[FX.php List] Fwd: spam and php fmp sites

Bob Patin bob at patin.com
Thu Oct 18 13:51:00 MDT 2007

I use a validation routine, much like blog post pages do; it ensures  
that the forms are being submitted by humans, and has stopped that  
problem on my own and clients' sites.

I have a set of number images (one per digit); I create a 6 or 7- 
digit random number, which dictates what set of 6 or 7 number images  
are put together to form a single image. Then the user has to type in  
the number that he sees, which allows the post to be made.

Bob Patin
Longterm Solutions
bob at longtermsolutions.com
Member of FileMaker Business Alliance and FileMaker TechNet

      AIM or iChat: longterm1954
      Yahoo: longterm_solutions
      MSN: tech at longtermsolutions.com
      ICQ: 159333060

Contact us for FileMaker hosting for all versions of FileMaker
PHP • CDML • Full email services • Free DNS hosting • Colocation •  

On Oct 18, 2007, at 2:04 PM, Joel Shapiro wrote:

> Hi all
> I'm forwarding something from a local colleague.  He's got a site  
> that's getting hit with form submissions by spammers.
> He works for a school district.  The site is not meant for the  
> general public, although it is apparently publicly available and is  
> not password protected.
> Any quick suggestions for them?
> (Sorry the post is so long, but I figured I might as well forward  
> his whole message.)
> Thanks,
> -Joel
> Begin forwarded message:
>> Subject: spam and php fmp sites
>> Any suggestions on how to stop spam from being submitted on a PHP  
>> FileMaker
>> web registration solution, running on a Windows 2003 Server with  
>> FMAS9?
>> The solution does not ask for any password.  Users can hit it over  
>> the web.
>> I am not sure how spammers found it if not from webbots....
>> One of the functions of the solution is to allow users to send a  
>> suggestion
>> via email.  The user goes to a page where they fill in a  
>> suggestion text
>> field and hit a submit button which creates are record and  
>> generates an
>> email message with to a backend fmp user with the contents of the  
>> suggestion
>> field they filled out.
>> -------------Some spam is beig generated from this function where  
>> the emails
>> sent contain spam url's that heve been entered into the suggestion  
>> text
>> field.
>> Another function of the solution is where users can register for a  
>> workshop.
>> They choose a workshop from a list and then fill in their user  
>> information
>> and then click a "register" (submit) button which creates a new  
>> record in
>> the solution.  Spam URL's are appearing in the user background  
>> infomration
>> text fields from these bogus registrations.
>> I was thinking that if I required authentication from one account  
>> therefore
>> giving all users of the system the same password would prevent the  
>> spam.
>> or
>> The instead of FM authentication, make it look like there is a  
>> password
>> needed by giving out to all users a universal password which is  
>> actually
>> just a phrase they enter into a field when first entering the  
>> solution and
>> clicking on a submit button which does a search for that  
>> phrase...if the
>> phrase is not correct they are sent to an error page if it is  
>> found they are
>> taken to the registration menu.
>> Any ideas on how to stop this?  Is anyone encountering similar
>> problems...where spammers are filing out forms and submitting them  
>> with SPAM
>> content??
>> Thanks for your help!
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list

More information about the FX.php_List mailing list