I thought I'd share a handy tip here, for anyone who has some sortof "contact us" page on their website. Put this on the page that shows your "contact us" form: [set post_allowed]1[/set] Put this at the top of your form catcher page (mv_nextpage):[if !scratch post_allowed] [bounce page="spam_trap"][/if]With the above in place, nobody can create a script to emulate the form and automatically post junk unless (1) the script first makes a visit to the actual form, and (2) makes use of the session ID in their subsequent visit to your mv_nextpage. Ordinary users will notbe affected by this at all.The "spam_trap" page should send something incriminating to an abuse log. For instance, you should log the scumbag's IP address, the message text and the content of all of the other fields prompted for by your form. A short message in the error.log file is also a good idea.
Useful stuff Kevin! I'll be using it in my contact page :) CU,
Gert _______________________________________________ interchange-users mailing list suppressed http://www.icdevgroup.org/mailman/listinfo/interchange-users
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.