You can download it from here.

The code generated in the captcha will only contain alphabetic capitals between A & Z, which is stronger, I’m not a security expert but 26⁶ is a higher number than 10⁶. Instead of the javascript validation, it only uses server side validation. The boxes will get a red border to indicate if there was something wrong in there. This indication can be easily expanded in the source, maybe I’ll add that later. The code comparison will happen in a session, so no client side hacking possible.

Next big thing I did was the email validation check with regular expressions, I’ll talk more about that later. This validation should be foolproof and even checks if the domain has MX records. Check out the function, it should be reusable in any project using PHP 4 or newer, please include credits. Code released under Creative Commons Attribution-Share Alike 2.0 Belgium License

function check_email($email) {
	//Function written by Jeroen Op 't Eynde - XprsYrslf.be
	//Creative Commons Attribution-Share Alike 2.0 Belgium License
	//Pattern from: http://fightingforalostcause.net/misc/2006/compare-email-regex.php
	$pattern = "/^[-a-z0-9~!$%^&*_=+}{\'?]+(\.[-a-z0-9~!$%^&*_=+}{\'?]+)*@([a-z0-9_][-a-z0-9_]*(\.[-a-z0-9_]+)*\.(aero|arpa|biz|com|coop|edu|gov|info|int|mil|museum|name|net|org|pro|travel|mobi|asia|cat|jobs|tel|[a-z][a-z])|([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))(:[0-9]{1,5})?$/i";
	if (function_exists('checkdnsrr')){
		list($user,$domain) = split('@',$email);
		if(preg_match($pattern,$email) && checkdnsrr($domain,"MX")) return $email; //Linux: PHP 4.3.0 & Windows: PHP 5.3.0
		else return false;
	} else {
		if(preg_match($pattern,$email)) return $email; //PHP 4 or 5
		else return false;
	}
}

I thank Alexandre De Dommelin & Ian Dunn for the regex research.

As I said, I’ve added a few features to the email that makes it more usable for different website’s. List of features:

• Date of Submission
• Server’s Name (or Website’s Name)
• IP address of person using the form
• URL of page containing the form

Like in the original plugin by Eazeenet, you can add <!–contact form–> anywhere you want to put it. But now it puts it exactly where you put the tag and not only below the text of that page.

That’s it. You can see an example of the contact form here. You are free to test it with any hate mail you want. Any bugs and/or features can be reported as a reply to this post or via the contact form, of course.

Fortunately, there was a simple plugin that solved this quickly:  XHTML to XML plugin. You can find more about the above issues on that page. For use in this website, I added 2 lines of my own, to turn onclick=”this.target=’something’”  in  onclick=”this.target=’something’”.

<?php
  ...
  $xhtml[5] = '/target="([_A-Za-z]+)"/';
  ...
  $html[5] = 'onclick="this.target=\'$1\'"';
  ...
?>

Thanks and credits go to John Kilroy.