All posts by PF

Simple PHP contact form with Google reCaptcha

PHP, , , ,

So, *everyone* needs a simple form to send emails, via PHP, but we also need a protection agains bots/spammers.
This is code that i’v grabbed from codeforgeek and improved since the original had a few errors that made it impossible to run/work/send email.

It uses Google reCaptcha and you need to register you site/domain on it and grab the site key and the secret key.

The form already has twitter bootstrap classes… but you can remove them! 🙂

The form.php – at the begin
<?php
	$to      = '[email protected]';
	$subject = 'Support Message';

	// keys from Google reCaptcha https://www.google.com/recaptcha/admin
	$sitekey = 'recaptcha_site_key';
	$secretkey = 'recaptcha_secret_key';

	$alert = '';
	if ($_SERVER['REQUEST_METHOD'] == 'POST')
	{
		$email;$message;$captcha;
		if(isset($_POST['email']))
        			$email=$_POST['email'];
		        if(isset($_POST['message']))
        			$message=$_POST['message'];
			if(isset($_POST['g-recaptcha-response']))
        		$captcha=$_POST['g-recaptcha-response'];

	        	if(!$captcha)
        		$alert = '<div class="alert alert-warning" role="alert">Please wait until the captcha protection give you a check mark.</div>';

        	$response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret='.$secretkey.'&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']));

		if($response->success==false)
		{
			/* lets set the error message for the alert... */
			if ($alert=='')
				$alert = '<div class="alert alert-danger" role="alert">Some how you have been detected has a spammer.</div>';
        	}
		else
		{
			/* the email to you */
			$headers = 'From: '.$to.'' . "\r\n" .
                	'Reply-To: '.$email.'' . "\r\n" .
                	'X-Mailer: PHP/' . phpversion();
            		mail($to, $subject, $message, $headers);
			/* the copy of the email to the *client* */
			$headers = 'From: '.$email.'' . "\r\n" .
				'Reply-To: '.$to.'' . "\r\n" .
				'X-Mailer: PHP/' . phpversion();
			mail($email, 'COPY - '. $subject, $message, $headers);
			/* lets set the success message for the alert... */
			$alert = '<div class="alert alert-success" role="alert">Your email has been sent.</div>';
        	}
	}
?>
The html form
<?=$alert?>
<form id="comment_form" action="" method="post">
	<input name="email" type="email" placeholder="Type your email" size="40" class="form-control" value="<?=@$email?>" ><br><br>
	<textarea name="message" rows="8" cols="39" class="form-control"  placeholder="Your message to us..." ><?=@$message?></textarea><br>
	<div class="g-recaptcha" data-sitekey="<?=$sitekey?>"></div><br>
	<input type="submit" name="submit" value="Send message" class="btn btn-default"><br>
</form>

Some where at the bottom/footer…

<script src='https://www.google.com/recaptcha/api.js'></script>

 

Hope it helps anyone! 🙂

Daily stats January 2014 – October 2015 of three of my blogs

Metrics, Sh*ts

Daily stats January 2014 – October 2015
1,780,602 Total page views
811,951 Total visitors
718,178 First time visitors
2.19 Page views per visit
88.4% New visitors ratio

exportflaPNGss

1,546,692 Total page views
823,968 Total visitors
728,652 First time visitors
1.87 Page views per visit
88.4% New visitors ratio

exportflaPNGsh

1,164,327 Total page views
629,861 Total visitors
560,493 First time visitors
1.84 Page views per visit
88.9% New visitors ratio

exportflaPNGspt

Esoterica – acesso externo ao MySQL em alojamentos partilhados

Hosting, ,

Em ‘tuguês…
básicamente é o seguinte:

Boa tarde,

Informamos que o acesso externo ao MySQL em alojamentos partilhados Esoterica encontra-se bloqueado por questões de segurança.

A gestão da base de dados deverá ser efectuado através do phpMyAdmin disponível no painel de controlo da sua conta de alojamento.

Se necessitar de esclarecimentos adicionais não hesite em contactar-nos.

Cumprimentos,

Setting up my MOTD on a Ubuntu 14.04.3 LTS

Linux, Ubuntu,

Some of my servers have a fancy motd…
I like them… unfortunately my new server didn’t had it.

I had to run

apt-get install landscape-common
dpkg-reconfigure landscape-common

On dkpg-reconfigure I’v selected Run sysinfo on every login.

Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-63-generic x86_64)

* Documentation: https://help.ubuntu.com/
You have new mail.
Last login: Fri Oct 23 10:28:37 2015 from es2-84-XXX-XXX-XXX.netvisao.pt

System information as of Fri Oct 23 10:28:59 CEST 2015

System load: 0.06 Processes: 245
Usage of /: 81.9% of 411.33GB Users logged in: 1
Memory usage: 9% IP address for em0: 195.154.XXX.XXX
Swap usage: 0%

Graph this data and manage this system at:
https://landscape.canonical.com/
pjrfigueiredo@sd-48392:~$

To have the number of updates/security updates we need to run the following apt-get command….

sudo apt-get install update-notifier-common

This way we will see also

20 packages can be updated.
8 updates are security updates.

11354348_10153193542464733_1315224652_n

DigitalOcean droplets used to ssh force entry

DigitalOcean, ,

Today I was watching my fail2ban logs, on one of my servers and found a DigitalOcean ip trying to brute force via SSH.

2015-10-18 18:08:07,471 fail2ban.actions: WARNING [ssh] Ban 46.101.227.169

IP WHOIS

inetnum: 46.101.128.0 - 46.101.255.255
netname: EU-DIGITALOCEAN-DE1
descr: Digital Ocean, Inc.
country: DE
org: ORG-DOI2-RIPE
admin-c: BU332-RIPE
tech-c: BU332-RIPE
status: ASSIGNED PA
mnt-by: digitalocean
mnt-lower: digitalocean
mnt-routes: digitalocean
mnt-domains: digitalocean
created: 2015-06-03T01:15:35Z
last-modified: 2015-06-03T01:15:35Z
source: RIPE # Filtered

Since, I have 3 droplets @ digitalocean, decided to use their support to see what will they do about it…

Captura de ecrã 2015-10-18, às 17.51.04

Breaking the PageSpeed Barrier with Bootstrap

Metrics, , ,

I recently had the pleasure to listen to Ilya Grigorik give a talk at Velocity in NYC on Breaking the 1000ms Mobile Barrier. During the talk, Ilya usedPageSpeed Insights to demonstrate that several high profile websites had overlooked some very simple and common optimizations and resulted in poor PageSpeed scores. For the unfamiliar, Pagespeed Insights is a web based tool created by Google that analyzes the content of a web page, then generates suggestions to make that page faster.

After Ilya’s talk ended, I started to think more about why performance always seems to be an afterthought with developers. As I pondered this thought, I kept coming back to the following question:

How hard is it to get a perfect PageSpeed Insights score?