[thelist] what's the hole in my contact form anti-spam?
Jon Molesa
rjmolesa at consoltec.net
Wed Sep 9 23:10:17 CDT 2009
*On Wed, Sep 09, 2009 at 08:50:43PM -0700 Joel Canfield <joel at bizba6.com> wrote:
> Date: Wed, 9 Sep 2009 20:50:43 -0700
> From: Joel Canfield <joel at bizba6.com>
> Subject: Re: [thelist] what's the hole in my contact form anti-spam?
> To: "thelist at lists.evolt.org" <thelist at lists.evolt.org>
>
> On Wed, Sep 9, 2009 at 7:20 PM, Roberto Gorjão
> <roberto at asenseofdesign.com>wrote:
>
> > You're missing the
> >
> > if($_POST['fettucine'] = 'wet') {
> >
> > on line 1, and another
> >
> > }
> >
> > at the end.
> >
> > Also, you're missing the "for" attributes in your label tags.
> >
> > Roberto
> >
> >
> Perhaps I was unclear. I'll try again.
>
> My form sends the value of a hidden field. If the response form doesn't
> receive that value for that field (as in, spammers access the form directly
> without adding that bit of info they can't know) the form won't process.
>
> Yet, we are getting spam, such as the sample I sent.
>
> How? Why? What logic error have I made which is allowing random spammers to
> access the back end, sending us trash emails, bypassing my logic?
They are including the hidden field as part of the submit.
>
> joel
> --
>
> * * Please support the community that supports you. * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
--
Jon Molesa
rjmolesa at consoltec.net
if you're bored or curious
http://rjmolesa.com
More information about the thelist
mailing list