Forum Moderators: coopster
<script language="javascript" src="website.com/templates/js.tpl"></script>
<style type="text/css">
<!--
.style6 {font-size: 16px}
.style7 {
font-size: 14px;
font-weight: bold;
color: #000000;
}
-->
</style>
<a name="write-comment"></a>
<div class="componentheading">Bu konu hakkında yorum yapınız </div>
<p style="font-size: 10px"><a class="style7" style="cursor: pointer; cursor: hand;" onclick="javascript:showhide2('hideshow');"><img src="http://website.com/images/edit.gif" width="19" height="17" />yorum yazmak için tıklayınız... </a></p>
<div align="center" class="style6" id="hideshow" style="display: none;" name="hideshow">
<form action="index.php" method="post" name="adminForm" id="adminForm" onsubmit="return validateForm( this,true,true,false,true,0)"><br />
<br />
Adınız: <br />
<input type="text" name="name" style="width:300px;" class="inputbox" value="{MYNAME}" validate="blank" emsg="Lütfen adınızı giriniz!"><br />
E-mail adresiniz: <br />
<input type="text" name="email" style="width:300px;" class="inputbox" value="{MYEMAIL}" validate="email¦1" emsg="Lütfen e-mail adresinizi giriniz!"><br />
Konu oylamanız:<br />
<span class="content_vote">
Çok kötü
<input type="radio" alt="vote 1 star" name="user_rating" value="1" />
<input type="radio" alt="vote 2 star" name="user_rating" value="2" />
<input type="radio" alt="vote 3 star" name="user_rating" value="3" />
<input type="radio" alt="vote 4 star" name="user_rating" value="4" />
<input type="radio" alt="vote 5 star" name="user_rating" value="5" checked="checked" />
Çok iyi</span>
<br /><br />
Yorumunuz: <br />
<textarea name="comment" id="comment" cols="50" rows="7" class="inputbox" validate="blank" emsg="Lütfen yorumunuzu giriniz!" onkeydown="javascript:sinirla(this)" onkeyup="javascript:sinirla(this)"></textarea>
</p>
<p>
<input type="text" size="5" id="kalan" name="kalan" value="140">
</p>
<table border=0 cellspacing=3 cellpadding=0 class="smiletoolbar">
<tr>
<td onClick="javascript:emo('B)');" style="cursor:pointer;"><img src="components/com_combomax/images/bigsmile-smiley.gif" width="15" height="15" alt="" border="0"></td>
<td onClick="javascript:emo(':(');" style="cursor:pointer;"><img src="components/com_combomax/images/blue-smiley.gif" width="15" height="15" alt="" border="0"></td>
<td onClick="javascript:emo(':)');" style="cursor:pointer;"><img src="components/com_combomax/images/happy-smiley.gif" width="15" height="15" alt="" border="0"></td>
<td onClick="javascript:emo(':laugh:');" style="cursor:pointer;"><img src="components/com_combomax/images/laughing-smiley.gif" width="15" height="15" alt="" border="0"></td>
<td onClick="javascript:emo(':sad:');" style="cursor:pointer;"><img src="components/com_combomax/images/sad-smiley.gif" width="15" height="15" alt="" border="0"></td>
<td onClick="javascript:emo(':q:');" style="cursor:pointer;"><img src="components/com_combomax/images/question.gif" width="15" height="15" alt="" border="0"></td>
<td onClick="javascript:emo(':thumbup:');" style="cursor:pointer;"><img src="components/com_combomax/images/thumbsup.gif" width="15" height="15" alt="" border="0"></td>
<td onClick="javascript:emo(':thumbdown:');" style="cursor:pointer;"><img src="components/com_combomax/images/thumbsdown.gif" width="15" height="15" alt="" border="0"></td>
<td onClick="javascript:emo(':clown:');" style="cursor:pointer;"><img src="components/com_combomax/images/clown.gif" width="15" height="15" alt="" border="0"></td>
<td onClick="javascript:emo('[b] [/b]');" style="cursor:pointer;"><strong>BOLD</strong></td>
<td onClick="javascript:emo('[quote] [/quote]');" style="cursor:pointer;">"QUOTE"</td>
<td onClick="javascript:emo('[u] [/u]');" style="cursor:pointer;"><U>UNDERLINE</U></td>
</tr>
</table>
<input type="submit" name="pressbutton" value="Gönder" style="width: 100px;" class="button">
<input type="reset" class="button" value="Formu Temizle" />
<input type="hidden" name="option" value="com_combomax" />
<input type="hidden" name="contentid" value="{CONTENTID}" />
<input type="hidden" name="task" value="preview" />
</form>
</div>
<br />
[edited by: dreamcatcher at 12:20 pm (utc) on Nov. 23, 2006]
[edit reason] Generalized url. [/edit]
There is a great thread in our library [webmasterworld.com] titled Combatting Webform Hijack [webmasterworld.com]. This is a good starting point to learn about what you want to do.
I keep saying this but I really do like dreamcatcher's solution: have the user sum a couple numbers together and then validate it.
Good luck!
e.g.:
[google.com...]
I think the better solution is to turn the table.
Instead of making humans proof they are not machines (which invariable leads to problem with e.g. visually challenged people and advances in AI). Have machines proof they are machines and do things humans would not do.
E.g.: The SANS Internet Storm Center ran a story on using additional input fields that are hidden by using CSS. Humans would not even see the fields, let alone fill them out with URLs.
[isc.sans.org...] [hoping SANS is authoritative enough on security issues.] Otherwise you'll have to dig through the archive to find this.
Use a system similar to dc's one
Check that user's input is the input expected
Do not allow CC & BCC
Make sure that the form is only submitted once
Implement a ban IP per country system
etc...
it's all in hard work... not in a trick
actually I don't think that applies in this case. IU actually really like the hidden field way. You give it a really common name so it looks required.
you just ditch anything that includes that field. Tedster and I were talking about this last week at pubcon.
And will try it with a bunch of hidden fields such as Subject and even including CC and BCC :)
Further to test it before ditching the spam tentative and exit() I will load it in a DB so I’ll know how many kills I had!
My (Small) problem is that I need to find how to make those invisible by using CSS) what should I use? something like having BG and Text same color?
display: none;will do the trick. :)
However I see myself being a frequent WC3 CSS lurker!
You saved me a trip :)
