I'm the webmaster for a not-for-profit canine rescue in Florida. We have an online application form that until recently has worked very well; however, our president/founder, who receives the forms via email, has received two applications where the blanks have been filled in with the links to pornography sites. Does anyone know of a way to filter the submission of specific words on the form? I'm pulling my hair out, here

What you're going to want is a good image verification system (makes some random letters and number, then the user has to enter them in. It fools porn link bots), theres lots of tutorials on how to make your own in PHP, or you can download premade scripts somewhere..

Pixel2Life.com has some good tutorials on making your own Image Verfication system tutorials.

I don't know about any premade ones off the top of my head.



Also, if it was a person posting these things, theres not a lot you can do.

Also;

I would would and an else statement that will verify that none of the forms have a link with http://*/* that would be good

Hey John, can you explain this? Not sure what you're trying to say here. I only know very basic HTML, so you kinda need to go into a little detail.

How can I tell if it's a bot doing this? Only 5 or 6 of the blanks have been filled in with the porno links. I don't know how the bots work.

Quote:

has received two applications where the blanks have been filled in with the links to pornography sites.

Tell him to join the real world. You put a form out there, some s*** will put a porn link in the form. It is part of the cost of doing business. Just delte them and move on.

It's true ... any form online could publish the results, so people send their pet robots around the web looking for opportunities to spam. It's not just porn, you'll wind up drug offers, shady stock deals, gambling, and so on.

You can change your form to not let something through if it has a link of any kind, but that might be a bad idea. I've done volunteer work for the local animal shelter, and sent them an email that included a link to my site - I was doing photography for their new arrivals. You could set your form up to blacklist certain domains, which is more work, and at least a little bit of maintenance.

If you use a software solution, make sure you consider false positives. I'd rather get an occasional spam email than miss one from a friend, and it sounds more dire in your case.

I don't know if you're using a blogging platform or whatever, but I run a wordpress blog and have never recieved spam because of the included askimet plugin.

Here's their site: http://akismet.com/

It's a great service.

I hope that helps!

Long story short - you will require some type of server-side technology (PHP or ASP scripting for example) to either filter (regex) or implement captcha (image verification) on user input data.

I apologize I thought I was in the php forum maybe this will help if you use php or Javascript

Javascript is probably easier if you don't know php or have the capability

Quote:

Originally Posted by ForrestCroce

You can change your form to not let something through if it has a link of any kind.

This is exactly what I want to do. Can you tell me how to go about it, or tell me where I can find instructions? Thanks!

Quote:

Originally Posted by flygirl1113

This is exactly what I want to do. Can you tell me how to go about it, or tell me where I can find instructions? Thanks!

How to do it depends on how you're sending the form. Is it just a simple mail form made with HTML only, or do you use some server-side script to send it as an e-mail? If you use e.g. PHP or JSP you could verify the post data using that. Otherwise I guess you'd want to use javascript - make a function that verify all the data, and call this function when the submit button is pressed.
See http://www.chipchapin.com/WebTools/J...ample1-05.html for more info on how to do it. That tutorial does not do exactly what you want to do but the principle is the same. If you're not that confident writing javascript perhaps you can find a better example or a script for this purpose. Good luck

probably should use server side and save the word that you don't want to have in the database, and then use them to check each of the parsed words on the submitted form

Most "porn bots" can read images. The best thing to do is have an image that says "What's two times two" and have them answer the q!!!!!!

Does your host support PHP? Send me a pvt message and include the form. I will create a php form for you, and give you instructions on how to upload it to your site.

I normally don't do free stuff, but I strongly support the work of animal welfare organizations. I donate money to ASPCA and time to two local rescues here in Atlanta. I'll do this for you.

Quote:

Originally Posted by flygirl1113

This is exactly what I want to do. Can you tell me how to go about it, or tell me where I can find instructions? Thanks!

Without seeing the URL in question, I can't say.

If there's a message body field ( like in most email, blog comments, discussion forums, and so on ) then you get that in a string variable when the user clicks submit.

In asp.net you would use syntax like:

if(messageBody.Contains("http://") || messageBody.Contains("https://"))
Response.End();

or:

If messageBody.Contains("http://") OrElse messageBody.Contains("https://") Then Response.End()

In asp it would be more like:

If mid$(messageBody, "http://") > 0 Or mid$(messageBody."https://") Then Response.End

In php, cold fusion, or any other server side technology, you want to add some processing like that to the beginning of what happens when the form is submitted.

You could send down a message like "Sorry no links are allowed." before ending the page. If you think they're robots, you could send down a moved permanently or not authorized error. The smarter ones will try again in a week or two, then give up for good.