HomeDesigning Your WebsiteWebmaster's Corner

Safe Non Spam Web Forms

surfdog posted this at 07:10 — 25th September 2005.

They have: 3 posts

Joined: Sep 2005

Hello...

I am new here and found the forum after many hours of unsuccesful attempts at resolving a web form problem.

My web development knowledge is limited to Dreamweaver MX and HTML. I had a couple of web sites hosted on GoDaddy and another on another Web Hosting companies servers. For the sites on GoDaddy, I created web forms using Dreamweaver MX. GoDaddy has you point (FORM ACTION) your form to their php file "gdform.php". I followed the instructions and it worked great.

The other company where I had a site hosted had a script installer and offered CGIEMAIL. I used it, and read the instuctions and they had you point to "cgiemail.cgi". Again, it worked great.

After two months, both ALL of my forms (using the php and cgi form handlers) were being filled out many times each day and each form field had an email address in the field which did not exist, but was my domain name. For instance, each form field was filed out with [email protected]. I ignored it for about a week, but then as I read about it "web form spam" and "email injection in web forms", it was clear that spammers were suing my forms to send out spam emails by "bcc-ing" somehow. The recommendation from what I read was rename your files that include the words form or email. I did that and it continued. Many postings said take down your forms. The only solutions I could find were complex patches that I did not understand. My forms have been taken down.

Is there a safe web form, one that simply sends form results to me and me alone. Or can they all be comprimised at this time. If there is a safe alternative or patch, is it something that I can use being familiar with Dreamweaver or HTML...or will I need knowledge of something else.

Thanks in advance.

Surfdog

Busy posted this at 11:13 — 25th September 2005.

Busy's picture

He has: 6,151 posts

Joined: May 2001

In PHP use $_GET and $_POST to validate input.

If you have PHP you don't need a 3rd party script, PHP has built in mail function so you can do the lot yourself.
hotscripts.com has a large selection of ready to use forms for most things, just be sure to use GET or POST depending on your form action (better to use POST)

surfdog posted this at 19:35 — 25th September 2005.

They have: 3 posts

Joined: Sep 2005

Busy,

Thank you! I went to hotscripts.com and email-form.com appealed to me as a non-php user. My server supports PHP, but you have to install your own form handler, they just offered CGIEMAIL which was a spam target. I have emailed them some basic questions, and will post my experience here once set up.

Again, your direction is greatly appreciated.

SD

Busy posted this at 22:45 — 25th September 2005.

Busy's picture

He has: 6,151 posts

Joined: May 2001

If you get stuck or have any questions ... That's what we're here for Smiling
good luck

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.