Page 1 of 1
unwanted form data
Posted: Fri Sep 22, 2006 10:44 pm
by kippy
I have been receiving unwanted spam ads, etc entered into a form that I have emailed to my own email address. ANy suggestions on how to stop the unwanted links and email addresses entered into this html form? I currently only have php autofilling certain fields, but I have to put a stop to this somehow, it is getting out of control. Thanks for the help...I am a newbie!!!
Posted: Fri Sep 22, 2006 10:46 pm
by Burrito
look into using captcha.
search this form for it, or hit up google.
Re: unwanted form data
Posted: Sat Sep 23, 2006 5:47 pm
by shiflett
kippy wrote:I have been receiving unwanted spam ads, etc entered into a form that I have emailed to my own email address.
It sounds like you have a security vulnerability, and it's being exploited to send spam from your server. I'd fix this as soon as possible, because you can get yourself blacklisted.
Show us your code. If you fix the security vulnerability, you'll remove the incentive.
Posted: Sat Oct 14, 2006 9:38 am
by kippy
I am fairly new to php but the form submits the input to a new php page which uses a simple insert to place the data into a table. I am sure one of my problems is my connect, I am using a require_once('mysql_connect.php'); but I am not sure on the best location for the mysql_connect.php to be placed. Also, there is currently no field validation to prevent against hacks. My concern is this, I have completely removed the form in question and I am still receiving these emails from the form stating the entered information. Any suggestions are greatly appreciated, if I receive one more medication or Adult ad thru my non-existant form I am going to go crazy. Thanks in advance!
Posted: Sat Oct 14, 2006 9:59 am
by feyd
Once the form is found, spammers don't need the form anymore to nail you.
Disable the script that's accepting the form submission until you can fix it. What that fix is, depends on your code and so forth. Post it. As Burrito said, look into using a captcha.
Posted: Sat Oct 14, 2006 5:33 pm
by kippy
The main thing I am using is
mail($to, $subject, $msg, $mailheaders);
but I currently do not ave any check in place to prevent the fields being mailed from including links and ads, etc.
Sorry, I know this is likely a simple fix if I have more of an idea as to what I was doing...(i am green)
Thanks again!