Welcome to WebmasterWorld Guest from 54.147.44.13

Forum Moderators: ocean10000

Message Too Old, No Replies

Email validation on form

     
1:30 pm on Mar 7, 2013 (gmt 0)

Preferred Member

10+ Year Member

joined:May 15, 2002
posts: 542
votes: 0


Having a problem. Thanks to Staffa my contact forms are working a treat, only problem is that im getting quite alot of spam so im thinking of adding some sort of email validation just to check the form is filled in correctly.

I tried adding -

if isEmailValid(Request.Form("Email")) = true then
'#### Send your email
else
'#### Email was invalid, give the user an error
response.write "Invalid email address"
end if

Function isEmailValid(email)
Set regEx = New RegExp
regEx.Pattern = "^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w{2,}$"
isEmailValid = regEx.Test(trim(email))
End Function

But nothing really happend and I was still able to send myself a blank form with nothing filled in on the Email box.

Can anyone give me any clues of a code or where to put it on my sendmail.asp script?

Thanks
Darren
11:52 am on Mar 9, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 24, 2002
posts:894
votes: 0


Are you using asp .net or classic asp ?

regEx appears to be related to .net with which I am not familiar. I can help for classic asp
12:44 pm on Mar 9, 2013 (gmt 0)

Preferred Member

10+ Year Member

joined:May 15, 2002
posts: 542
votes: 0


Its just a sendmail.asp...im presuming its classic? This is my sendmail code which you helped to get it work!

<%
Set objCdoCfg = Server.CreateObject("CDO.Configuration")

objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") ="x"
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 0
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusername") = "x"
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendpassword") = "x"
objCdoCfg.Fields.Update

mBody = "Info sent :" & vbcrlf & vbcrlf
mBody = mBody & "TourOperator : " & Request.Form("TourOperator") & vbcrlf
mBody = mBody & "Tour_Name : " & Request.Form("Tour_Name") & vbcrlf
mBody = mBody & "Date_Day : " & Request.Form("Date_Day") & vbcrlf
mBody = mBody & "Date_Month : " & Request.Form("Date_Month") & vbcrlf
mBody = mBody & "Date_Year : " & Request.Form("Date_Year") & vbcrlf
mBody = mBody & "Nights : " & Request.Form("Nights") & vbcrlf
mBody = mBody & "No_of_days : " & Request.Form("No_of_days") & vbcrlf
mBody = mBody & "Passengers : " & Request.Form("Passengers") & vbcrlf
mBody = mBody & "Adults : " & Request.Form("Adults") & vbcrlf
mBody = mBody & "Children : " & Request.Form("Children") & vbcrlf
mBody = mBody & "Depart : " & Request.Form("Depart") & vbcrlf
mBody = mBody & "Destination : " & Request.Form("Destination") & vbcrlf
mBody = mBody & "Accommodation : " & Request.Form("Accommodation") & vbcrlf
mBody = mBody & "Resort : " & Request.Form("Resort") & vbcrlf
mBody = mBody & "Board : " & Request.Form("Board") & vbcrlf
mBody = mBody & "Name : " & Request.Form("Name") & vbcrlf
mBody = mBody & "Telephone : " & Request.Form("Telephone") & vbcrlf
mBody = mBody & "Email : " & Request.Form("Email") & vbcrlf
mBody = mBody & "Comments : " & Request.Form("Comments") & vbcrlf
mBody = mBody & "Privileged : " & Request.Form("Privileged") & vbcrlf
mBody = mBody & "Cruise_Name : " & Request.Form("Cruise_Name") & vbcrlf
mBody = mBody & "Cabin : " & Request.Form("Cabin") & vbcrlf
mBody = mBody & "Child1 : " & Request.Form("Child1") & vbcrlf
mBody = mBody & "Child2 : " & Request.Form("Child2") & vbcrlf
mBody = mBody & "Child3 : " & Request.Form("Child3") & vbcrlf
Set objCdoMessage = Server.CreateObject("CDO.Message")
Set objCdoMessage.Configuration = objCdoCfg
objCdoMessage.From = "myemail"
objCdoMessage.To = "myemail"
objCdoMessage.Subject = "Form"

'Add the email body text
objCdoMessage.TextBody = mBody

On Error Resume Next

'Send the email
objCdoMessage.Send
Response.Redirect("success.htmthing")

'Check if an exception was thrown
If Err.Number <> 0 Then
'Response.Write "<FONT color=""Red"">Error: " & Err.Description & " (" & Err.Number & ")</FONT><br/>"
Else
Response.Write "<FONT color=""Green"">The email has been sent to Hessle Travel " & sendTo & ".</FONT>"
End If

'Dispose of the objects after we have used them
Set objCdoMessage = Nothing
Set objCdoCfg = Nothing
Set FSO = nothing
Set TextStream = Nothing
%>

All I want to do is to get it so people have to enter an email address with a @ and a dot etc...im suffering from quite alot of spam!

Thanks again
Darren
8:22 pm on Mar 9, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 24, 2002
posts:894
votes: 0


Assuming that sendmail.asp is the page that your form posts to when the user clicks the send button, then replace the content with :

<%
Form_Email = Trim(Replace(Request.Form("Email"),"""",""""""))

Validated_Form = true

IF len(Form_Email)<6 OR InStr(Form_Email,"@")=0 OR InStr(Form_Email,".")=0 THEN
Validated_Form = false
END IF

IF NOT Validated_Form THEN

Response.Write "Error. Please click Back in your browser and add a valid email address"

ELSE

Set objCdoCfg = Server.CreateObject("CDO.Configuration")

objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") ="x"
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 0
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusername") = "x"
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendpassword") = "x"
objCdoCfg.Fields.Update

mBody = "Info sent :" & vbcrlf & vbcrlf
mBody = mBody & "TourOperator : " & Request.Form("TourOperator") & vbcrlf
mBody = mBody & "Tour_Name : " & Request.Form("Tour_Name") & vbcrlf
mBody = mBody & "Date_Day : " & Request.Form("Date_Day") & vbcrlf
mBody = mBody & "Date_Month : " & Request.Form("Date_Month") & vbcrlf
mBody = mBody & "Date_Year : " & Request.Form("Date_Year") & vbcrlf
mBody = mBody & "Nights : " & Request.Form("Nights") & vbcrlf
mBody = mBody & "No_of_days : " & Request.Form("No_of_days") & vbcrlf
mBody = mBody & "Passengers : " & Request.Form("Passengers") & vbcrlf
mBody = mBody & "Adults : " & Request.Form("Adults") & vbcrlf
mBody = mBody & "Children : " & Request.Form("Children") & vbcrlf
mBody = mBody & "Depart : " & Request.Form("Depart") & vbcrlf
mBody = mBody & "Destination : " & Request.Form("Destination") & vbcrlf
mBody = mBody & "Accommodation : " & Request.Form("Accommodation") & vbcrlf
mBody = mBody & "Resort : " & Request.Form("Resort") & vbcrlf
mBody = mBody & "Board : " & Request.Form("Board") & vbcrlf
mBody = mBody & "Name : " & Request.Form("Name") & vbcrlf
mBody = mBody & "Telephone : " & Request.Form("Telephone") & vbcrlf
mBody = mBody & "Email : " & Request.Form("Email") & vbcrlf
mBody = mBody & "Comments : " & Request.Form("Comments") & vbcrlf
mBody = mBody & "Privileged : " & Request.Form("Privileged") & vbcrlf
mBody = mBody & "Cruise_Name : " & Request.Form("Cruise_Name") & vbcrlf
mBody = mBody & "Cabin : " & Request.Form("Cabin") & vbcrlf
mBody = mBody & "Child1 : " & Request.Form("Child1") & vbcrlf
mBody = mBody & "Child2 : " & Request.Form("Child2") & vbcrlf
mBody = mBody & "Child3 : " & Request.Form("Child3") & vbcrlf
Set objCdoMessage = Server.CreateObject("CDO.Message")
Set objCdoMessage.Configuration = objCdoCfg
objCdoMessage.From = "myemail"
objCdoMessage.To = "myemail"
objCdoMessage.Subject = "Form"

'Add the email body text
objCdoMessage.TextBody = mBody

'Send the email
objCdoMessage.Send

'Dispose of the objects after we have used them
Set objCdoMessage = Nothing
Set objCdoCfg = Nothing

END IF

IF Validated_Form THEN
Response.Write "<FONT color=""Green"">The email has been sent to Hessle Travel.</FONT>"
END IF
%>

---------------------------
PS : an explanation, if
len(Form_Email)<6 : length of email address is less than 6 characters, rejected. You can change that number to whatever suits you best
OR
InStr(Form_Email,"@")=0 : no @ in address, rejected. The 0 is a zero
OR
InStr(Form_Email,".")=0 : no dot in address, rejected. The 0 is a zero

I have taken some lines out of the original text which had no bearing on the content
11:08 am on Mar 10, 2013 (gmt 0)

Preferred Member

10+ Year Member

joined:May 15, 2002
posts: 542
votes: 0


Your a star Staffa, ill try that code tomorrow!

Thanks
Darren
8:34 pm on Mar 10, 2013 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member dstiles is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:May 14, 2008
posts:3091
votes: 2


Banning spam from forms is a complex operation. I have a fairly effective anti-spam trap on my server now (approx 22K of code held in a "library"), coded in classic ASP (with regex!). It verifies email address format (which is necessary even for real postings: some people are rubbish at typing email addresses!). It also blocks on IP ranges, countries (if you don't want indian or chinese spam), and known "bad" words (not just obscene or swearing but products as well) in subjects, body and sigs. I limit lengths depending on type of form and block URLs from subject and body.

And important: If you block a form, write its contents to a "log" file along with date, time, IP and other info: sometimes a blocked form is actually valid and sometimes important.
9:28 am on Mar 11, 2013 (gmt 0)

Preferred Member

10+ Year Member

joined:May 15, 2002
posts: 542
votes: 0


Yeh its been a nightmare this form...cant believe how complicated a simple form can be! The form is working fine thanks to Staffa and if the spam gets alot worse will have to look at other options...hopefully with this new validation code should be down to 2-3 a day..i can cope with that!

Thanks again guys for all the help.
Darren