Quote:
Originally Posted by reebene
I have hotel site which uses an online booking form. It's written in expression web.
There is an area for special requests i.e. disabled facilities, extra beds, cot etc.
I constantly get spam mail on it.
Trying to make up a form which covers all the eventualities with buttons or lists doesn't seem to cover all the questions people ask, so I'd rather keep the text area if I can.
Does anyone know a way to prevent the spammers using it?
Ree
|
You need to lock down your forms. You can use a capta system or you can have a photo be displayed and ask the user what it is
in the photo like a cat or a dog. The scripts at green-beast.com might be good but it has problems I see right away.
Never send or allow the script to send a copy to the users email because spammers will use it to send spam to other users using your form.
Hard code all headers To: From: Subject: Do not enter any data into these fields from your contact form because spammers can inject code into the headers and take control of your mailer and send spam to others. You can try to trap the injected code but you may miss something better safe than sorry.
Put the senders from address and subject line inside the body of the message. And hard code your email address into the To and from lines.
What the others said about having dummy fields is also a great ideal.