on my site i currently have a form where people can register to show interest.
The form is fairly simple and takes in quite a few bits of info. I process the form with php and send myself an email to let me know they hav registered.
Now, someone is, what seems to be running his own script on my register page. hes filling in all the fields with dummy information and generating lotsof registrations. So i keep getting lots of emails, and all these fake users.
I was wondering if there was anyway i could stop a particular ip address from continually using the form, or if anyone knew where i could find some sort of extra validation, like using those images with verification keys in them. SO an actual person has to sit down and fill them out.
I am going to include an email validation too, but this wont stop the script generating lots of dummy members.
Any help would be appreciated.
Cheers guys
Web Forms Being exploited
Moderator: General Moderators
Browse through the various captcha classes on phpclasses.org: http://www.google.com/search?q=site%3Ap ... %20captcha
I don't even like to bother with captcha, just require a user to signup with an email, and make them verify their email with a verification link before it finalizes their account, and sends you the email. Of course limiting an email to only one account, if you get an issue such as someone who writes a script to set up thousands of emails on their local MTA, you can ban their domain name
Otherwise you can just ban their subnet by IP. As to how to ban by IPs, look at $_SERVER
Otherwise you can just ban their subnet by IP. As to how to ban by IPs, look at $_SERVER
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact: