close ad
Databridge V2 with MySQLi support IS Now Available!
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Spam Issue

Thread began 1/31/2012 11:10 am by Martin | Last modified 3/21/2012 2:45 pm by Jason Byrnes | 1314 views | 9 replies |

Martin

Spam Issue

Greetings,

I built a website over 1.5 years ago using Form Builder 1.0. The form URL is at:

appointment.php

My client just reports to me the other day that for the first time they received a spam email generated by this form .

It looks like the spammer filled out all the right fields.

Any idea how they might have gotten past the Captcha script and the hidden form validation?

Thanks,
Martin

Sign in to reply to this post

Jason ByrnesWebAssist

captcha validation is in place to prevent automated scripts from filling in the form and sending spam.

it cannot prevent a malicious person form filling in the form and sending the spam though. not all spam is sent by the same method. It is not really possible to prevent a person from filling in the form manually with spam content.

Sign in to reply to this post

Martin

Thanks Jason! I thought that was the case...

Sign in to reply to this post

Roland Rogers

Martin - you may want to double check the validation on the captcha field of your clients form. I am having a similar issue where it requires a value and will alert if it is empty but allows a non matching string of characters. This will allow a script to send spam through the form.

I am looking in to how to change this since it allows it out of the box. I know I came across a way to check the code to prevent a form submission if the codes do not match. If I find it I will let you know.

Sign in to reply to this post

Jason ByrnesWebAssist

@roland: Can you send a copy of your page please so I can examine the code.

Sign in to reply to this post

Roland Rogers

Sorry Jason - just seeing this now. Here is a link of a form created with Form Builder and the Captcha does not validate against the image. It does validate against a blank value.



wholesale.php

Sign in to reply to this post

Jason ByrnesWebAssist

i need you to send a copy of the wholesale.php page in a zip archive so i can examine the code.

Sign in to reply to this post

Roland Rogers

Sorry for another delay - I do not have email alerts on this - need to set that!
Here is the zip. Thanks for any assistance you can provide for why the captcha is not validating.

The form was set up using presets that I thought were pretty standard.

Attached Files
wholesale.zip
Sign in to reply to this post

toms016390756

Originally Said By: Jason Byrnes
  captcha validation is in place to prevent automated scripts from filling in the form and sending spam.

it cannot prevent a malicious person form filling in the form and sending the spam though. not all spam is sent by the same method. It is not really possible to prevent a person from filling in the form manually with spam content.  



The only thing you can do is make it time consuming so its not worthwhile to complete…however then your real users will be discouraged too.

if someone can up with a solution to eliminate all spam they will be the next bill gates




Sign in to reply to this post

Jason ByrnesWebAssist

your page is missing the server validation server behavior.

go to Window -> Server Behaviors, then click the plus button and select WebAssist -> Validation -> Server Validation

for the validation type, select Like Entry. next to the server variable, click the lightning bolt and select the Registration_group_field form element, when you click the plus button to add it, you will be prompted to select the comparison variable, select the captcha_Registration_group_field_2 session variable.

Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...