homepage Welcome to WebmasterWorld Guest from 23.22.97.26
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / Microsoft / Microsoft IIS Web Server and ASP.NET
Forum Library, Charter, Moderators: ocean10000

Microsoft IIS Web Server and ASP.NET Forum

    
Email validation on form
dazz




msg:4552092
 1:30 pm on Mar 7, 2013 (gmt 0)

Having a problem. Thanks to Staffa my contact forms are working a treat, only problem is that im getting quite alot of spam so im thinking of adding some sort of email validation just to check the form is filled in correctly.

I tried adding -

if isEmailValid(Request.Form("Email")) = true then
'#### Send your email
else
'#### Email was invalid, give the user an error
response.write "Invalid email address"
end if

Function isEmailValid(email)
Set regEx = New RegExp
regEx.Pattern = "^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w{2,}$"
isEmailValid = regEx.Test(trim(email))
End Function

But nothing really happend and I was still able to send myself a blank form with nothing filled in on the Email box.

Can anyone give me any clues of a code or where to put it on my sendmail.asp script?

Thanks
Darren

 

Staffa




msg:4552850
 11:52 am on Mar 9, 2013 (gmt 0)

Are you using asp .net or classic asp ?

regEx appears to be related to .net with which I am not familiar. I can help for classic asp

dazz




msg:4552856
 12:44 pm on Mar 9, 2013 (gmt 0)

Its just a sendmail.asp...im presuming its classic? This is my sendmail code which you helped to get it work!

<%
Set objCdoCfg = Server.CreateObject("CDO.Configuration")

objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") ="x"
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 0
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusername") = "x"
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendpassword") = "x"
objCdoCfg.Fields.Update

mBody = "Info sent :" & vbcrlf & vbcrlf
mBody = mBody & "TourOperator : " & Request.Form("TourOperator") & vbcrlf
mBody = mBody & "Tour_Name : " & Request.Form("Tour_Name") & vbcrlf
mBody = mBody & "Date_Day : " & Request.Form("Date_Day") & vbcrlf
mBody = mBody & "Date_Month : " & Request.Form("Date_Month") & vbcrlf
mBody = mBody & "Date_Year : " & Request.Form("Date_Year") & vbcrlf
mBody = mBody & "Nights : " & Request.Form("Nights") & vbcrlf
mBody = mBody & "No_of_days : " & Request.Form("No_of_days") & vbcrlf
mBody = mBody & "Passengers : " & Request.Form("Passengers") & vbcrlf
mBody = mBody & "Adults : " & Request.Form("Adults") & vbcrlf
mBody = mBody & "Children : " & Request.Form("Children") & vbcrlf
mBody = mBody & "Depart : " & Request.Form("Depart") & vbcrlf
mBody = mBody & "Destination : " & Request.Form("Destination") & vbcrlf
mBody = mBody & "Accommodation : " & Request.Form("Accommodation") & vbcrlf
mBody = mBody & "Resort : " & Request.Form("Resort") & vbcrlf
mBody = mBody & "Board : " & Request.Form("Board") & vbcrlf
mBody = mBody & "Name : " & Request.Form("Name") & vbcrlf
mBody = mBody & "Telephone : " & Request.Form("Telephone") & vbcrlf
mBody = mBody & "Email : " & Request.Form("Email") & vbcrlf
mBody = mBody & "Comments : " & Request.Form("Comments") & vbcrlf
mBody = mBody & "Privileged : " & Request.Form("Privileged") & vbcrlf
mBody = mBody & "Cruise_Name : " & Request.Form("Cruise_Name") & vbcrlf
mBody = mBody & "Cabin : " & Request.Form("Cabin") & vbcrlf
mBody = mBody & "Child1 : " & Request.Form("Child1") & vbcrlf
mBody = mBody & "Child2 : " & Request.Form("Child2") & vbcrlf
mBody = mBody & "Child3 : " & Request.Form("Child3") & vbcrlf
Set objCdoMessage = Server.CreateObject("CDO.Message")
Set objCdoMessage.Configuration = objCdoCfg
objCdoMessage.From = "myemail"
objCdoMessage.To = "myemail"
objCdoMessage.Subject = "Form"

'Add the email body text
objCdoMessage.TextBody = mBody

On Error Resume Next

'Send the email
objCdoMessage.Send
Response.Redirect("success.htmthing")

'Check if an exception was thrown
If Err.Number <> 0 Then
'Response.Write "<FONT color=""Red"">Error: " & Err.Description & " (" & Err.Number & ")</FONT><br/>"
Else
Response.Write "<FONT color=""Green"">The email has been sent to Hessle Travel " & sendTo & ".</FONT>"
End If

'Dispose of the objects after we have used them
Set objCdoMessage = Nothing
Set objCdoCfg = Nothing
Set FSO = nothing
Set TextStream = Nothing
%>

All I want to do is to get it so people have to enter an email address with a @ and a dot etc...im suffering from quite alot of spam!

Thanks again
Darren

Staffa




msg:4552915
 8:22 pm on Mar 9, 2013 (gmt 0)

Assuming that sendmail.asp is the page that your form posts to when the user clicks the send button, then replace the content with :

<%
Form_Email = Trim(Replace(Request.Form("Email"),"""",""""""))

Validated_Form = true

IF len(Form_Email)<6 OR InStr(Form_Email,"@")=0 OR InStr(Form_Email,".")=0 THEN
Validated_Form = false
END IF

IF NOT Validated_Form THEN

Response.Write "Error. Please click Back in your browser and add a valid email address"

ELSE

Set objCdoCfg = Server.CreateObject("CDO.Configuration")

objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") ="x"
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 0
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusername") = "x"
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendpassword") = "x"
objCdoCfg.Fields.Update

mBody = "Info sent :" & vbcrlf & vbcrlf
mBody = mBody & "TourOperator : " & Request.Form("TourOperator") & vbcrlf
mBody = mBody & "Tour_Name : " & Request.Form("Tour_Name") & vbcrlf
mBody = mBody & "Date_Day : " & Request.Form("Date_Day") & vbcrlf
mBody = mBody & "Date_Month : " & Request.Form("Date_Month") & vbcrlf
mBody = mBody & "Date_Year : " & Request.Form("Date_Year") & vbcrlf
mBody = mBody & "Nights : " & Request.Form("Nights") & vbcrlf
mBody = mBody & "No_of_days : " & Request.Form("No_of_days") & vbcrlf
mBody = mBody & "Passengers : " & Request.Form("Passengers") & vbcrlf
mBody = mBody & "Adults : " & Request.Form("Adults") & vbcrlf
mBody = mBody & "Children : " & Request.Form("Children") & vbcrlf
mBody = mBody & "Depart : " & Request.Form("Depart") & vbcrlf
mBody = mBody & "Destination : " & Request.Form("Destination") & vbcrlf
mBody = mBody & "Accommodation : " & Request.Form("Accommodation") & vbcrlf
mBody = mBody & "Resort : " & Request.Form("Resort") & vbcrlf
mBody = mBody & "Board : " & Request.Form("Board") & vbcrlf
mBody = mBody & "Name : " & Request.Form("Name") & vbcrlf
mBody = mBody & "Telephone : " & Request.Form("Telephone") & vbcrlf
mBody = mBody & "Email : " & Request.Form("Email") & vbcrlf
mBody = mBody & "Comments : " & Request.Form("Comments") & vbcrlf
mBody = mBody & "Privileged : " & Request.Form("Privileged") & vbcrlf
mBody = mBody & "Cruise_Name : " & Request.Form("Cruise_Name") & vbcrlf
mBody = mBody & "Cabin : " & Request.Form("Cabin") & vbcrlf
mBody = mBody & "Child1 : " & Request.Form("Child1") & vbcrlf
mBody = mBody & "Child2 : " & Request.Form("Child2") & vbcrlf
mBody = mBody & "Child3 : " & Request.Form("Child3") & vbcrlf
Set objCdoMessage = Server.CreateObject("CDO.Message")
Set objCdoMessage.Configuration = objCdoCfg
objCdoMessage.From = "myemail"
objCdoMessage.To = "myemail"
objCdoMessage.Subject = "Form"

'Add the email body text
objCdoMessage.TextBody = mBody

'Send the email
objCdoMessage.Send

'Dispose of the objects after we have used them
Set objCdoMessage = Nothing
Set objCdoCfg = Nothing

END IF

IF Validated_Form THEN
Response.Write "<FONT color=""Green"">The email has been sent to Hessle Travel.</FONT>"
END IF
%>

---------------------------
PS : an explanation, if
len(Form_Email)<6 : length of email address is less than 6 characters, rejected. You can change that number to whatever suits you best
OR
InStr(Form_Email,"@")=0 : no @ in address, rejected. The 0 is a zero
OR
InStr(Form_Email,".")=0 : no dot in address, rejected. The 0 is a zero

I have taken some lines out of the original text which had no bearing on the content

dazz




msg:4553041
 11:08 am on Mar 10, 2013 (gmt 0)

Your a star Staffa, ill try that code tomorrow!

Thanks
Darren

dstiles




msg:4553190
 8:34 pm on Mar 10, 2013 (gmt 0)

Banning spam from forms is a complex operation. I have a fairly effective anti-spam trap on my server now (approx 22K of code held in a "library"), coded in classic ASP (with regex!). It verifies email address format (which is necessary even for real postings: some people are rubbish at typing email addresses!). It also blocks on IP ranges, countries (if you don't want indian or chinese spam), and known "bad" words (not just obscene or swearing but products as well) in subjects, body and sigs. I limit lengths depending on type of form and block URLs from subject and body.

And important: If you block a form, write its contents to a "log" file along with date, time, IP and other info: sometimes a blocked form is actually valid and sometimes important.

dazz




msg:4553348
 9:28 am on Mar 11, 2013 (gmt 0)

Yeh its been a nightmare this form...cant believe how complicated a simple form can be! The form is working fine thanks to Staffa and if the spam gets alot worse will have to look at other options...hopefully with this new validation code should be down to 2-3 a day..i can cope with that!

Thanks again guys for all the help.
Darren

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Microsoft / Microsoft IIS Web Server and ASP.NET
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved