Blocking spam emails in PrestaShop

As you know PrestaShop has been dreaded by a lot of spam issues recently. In this video we will see how to quickly block spam emails coming from the PrestaShop contact form

Watch the screencast

Let’s get started! Create a new php file in the override/controllers/front folder, and name it: ContactController.php and add the following inside php tags:


class ContactController extends ContactControllerCore
{
}

We need to latch into the postProcess method, so let’s extend it:

public function postProcess()
{
    if(Tools::isSubmit('submitMessage'))
    {
    }
}

We want to save the submitted message to a variable first, and then the email:

    	$message = Tools::getValue('message');
        $from = trim(Tools::getValue('from'))

Now to keep things tidy we will create two new arrays, one will contain the list of strings to ban from emails, the other the ones to ban from the content:


            $banned_in_email = ['.ru', 'qq.com', '.vn'];
            $banned_content = ['email marketing'];

Please Note: make sure you use strings that are related to the spam you are actually getting. I am getting spam from .ru, qq.com and .vn domains, so that’s what I am blocking. I also get a lot of emails containing “email marketing” in the text, and am unlikely to get anything real with that type of content.
Make sure you do not ban real customers!

We want to loop through both and spawn an error if anything is contained in the submitted variables:

            foreach ($banned_in_email as $string) {
                if(strstr($from, $string))
                    $this->errors[] = Tools::displayError('This email address is not allowed');
            }
            foreach ($banned_content as $string) {
                if(strstr($message, $string))
                    $this->errors[] = Tools::displayError('Invalid content');
            }

And that’s basically it, we just need to call the parent at the very end of the method:

parent::postProcess();

And we are done! Here is the complete override:

class ContactController extends ContactControllerCore
{
    public function postProcess()
    {
        if(Tools::isSubmit('submitMessage')) {

            $message = Tools::getValue('message');
            $from = Tools::getValue('from');

            $banned_in_email = ['.ru', 'qq.com', '.vn'];
            $banned_content = ['email marketing'];

            foreach ($banned_in_email as $string) {
                if(strstr($from, $string))
                    $this->errors[] = Tools::displayError('This email address is not allowed');
            }

            foreach ($banned_content as $string) {
                if(strstr($message, $string))
                    $this->errors[] = Tools::displayError('Invalid Content');
            }
        }
        parent::postProcess();
    }
}

Before you test, make sure you erase cache/class_index.php, so that the new override is loaded in the system.

You like the tuts and want to say "thank you"? Well, you can always feel free to donate:

You like the tuts and want to say "thank you"? Well, you can always feel free to donate:

Need Help?

Hire me