Reply to Contact Form Spam

Your name:

Reply:


Posted by Shelly on 01/24/08 01:31

I have a contact form. On this form there is a randomly generated
string of characters that must be copied. If it is not typed
properly, the form is not processed. If filled out correctly, an
email is sent to the sender and a copy to the owner. All of the
sending is done in php and no email addresses appear on the form (nor
in the view source). Everything is done in php.

What is happening is that junk filled forms are being sent and they
are bypassing the security code requirement. To see what was
happening, I included both the generated and typed codes in the email
that is sent. When I fill it out, the email contains matching codes.
The spam email has empty fields.

Finally, I changed the form yesterday to include those security code
echos. Today's spam has the changed form.

Questions:
1 - How are they accessing the the code to generate these emails?
2 - How are they bypassing the check of the security code?
3 - Most importantly, what can I do to stop them?

Shelly

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация