You are here: Re: form processing spammed « PHP Programming Language « IT news, forums, messages
Re: form processing spammed

Posted by Malcolm Dew-Jones on 10/08/01 11:26

cmcnaught (cmcnaught@gmail.com) wrote:
: Thanks Gordon,
: Good input.
: This form input is not used for the database at present, in other areas
: I use mysql_escape_string() or similar.
: I think HTTP_REFERER can easily be spoofed
: I am the reipient of the spam, the 'to' address is hidden, no problem
: for anyone else, its the return address which is being randomized with
: my domain name and posted into the form processor.
: I want to avoid login for this application, I have several other sites
: well protected with a encrypted password/session/cookie method.
: I'm now thinking of a hidden variable which is filled in on the
: onSubmit path from a javascript constant. That should make it a bit
: harder to figure out with a script. Maybe concatenated from several
: constants.
: What do you think?
: cj

You say you're being spammed, but if all the mail goes to you, what are
they trying to accomplish? (Serious question.)

Do they think they are spamming other people? Perhaps they are setting a
TO address (which you don't use) in the mistaken believe that they are
sending spam to those people. I ask because in that case you could check
for a bogus TO address even though you don't use it - simply to check when
the form is being targetted. I would check exactly what parameters they
are sending to you.



--

This programmer available for rent.

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация