apparently bots can still add the javascript to the left.
In this case, you could have to write the code in PHP.
Go to your form->Advanced->More options->Submit pieces->Begin submit->check Custom and put:
$this->execPieceByName('ff_InitLib');
$badWords = array('http','www', 'https','.ru','<a>','</a>', 'href' ); // here add what you want to avoid, each word between '' and separated by a coma.
$checkFields = array('message'); // Here add the fields that have to be observed, between '' and separated by coma, please replace message with name of your element (not title).
foreach ($checkFields as $Fld) {
$FldVal = ff_getSubmit($Fld);
$matches = array();
$matchFound = preg_match_all(
'/\b(' . implode($badWords,'|') . ')\b/i',
$FldVal,
$matches
);
if ($matchFound) {
ff_die('Goodbye !');
}
}
Thank you. BUT... there is still a problem. Now when users enter a punctuation mark, such as full stop, exclamation, etc. the email does not submit. Instead it says to enter message in text box area.
$this->execPieceByName('ff_InitLib');
$badWords = array('http','www', 'https', 'href','<','>','/'); // here add what you want to avoid, each word between '' and separated by a coma.
$checkFields = array('message'); // Here add the fields that have to be observed, between '' and separated by coma, please replace message with name of your element (not title).
foreach ($checkFields as $Fld) {
$FldVal = ff_getSubmit($Fld);
$matches = array();
$matchFound = preg_match_all(
'/\b(' . implode($badWords,'|') . ')\b/i',
$FldVal,
$matches
);
if ($matchFound) {
ff_die('Goodbye !');
}
}
