If a code snippet were inserted at the head of the ‘sendmail.php’ file, so that it would not execute unless the file were accessed only from the web page where the form is located, perhaps hackers would not be able to find it and abuse it to send out thousands of spam messages from an innocent party’s server.
Does such a code snippet exist? If not, is there another way to prevent the ‘sendmail.php’ from being found?