| View previous topic :: View next topic |
| Author |
Message |
Eric T
Helper Bee
Joined: 10 Dec 2002
Posts: 284
Location: California
|
 Posted: Wed Aug 19, 2009 1:59 pm Post subject: Ok need some help again.... |
 |
|
I have a contact form that keeps getting spam, like this:
I have JavaScript validation on the form when it submits, so I think they
are just hitting the php file to send the email.
Here's what I have added to try and stop this, but it is not working...
| Code: |
if($_POST["name"] == "" && $_POST["fromform"] != "" && $_POST["fromform2"] != "sent")
{
echo '<script>';
echo 'top.location.href="index.html";';
echo '</script>';
}else{
$name = $_POST["name"];
$phone = $_POST["phone"];
$email_addy = $_POST["email_add"];
$company = $_POST["company"];
$message_1 = $_POST["message"];
if(!ereg("^[0-9]{3}-[0-9]{3}-[0-9]{4}$", $phone)) {
echo '<script>';
echo 'top.location.href="index.html";';
echo '</script>';
}
|
I don't think the phone check code is any good, but still haven't found other code to use...
Anyway, any help would be greatly appreciated....
_________________
http://www.tincanwebdesign.com |
|
| Back to top |
|
 |
^WingNut^
Site Admin
Joined: 09 Nov 2002
Posts: 1138
Location: Oklahoma, USA
|
| Posted: Wed Aug 19, 2009 6:33 pm Post subject: |
|
|
All the script is doing is adding a JavaScript redirect to the results page. What you need to do is stop the form from sending the email. An idea that a brilliant HiveMinder (I believe it was Chlucy) had a while back to help prevent spam registrations on these forums was to add a hidden field to the form with no value. Since spambots typically fill out all fields in a form and humans will never fill in a hidden field (unless they're trying to hack the form), you just check the hidden field for having *any* value and reject the form submission if it does.
Regardless, including JavaScript in your attempts to thwart the spambots will usually be a futile effort.
Hope this helps!
_________________
^WingNut^
If at first you don't succeed, skydiving is not for you... |
|
| Back to top |
|
|
Eric T
Helper Bee
Joined: 10 Dec 2002
Posts: 284
Location: California
|
| Posted: Wed Aug 19, 2009 6:47 pm Post subject: |
|
|
Yeah, I tried the blank field with "fromform" I have it check to make sure it is blank and I also added a "fromform2" which I set a value to try to see if they would change that...
It just seems that right now, no matter what I try, I keep getting the spam...
I didn't included the email code stuff... Just the code I am trying to use to get it to kick back to the index page...
_________________
http://www.tincanwebdesign.com |
|
| Back to top |
|
|
^WingNut^
Site Admin
Joined: 09 Nov 2002
Posts: 1138
Location: Oklahoma, USA
|
| Posted: Wed Aug 19, 2009 7:11 pm Post subject: |
|
|
Assuming the email code stuff follows what you put in without any conditions, it will execute regardless of any error checking you put in, because you are not stopping execution of the script. An example of valid error checking would be:
| Code: |
if ([data is invalid])
{
die("Spambots be gone!");
} else
{
sendEmail();
} |
The above is obviously pseudo-code, but it illustrates the point. You need to make sure the email code only executes if the data is valid.
_________________
^WingNut^
If at first you don't succeed, skydiving is not for you... |
|
| Back to top |
|
|
Eric T
Helper Bee
Joined: 10 Dec 2002
Posts: 284
Location: California
|
| Posted: Wed Aug 19, 2009 7:17 pm Post subject: |
|
|
I will say that 'I am sure that it is set NOT to execute if there is an error" but I know how many times I have said that before just to find out, dang did I really set it outside the brackets... anyway, I will check and let you know...
_________________
http://www.tincanwebdesign.com |
|
| Back to top |
|
|
Eric T
Helper Bee
Joined: 10 Dec 2002
Posts: 284
Location: California
|
| Posted: Thu Aug 20, 2009 8:11 pm Post subject: |
|
|
| Eric T wrote: | | I will say that 'I am sure that it is set NOT to execute if there is an error" but I know how many times I have said that before just to find out, dang did I really set it outside the brackets... anyway, I will check and let you know... |
yep email code outside the validation brackets... thank you, you know how many times I looked at that stupid bit of code...
just when you think your getting the hang of something...
anyway... thank you very much
_________________
http://www.tincanwebdesign.com |
|
| Back to top |
|
|
^WingNut^
Site Admin
Joined: 09 Nov 2002
Posts: 1138
Location: Oklahoma, USA
|
| Posted: Fri Aug 21, 2009 10:21 pm Post subject: |
|
|
No problem! I can't tell you how many times I've spent hours banging my head against the desk only to have somebody else glance at my code and say, "Well, THERE'S your problem!" - having a fresh set of eyes look at the problem makes all the difference  )
Its also interesting how many times the solution to a problem pops into your head when you clear your mind and think about something ELSE.
_________________
^WingNut^
If at first you don't succeed, skydiving is not for you... |
|
| Back to top |
|
|
chlucy
Dances with Penguins
Joined: 08 Nov 2002
Posts: 1564
|
| Posted: Sun Aug 23, 2009 9:16 pm Post subject: |
|
|
Glad to see the hidden field is still working!
And Eric, half the time, the only reason I know to look for certain errors is because I've spent countless hours staring at the code and have made the same stupid mistakes before. |
|
| Back to top |
|
|
Eric T
Helper Bee
Joined: 10 Dec 2002
Posts: 284
Location: California
|
| Posted: Sun Aug 23, 2009 11:34 pm Post subject: |
|
|
I often try the go and think about something else... thank you CoD2 
I try an not get to down when I make those stupid mistakes...
It is nice to know that there is a place to go, so that someone can point them out to me though.... lol
_________________
http://www.tincanwebdesign.com |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
