Forum Moderators: phranque
I have several websites that use a simple contact form.
They are all on shared windows hosting.
They are simple HTML sites that post to an asp form handler provided by GoDaddy to send the contact info to my email.
My users are non-technical and have no reason to put links or any HTML code in the contact form fields.
How can I easily block this with my limited programming knowlege? Is there something I can write in the form to exclude <> etc from the fields? Or do I need a javascript etc? SSL is beyond me and my my hosting ability.
Specifics would be VERY helpful.
Thanks
[edited by: phranque at 7:56 am (utc) on April 10, 2009]
[edit reason] hosting specifics [/edit]
You could set up rules in your email client to delete them automatically. For instance, delete any email that contains link=http url=http etc.
If you want to stop the emails being sent in the first place, the method used will have to depend on the form script itself - javascript won't help in this instance. Since you are using a formmail script provided by your host, you'll need to ask their advice. You may also find an answer in the FAQ section if they have one.
Kaled.
