Reply to Re: form processing spammed

Your name:

Reply:


Posted by Mazin07 on 09/20/05 05:21

Justin Koivisto wrote:
> cmcnaught wrote:
>
>>Hi,
>>I have a form processing script which sends an email in response to a
>>(separate) form submittal. All the input validation is done client
>>side javascript. Recently the processing script has been hijacked by
>>someone calling it with random email addresses in $_POST['email'] thus
>>generating a lot of spurious email spam. I can think of a few ways to
>>reduce the possibility of this but I'm posting this to see if I can get
>>some ideas on the best way to secure. I'd like to check the processing
>>page was called from the form page but I understand that
>>$SERVER['HTTP_REFERER'] is not reliable. Hidden variables are easily
>>revealed, I'm thinking of using a cookie or a session id. Any
>>comments/ideas?
>>cj
>>

Many sites use the typical picture challenge, with the obscured random
text. That is probably an easy solution. It's not hard to call up GD
and mess up an image.

Don't use javascript check.

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация