Jump to content

Recommended Posts

Posted

Sorry, I have no script to recommend but please keep in mind that it is your responsibility to make sure the script processing your form is secure and does not allow injection headers to be inserted.

Posted

Whichever you choose to use make sure it has some anti spam capability such as CAPTCHA. I wrote a basic contact form for a client of mine (a small local company) and they stated receiving spam emails from it. Luckily I just slapped my captcha code from Lazarus into it.

 

I am actually in the middle of updating their site and am rewriting the contact form to use database sessions for added anti spam measures as well as storing all sent emails in the database in case they get deleted or lost on route.

Posted

While I am not TCH Staff, I thought I would chime in.

I found the following contact form with captcha HERE.

 

It is a nice clean form that is easy to implement. The link shows you what the output looks like, the code, and the 4k download to get the files.

 

Has anyone else used this? Any known problems?

 

Pray tell.

Posted

Hmm, getting CAPTCHA to work was pretty simple. :)

My understanding is that CAPTCHA prevents a flood of garbage submissions from the form.

 

My question is, does that prevent the page scanners from picking up the email address embedded in the script? If not, what can one do to prevent that?

 

BTW i used the CAPTCHA information off of http://www.captcha.biz and altered it to work with my already built contact us form.

  • 4 weeks later...
Posted

I've been using code that I got back in the 90s for my contact form, and it hasn't gotten too much spam (even without a Captcha). You can see two versions of it at http://guest.svvg.biz and http://contact.svpocketpc.com if you're interested (the second one is the better of the two).

 

I did start getting some obvious spam where the spammers were stupid and used the same name for the first, middle and last name fields, so I put a check for that in (and redirected them to a hopefully nasty page).

 

I can't make any claims about the code's security, but if anybody wants to see it, use the contact forms above and request it. (It's written in PERL and works fine on TCH.) If you find a security issue, I'd be interested in hearing about it.

 

Steve

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...