× Form Help

Spambot nutzt Formular

  • mihaela
  • Away
  • Administrator
  • Administrator
  • Posts: 1938
  • Karma: 67
  • Thank you received: 234

mihaela replied the topic: Spambot nutzt Formular

Hello,

You have placed that script in the wrong place. This code:
function ff_badwords(element, message)
{
var badwords = /\b(badword1|badword2|badword3)\b/ig;
if (badwords.test(element.value)) {
if (message=='') message = element.name+" contains a spam word.\n";
ff_validationFocus(element.name);
return message;
} // if
return '';
} // ff_badwords
shouldn't be put in forms advanced options > more options > Form Pieces > Before Form.

That is a custom validation script that you could create and then choose it in Validation for an element in your form under Validation type > Library > Scripts.

Here is more detailed explanation where to put it.

Go to BreezingForms > Manage Scripts. In left-hand upper corner click on "New".
Then set it as follows:
Title: Check bad words
Published: Yes
Package: FF
Name: ff_badwords
Type: Element Validation.
In code area put the code:
function ff_badwords(element, message)
{
var badwords = /\b(badword1|badword2|badword3)\b/ig;
if (badwords.test(element.value)) {
if (message=='') message = element.name+" contains a spam word.\n";
ff_validationFocus(element.name);
return message;
} // if
return '';
} // ff_badwords
Save the new script and you should be able to use it as Validation script for a textfield elements that you want.

Let me know whether you understand what I am trying to explain.

Regards,

Mihaela
#234530
  • MrPaule68
  • Topic Author
  • Offline
  • Junior Boarder
  • Junior Boarder
  • Posts: 39
  • Thank you received: 0

MrPaule68 replied the topic: Spambot nutzt Formular

Hi Mihaela,

I am so sorry to spend so much, but it does not work.
I set up the script at BreezingForms> Manage Scripts.
function ff_badwords(element, message)
{
var badwords = /\b(iPhone|sex|sexual|Pills|trade|trader|Stress|$|Solutions)\b/ig;
if (badwords.test(element.value)) {
if (message=='') message = element.name+" contains a spam word.\n";
ff_validationFocus(element.name);
return message;
} // if
return '';
} // ff_badwords

Then I included the script in the form, text field "Anliegen" (the text field in which the badwords occur):

Validation
Type: Library
Script: ff_badwords (from selection box)
save

I emptied the cache. If I fill out the form and write a badword in the text field, send it, the mail arrives anyway.

Kind regards & Thanks
#234532
  • MrPaule68
  • Topic Author
  • Offline
  • Junior Boarder
  • Junior Boarder
  • Posts: 39
  • Thank you received: 0

MrPaule68 replied the topic: Spambot nutzt Formular

Sorry. My first answer a couple of minutes ago is not correct.
I recognized that the "$" in the badwords isn't good because the script blocked every word in the text field.
Now it works after removing the "$" - thank you.

Is there a possibility to combine two scrips.
The text field has to be a required field. Now only with the ff_badwords script it is possible to send the form without any entry in the text field.

Thanks a lot!
#234533
  • mihaela
  • Away
  • Administrator
  • Administrator
  • Posts: 1938
  • Karma: 67
  • Thank you received: 234

mihaela replied the topic: Spambot nutzt Formular

Hello again,

I'm glad that the script is now working and that you've found out that "$" has to be removed.

You can change the script so that it contains a validation for the field not to be empty as well:
function ff_badwords(element, message)
{
var badwords = /\b(badword1|badword2|badword3)\b/ig;
if ( element.value == "") {
if (message=='') message = "Please enter "+element.name+".\n";
ff_validationFocus(element.name);
return message;
}
if (badwords.test(element.value)) {
if (message=='') message = element.name+" contains a spam word.\n";
ff_validationFocus(element.name);
return message;
} // if
return '';
} // ff_badwords

If you don't want to change the original script because some fields for which you are planing to use it aren't required, then you can do as follows.

Go to Properties of that element that you wish to validate.
In Validation section of that element set Validation Type to Custom and in the code area below put the following code:
function ff_nameofelement_validation(element, message)
{
var badwords = /\b(badword1|badword2|badword3)\b/ig;
if ( element.value == "") {
if (message=='') message = "Please enter "+element.name+".\n";
ff_validationFocus(element.name);
return message;
}
if (badwords.test(element.value)) {
if (message=='') message = element.name+" contains a spam word.\n";
ff_validationFocus(element.name);
return message;
} // if
return '';
} // ff_nameofelement_validation
NOTE: In the code above replace "nameofelement" with the Name of that element for which you are writing the validation.

Let me know whether you understand how this works and whether you have managed to set it for your form.

Regards,

Mihaela
#234534
The following user(s) said Thank You: MrPaule68
  • MrPaule68
  • Topic Author
  • Offline
  • Junior Boarder
  • Junior Boarder
  • Posts: 39
  • Thank you received: 0

MrPaule68 replied the topic: Spambot nutzt Formular

Hi Mihaela,

Sorry, I'm back here.

Slowly it gets scary!
I installed the script, defined badwords, I tested it myself online. If a badword is entered in the text field, a message appears and you can not submit the form.

I'm just looking into my e-mail program and see three new spam emails from the form. In the text are also words that I have defined as Badword.

These robots handle not only the security question, but also the script with the badwords.
I came up with the idea of maybe copying my form externally and sending the spam over it, but I also see the shipments in Joomla / Breezingforms, each with its own shipment ID.
#234592
  • mihaela
  • Away
  • Administrator
  • Administrator
  • Posts: 1938
  • Karma: 67
  • Thank you received: 234

mihaela replied the topic: Spambot nutzt Formular

Hello,

Since badwords is a validation script it seems that BOTs somehow manage to bypass the all validation scripts.

As I remember you have already implemented the honeypot crosstec.org/en/support/online-documenta...ts/210-honeypot.html , is that correct?

If you have already set validations and honeypot can suggest at this point is that you try the following:

1) Configure your servers SPAM ASSASIN
2) Install some aditional plugins to stop the SPAM like extensions.joomla.org/extension/antispam-by-cleantalk/
3) Change the URL where you form

Regards,

Mihaela
#234637
Moderators: ForumSupporttomeperica
Time to create page: 0.075 seconds

Community Reward

Help us to create new extensions and plugins! With only $5 you help us a lot and get unlimited download access to all of our products, professional support and even more. Get your reward now!

Read More Here

News and Updates

Get informed about new downloads, updates and more in our News and Updates newsletter.

All Extensions Subscription

Get 1 year access to all of our current and future products and 1 year of professional support -- 99€

No support per domain or website installation limits! Includes all of our current and future Joomla!® extensions, Joomla!® templates for the duration of your membership. This means, by purchasing an All Extensions Subscription you'll have it all covered!

Get it from here

3rd Party Discount - 25% Off

We help you to keep your costs under control. If you are a new member and purchased a form building tool from a different form vendor, then you'll get a 25% discount on our subscription plans.

How to receive the discount:

Send us a quick email to sales@crosstec.org with a proof of purchase (for example a paypal receipt), await payment instructions and enjoy your membership!

Community Reward

Help us to create new extensions and plugins! With only $5 you help us a lot and get unlimited download access to all of our products, professional support and even more. Get your reward now!

Read More Here