Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

form being filled by an unknown

  • 24-04-2011 8:51pm
    #1
    Keller Bear
    Registered Users, Registered Users 2 Posts: 114 ✭✭


    I have a form on a website that i am building, and I am using cgi email. for the past few weeks since the page has been uploaded there is something filling in the form and putting in the number 1 so when i get the filled in form sent in email containing the visitors email I get "email? 1"

    note that I do have a javascript validation on it already.

    any suggestions that would stop this, I could put in a captcha but feel this would take from the style of the site.

    on a side maybe some suggestions/links to help switch this to a database more so than getting an email.

    please any help much appreciated.


Comments

  • #2
    daymobrew
    Registered Users, Registered Users 2 Posts: 6,570 ✭✭✭daymobrew


    Keller Bear wrote: »
    I have a form on a website that i am building, and I am using cgi email. for the past few weeks since the page has been uploaded there is something filling in the form and putting in the number 1 so when i get the filled in form sent in email containing the visitors email I get "email? 1"

    note that I do have a javascript validation on it already.

    any suggestions that would stop this, I could put in a captcha but feel this would take from the style of the site.

    on a side maybe some suggestions/links to help switch this to a database more so than getting an email.
    The person is likely not submitting the info via a browser so the Javascript validation is being skipped. You should implement the same validation in the CGI script.

    Is it all coming from the same IP address? If so, you could block it at the .htaccess level.

    To switch this to storing the info in a database you just change the CGI script to add the info to a database.


  • #3
    Keller Bear
    Registered Users, Registered Users 2 Posts: 114 ✭✭Keller Bear


    thanks for the reply daymobrew.

    i can give you the link to my page with the form using cgi if that would help.
    http://www.thepopuparthouse.com/gallery.html

    how would i implement the same validation in the cgi script?

    as for the same ip, well say if three spam emails were sent in a day it seems they all have the same ip, but if it was the following day the ip is different. so how would i go about blocking it then?

    finally how exactly do i go about changing CGI script to add the info to a database?

    I am a designer and the developer has left and the client is asking me to step in, please i could do with all the help i could get

    thanks


  • #4
    daymobrew
    Registered Users, Registered Users 2 Posts: 6,570 ✭✭✭daymobrew


    I am reluctant to recommend that you continue with cgiemail as it has security vulnerabilities.

    Also, implementing the Javascript validation in cgiemail would be difficult as it would require modifying the cgiemail source code. Can such validation be implemented via the email template? BTW, can you post your email template here.

    I use TecTite FormMail. It is a little messy to set up but it claims to have no security vulnerabilities.


Advertisement