forms, we don&#39;t care about anything
****// other than requests from a browser&#58;**
****if&#40;&#33;isset&#40;&#036;_SERVER&#91;&#39;HTTP_USER_AGENT&#39;&#93;&#41;&#41;{
****** header&#40;&#34;HTTP/1.0 403 Forbidden&#34;&#41;;
****** die&#40;&#34;Forbidden - You are not authorized to view this page&#34;&#41;;
****** exit;
****}
****
****// Make sure the form was indeed POST&#39;ed&#58;
****//**&#40;requires your html form to use&#58; action=&#34;post&#34;&#41;
****if&#40;&#33;&#036;_SERVER&#91;&#39;REQUEST_METHOD&#39;&#93; == &#34;POST&#34;&#41;{
****** header&#40;&#34;HTTP/1.0 403 Forbidden&#34;&#41;;
****** die&#40;&#34;Forbidden - You are not authorized to view this page&#34;&#41;;
****** exit;**
****}

****// Attempt to defend against header injections&#58;
****&#036;badStrings = array&#40;&#34;Content-Type&#58;&#34;,
************************ &#34;MIME-Version&#58;&#34;,
************************ &#34;Content-Transfer-Encoding&#58;&#34;,
************************ &#34;bcc&#58;&#34;,
************************ &#34;cc&#58;&#34;&#41;;
****
****// Loop through each POST&#39;ed value and test if it contains
****// one of the &#036;badStrings&#58;
****foreach&#40;&#036;_POST as &#036;k =&#62; &#036;v&#41;{
****** foreach&#40;&#036;badStrings as &#036;v2&#41;{
********** if&#40;strpos&#40;&#036;v, &#036;v2&#41; &#33;== false&#41;{
************** header&#40;&#34;HTTP/1.0 403 Forbidden&#34;&#41;;
************** die&#40;&#34;Forbidden - You are not authorized to view this page&#34;&#41;;
********** }
****** }
****}


Also, for the <form method =blah blah
you can use this instead:
&#60;form method=&#34;post&#34; action=&#34;&#60;?php echo &#036;_SERVER&#91;&#39;PHP_SELF&#39;&#93;; ?&#62;&#34;&#62;

Thanks THomas, hope this helps some more&#33;

awsome.

I was wondering why the script didnt have that. Good find.

<div class='quotetop'>QUOTE(72dpi &#064; Jan 9 2006, 10&#58;29 PM) 2800</div>
Thanks Thomas,

Ok, everyone Please Please Please add this code to the recommend page:
This will stop any spambots using the script to mass email.
This code should be put in the <?php ?> tags, before any of the declarations.

// start anti injection

// First, make sure the form was posted from a browser.
****// For basic web-forms, we don&#39;t care about anything
****// other than requests from a browser&#58;**
****if&#40;&#33;isset&#40;&#036;_SERVER&#91;&#39;HTTP_USER_AGENT&#39;&#93;&#41;&#41;{
****** header&#40;&#34;HTTP/1.0 403 Forbidden&#34;&#41;;
****** die&#40;&#34;Forbidden - You are not authorized to view this page&#34;&#41;;
****** exit;
****}
****
****// Make sure the form was indeed POST&#39;ed&#58;
****//**&#40;requires your html form to use&#58; action=&#34;post&#34;&#41;
****if&#40;&#33;&#036;_SERVER&#91;&#39;REQUEST_METHOD&#39;&#93; == &#34;POST&#34;&#41;{
****** header&#40;&#34;HTTP/1.0 403 Forbidden&#34;&#41;;
****** die&#40;&#34;Forbidden - You are not authorized to view this page&#34;&#41;;
****** exit;**
****}

****// Attempt to defend against header injections&#58;
****&#036;badStrings = array&#40;&#34;Content-Type&#58;&#34;,
************************ &#34;MIME-Version&#58;&#34;,
************************ &#34;Content-Transfer-Encoding&#58;&#34;,
************************ &#34;bcc&#58;&#34;,
************************ &#34;cc&#58;&#34;&#41;;
****
****// Loop through each POST&#39;ed value and test if it contains
****// one of the &#036;badStrings&#58;
****foreach&#40;&#036;_POST as &#036;k =&#62; &#036;v&#41;{
****** foreach&#40;&#036;badStrings as &#036;v2&#41;{
********** if&#40;strpos&#40;&#036;v, &#036;v2&#41; &#33;== false&#41;{
************** header&#40;&#34;HTTP/1.0 403 Forbidden&#34;&#41;;
************** die&#40;&#34;Forbidden - You are not authorized to view this page&#34;&#41;;
********** }
****** }
****}
Also, for the <form method =blah blah
you can use this instead:
&#60;form method=&#34;post&#34; action=&#34;&#60;?php echo &#036;_SERVER&#91;&#39;PHP_SELF&#39;&#93;; ?&#62;&#34;&#62;

Thanks THomas, hope this helps some more&#33;
[/b]
will this work on all contact forms etc inside sd?

sorry could get it to work if I included it in a custom plugin, but nothing....anyways.......if my above post could be answered, that would be great. I&#39;m looking for the other links on sd.com site to find what code to add. not sure if its included in future release or not or to updated plugins.

Hi terminator,

I will have a play. I haven&#39;t added it as yet, but would recommend that you perhaps save the above code as stopthespam.php into a folder called "scripts" or something.

Then just use via an include:

include &#39;stopthespam.php&#39;;

i will have a play with it later to see if it mucks up the contact form. i don&#39;t think it will, as I have used this on many forms with no issues. perhaps a "pro&#39;s opinion on this would be appreciated?

I was able to get it to work but the css was all messed up, way small text etc...I added it as a custom plugin and included the file, however trying to figure out how to edit it a bit.....

The spam code was added to it before I uploaded...right now Its all removed to test site for more evalutation

hmm. ok works fine for me

(tell a friend / recommend script)

Has anyone made this into a plugin, secure, tried and tested?

Hey Mondala,
If you can wait 2 weeks, HeavyEddie is going to help me release it.
It will have full admin capabilities, and spam prevention, such as Image verification.

I have my wedding comin up, so gotta prepare speech, get 2 jobs out etc.

Stay tuned mate, will be worth the wait&#33;

I&#39;m sure it will be worth the wait, thanks to both of you for all your great work.