BluegrassGardener Posted September 10, 2006 Share Posted September 10, 2006 It's been ages since I set up this script for our contact page (http://www.bluegrassgardens.com/contact.html). I have been noticing a lot of "form submission" emails being forward to our main email address lately and am trying to figure out what is going on. I just tested it and NO contact mail is being forwarded on to us. Just the blank "form submission" emails. I have updated the page a few times with FrontPage, so therein could be the cause. Or I was wondering if I have done something in the control panel that could affect the script and what it could be. I haven't touched any of that code manually since I made that page and frankly, I have forgotten how the whole thing works. All I remember was that it was a pain in the butt to get it all working correctly. I believe there are several differeant scripts working together here. You might be able to tell better than I if you look in the source. The sendit.php (http://www.bluegrassgardens.com/sendit.php) looks like it maybe shouldn't be doing what it's doing, but I don't know if it's supposed to do that or not when you access it directly. Just looking for a little help here to see if I can get these scripts working correctly again. Appreciate any help...... Quote Link to comment Share on other sites More sharing options...
TCH-Rick Posted September 10, 2006 Share Posted September 10, 2006 If it has been a while since the script was added I would strongly suggest either deleting it and adding a new one or at the very least check with whoever wrote the script and update it to the latest version. Problems may be due to incompatibility with newer versions of PHP. There are folks out there that love to look for old versions of contact us type scripts and use security holes in them to try and spam. Quote Link to comment Share on other sites More sharing options...
BluegrassGardener Posted September 11, 2006 Author Share Posted September 11, 2006 I've updated the scripts, but still not working. Any suggestions? Quote Link to comment Share on other sites More sharing options...
BluegrassGardener Posted September 11, 2006 Author Share Posted September 11, 2006 so basically what I'm seeing is that the form is sending the email, just not sending any information along with it. Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted September 11, 2006 Share Posted September 11, 2006 Where did you get the script from? Quote Link to comment Share on other sites More sharing options...
BluegrassGardener Posted September 11, 2006 Author Share Posted September 11, 2006 www.dtheatre.com/scripts/formmail.php Quote Link to comment Share on other sites More sharing options...
abinidi Posted September 11, 2006 Share Posted September 11, 2006 If I were you, I'd look into a different form script. Another forum I follow has people constantly complaining about the security issues present in formmail.php. Apparently it is easy to inject header information into the form, which can compromise your account, bog down your server, and get your account suspended. I'm not saying this is GOING to happen to you, I'm just warning you that it MIGHT. Anyway, good luck. Quote Link to comment Share on other sites More sharing options...
BluegrassGardener Posted September 12, 2006 Author Share Posted September 12, 2006 Thanks all. I'm working on using another one supplied by a fellow member of the forum. I appreciate all of your help. Quote Link to comment Share on other sites More sharing options...
click Posted September 12, 2006 Share Posted September 12, 2006 If I were you, I'd look into a different form script. Another forum I follow has people constantly complaining about the security issues present in formmail.php. Apparently it is easy to inject header information into the form, which can compromise your account, bog down your server, and get your account suspended. I'm not saying this is GOING to happen to you, I'm just warning you that it MIGHT. You can't really go by the name of the script; There are dozens of different scripts named formmail.php. From a quick look at the source to the script they were using, it looks like it should be secure against header injections. Quote Link to comment Share on other sites More sharing options...
TCH-JimE Posted September 13, 2006 Share Posted September 13, 2006 As the script is based on Matt's Formmail.php (apparentley the arguments are the same) which has alot of security problems, this script is banned. Can I please suggest you find something else and remove the script as soon as possible. Many thanks JimE Quote Link to comment Share on other sites More sharing options...
click Posted September 13, 2006 Share Posted September 13, 2006 Matt's Formmail is a Perl script. I don't think this script is based on it at all. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.