TOPIC:

Mandatory, custom validation field ignored by spam bots 2 years 1 week ago #253426

  • Topic Author
  • altertainment
  • Offline
  • New Member
  • New Member
  • Registered
  • Posts: 2
  • Thanks: 0
Hi! I am using Breezingforms Pro on my website. I secured my contact form with recaptcha, but still get some spam emails and spam records so I decided to add a second custom security check. Users need to add two numbers and enter the result, which is checked by a custom validation:

function ff_Rechencaptcha_validation(element, message)
{
if (element.value != 17) {
if (message=='') message = "Wrong result. Bla. Calculate 15 + Two."
ff_validationFocus(element.name);
return message;
} // if
return '';
} // ff_Rechencaptcha_validation

So far it works, I can not sumbit the form without entering 17.

But still I get records and emails by spam bots without any value in this field. Any idea how this is possible and how to prevent it?

Please Log in or Create an account to join the conversation.

Mandatory, custom validation field ignored by spam bots 2 years 1 week ago #253436

  • tihana.krivic's Avatar
  • tihana.krivic
  • Offline
  • Moderator
  • Moderator
  • Registered
  • Posts: 12079
  • Thanks: 779
Hi,

ok, validation is ok.
Also, you can do it like this:
 if (element.value != 17 || element.value=='') {
if (message=='') message = "Wrong result. Bla. Calculate 15 + Two."
ff_validationFocus(element.name);
return message;
} // if
return '';

You can use honeypot too:
crosstec.org/en/support/online-documenta...ts/210-honeypot.html

Hope this helps

Regards,
Tihana

Please Log in or Create an account to join the conversation.

Mandatory, custom validation field ignored by spam bots 2 years 1 week ago #253448

  • Eddy.vh's Avatar
  • Eddy.vh
  • Offline
  • Platinum Member
  • Platinum Member
  • Registered
  • Posts: 810
  • Thanks: 128
Hello,

There is a sample form to download here .
It proposes a "captcha" by calculation of random numbers.

Maybe this form will help you to configure yours?

Regards,
Eddy

Please Log in or Create an account to join the conversation.

Mandatory, custom validation field ignored by spam bots 2 years 1 week ago #253520

  • Topic Author
  • altertainment
  • Offline
  • New Member
  • New Member
  • Registered
  • Posts: 2
  • Thanks: 0
Hi folks,

thank you for your input so far, but I still did not manage to resolve the issue.
I updated my validation to this:

if (element == null || element.value == null || element.value == '' || element.value != 17)
{
...
}


But spam bots still manage to send the form without entering a number at all. The problem is not that the result (17) is too easy to guess, they just ignore it. Just a few hours ago I received a new spam mail and when I look at the record in the backend I can see the value for the validated field was empty.

Please Log in or Create an account to join the conversation.

Mandatory, custom validation field ignored by spam bots 2 years 1 week ago #253563

  • tihana.krivic's Avatar
  • tihana.krivic
  • Offline
  • Moderator
  • Moderator
  • Registered
  • Posts: 12079
  • Thanks: 779
Hi,

please try to protect this field with honeypot.
Go to your form->Advanced->More options->Submit pieces->Begin Submit->check Custom and put this:
$this->execPieceByName('ff_InitLib');
if( ff_getSubmit('nameofyourfield') != '' )
{
    // echo '<script> alert ("error"); </script>';
     exit; 
} 
Please replace nameofyourfield with name for your mandatory field (not title).
Nameofyourfield is mandatory field, also set with validation scripts, and must be adapted to the name of your field.

If this field is empty the form will not be sent.

Regards,
Tihana

Please Log in or Create an account to join the conversation.

  • Page:
  • 1
Moderators: ForumSupport
Time to create page: 0.055 seconds

Support Chat

Join our Discord chat and enter the Crosstec channels for live-support, chat forums and interact directly with the community!

After joining, please enter the Crosstec Area and use the #crosstec-support or #crosstec-general channels.

Quick Links

Downloads

BreezingForms

ContentBuilder

BreezingCommerce

Templates

Documentation

BreezingForms

ContentBuilder

BreezingCommerce

Apprendre BreezingForms (French Community)

Apprendre et maîtriser BreezingForms par des tutoriels et exemples, le tout en français

breezingforms.eddy-vh.com

Questions et réponses sur les forums de l'AFUJ

AFUJ

Subscribe to news and updates!

Special Offer

Sale! All subscriptions at a special price!

Includes prio support, all of our current and future Joomla!® extensions and Joomla!® templates for the duration of your membership.

Get it from here

3rd Party Discount - 25% Off

We help you to keep your costs under control. If you are a new member and purchased a form building tool from a different form vendor, then you'll get a 25% discount on our subscription plans.

How to receive the discount:

Send us a quick email to sales@crosstec.org with a proof of purchase (for example a paypal receipt), await payment instructions and enjoy your membership!

Live Support Chat Opened!

Join our Discord chat here and enter the Crosstec channels to receive live support and talk directly to the team!