Welcome to WebmasterWorld Guest from 50.19.156.133

Forum Moderators: phranque

Message Too Old, No Replies

Code to Exclude HTML Hacks from Contact Forms

Could use help with code example to exclude HTML responses

     

BigAdventure

3:39 am on Apr 9, 2009 (gmt 0)

5+ Year Member



I don't mind occasional form garbage, but I am worried about scams to insert code or backlinks through my contact forms.

I have several websites that use a simple contact form.

They are all on shared windows hosting.

They are simple HTML sites that post to an asp form handler provided by GoDaddy to send the contact info to my email.

My users are non-technical and have no reason to put links or any HTML code in the contact form fields.

How can I easily block this with my limited programming knowlege? Is there something I can write in the form to exclude <> etc from the fields? Or do I need a javascript etc? SSL is beyond me and my my hosting ability.

Specifics would be VERY helpful.

Thanks

[edited by: phranque at 7:56 am (utc) on April 10, 2009]
[edit reason] hosting specifics [/edit]

kaled

10:46 pm on Apr 9, 2009 (gmt 0)

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member



If the forms are merely posted as email, then the links are harmless - you can safely ignore them.

You could set up rules in your email client to delete them automatically. For instance, delete any email that contains link=http url=http etc.

If you want to stop the emails being sent in the first place, the method used will have to depend on the form script itself - javascript won't help in this instance. Since you are using a formmail script provided by your host, you'll need to ask their advice. You may also find an answer in the FAQ section if they have one.

Kaled.

BigAdventure

2:16 am on Apr 10, 2009 (gmt 0)

5+ Year Member



Thanks for the advice Kaled :o)
 

Featured Threads

Hot Threads This Week

Hot Threads This Month