TOPIC:

Spam getting past custom validation 8 months 2 days ago #252840

  • tihana.krivic's Avatar
  • tihana.krivic
  • Offline
  • Moderator
  • Moderator
  • Posts: 6888
  • Karma: 3
  • Thanks: 492
Hi,

you can use the Begin Submit Piece (your form->Advanced->More options->Submit pieces->Begin Submit->check custom) of your form to catch from values and to create your own validation rules. Here is a small example of what it could look like:
$this->execPieceByName('ff_InitLib');
$value1 = ff_getSubmit('nameofyourelement');
if($value1 == 'I\'m a bot'){
echo 'Wrong data';
exit();
}

Hope this helps

Regards,
Tihana

Please Log in or Create an account to join the conversation.

Spam getting past custom validation 8 months 1 day ago #252868

  • Topic Author
  • zeroalpha
  • Offline
  • Fresh Breezer
  • Fresh Breezer
  • Posts: 11
  • Thanks: 1
Thank you so much :):):)

So basically if the spammer can defeat the client side javascript I can make the same validation in php so the server also checks my form elements using the same regular expressions.

Here is my regular expression converted to php:
$this->execPieceByName('ff_InitLib');
$value1 = ff_getSubmit('data');
$value2 = ff_getSubmit('username');
if(!preg_match("/^[a-z][a-z0-9.,:\/\\'+=\-?\n\s]*$/i",$value1) || preg_match("/(http|www|html|.ru|.com|.net|href)/",$value1)){
echo 'Spam Error: Go directly to jail; do not pass go, do not collect $200';
exit();
}
if(!preg_match("/^[a-z][a-z0-9.,:\/\\'+=\-?\n\s]*$/i",$value2) || preg_match("/(http|www|html|.ru|.com|.net|href)/",$value2)){
echo 'Spam Error: Go directly to jail; do not pass go, do not collect $200';
exit();
}

Hopefully my syntax is correct. Lets see if it works.

Please Log in or Create an account to join the conversation.

Spam getting past custom validation 8 months 1 day ago #252872

  • tihana.krivic's Avatar
  • tihana.krivic
  • Offline
  • Moderator
  • Moderator
  • Posts: 6888
  • Karma: 3
  • Thanks: 492
Hi,

the code looks ok.
Did you test it?

Regards,
Tihana

Please Log in or Create an account to join the conversation.

Spam getting past custom validation 8 months 14 hours ago #252928

  • Topic Author
  • zeroalpha
  • Offline
  • Fresh Breezer
  • Fresh Breezer
  • Posts: 11
  • Thanks: 1
I only tested to make sure the form still works. I'm not l33t enough to bypass the javascript. I'll wait and see if the spam stops and report back

Please Log in or Create an account to join the conversation.

  • Page:
  • 1
  • 2
Moderators: ForumSupport
Time to create page: 0.046 seconds

BreezingForms Pro 1.4.7 for WordPress Released!

Available in the membership section.

September Discount!

Massive discounts on all subscriptions!

Get Your Subscription Here

Quick Links

Downloads

BreezingForms

ContentBuilder

BreezingCommerce

Templates

Documentation

BreezingForms

ContentBuilder

BreezingCommerce

Apprendre BreezingForms (French Community)

Apprendre et maîtriser BreezingForms par des tutoriels et exemples, le tout en français

breezingforms.eddy-vh.com

Questions et réponses sur les forums de l'AFUJ

AFUJ

Special Offer

Summer Sale! All subscriptions at a special price!

Includes prio support, all of our current and future Joomla!® extensions and Joomla!® templates for the duration of your membership.

Get it from here

3rd Party Discount - 25% Off

We help you to keep your costs under control. If you are a new member and purchased a form building tool from a different form vendor, then you'll get a 25% discount on our subscription plans.

How to receive the discount:

Send us a quick email to sales@crosstec.org with a proof of purchase (for example a paypal receipt), await payment instructions and enjoy your membership!