473,583 Members | 3,424 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

being attacked

I have a newsletter signup form on my front page - you insert your
e-mail hit submit and through php it sends it to me and the client in
an e-mail. The problem is - someone is sitting at home going
click-return-click-return-click-return-click.
So I put a javascript making the person at least fake an e-mail address
or it would not go to the next page. The problem is I think the person
has the second page in favourites and every now and then goes there and
hits refresh-refresh-refresh-refresh.
I'm getting about 10 a day - How can I stop it? Help

Sep 7 '05 #1
6 1381

bokke wrote:
I have a newsletter signup form on my front page - you insert your
e-mail hit submit and through php it sends it to me and the client in
an e-mail. The problem is - someone is sitting at home going
click-return-click-return-click-return-click.
So I put a javascript making the person at least fake an e-mail address
or it would not go to the next page. The problem is I think the person
has the second page in favourites and every now and then goes there and
hits refresh-refresh-refresh-refresh.
I'm getting about 10 a day - How can I stop it? Help


DO you do any validation on the input in your script before you send
the email? If you don't you should add it.

Ken

Sep 7 '05 #2
bokke wrote:
I have a newsletter signup form on my front page - you insert your
e-mail hit submit and through php it sends it to me and the client in
an e-mail. The problem is - someone is sitting at home going
click-return-click-return-click-return-click.
So I put a javascript making the person at least fake an e-mail address
or it would not go to the next page. The problem is I think the person
has the second page in favourites and every now and then goes there and
hits refresh-refresh-refresh-refresh.
I'm getting about 10 a day - How can I stop it? Help

Use the function sleep() to halt the script for a second or 2.

This way, automated scripts are slowed down.
Sep 7 '05 #3
I have a javascript runnong to check for input - but not the php script
to first validate before sending! Just What I Need!

Thanks

Sep 7 '05 #4
>I have a newsletter signup form on my front page - you insert your
e-mail hit submit and through php it sends it to me and the client in
an e-mail. The problem is - someone is sitting at home going
click-return-click-return-click-return-click.
Your site is probably being used as a weapon in a spamming or
mail-bombing attack.
So I put a javascript making the person at least fake an e-mail address
or it would not go to the next page.
Javascript is useless against clients that don't run it. If you
need to do validation, you need to do it ON THE SERVER. Doing it
in Javascript also makes for a nicer interface for users making
honest mistakes, but you need to do the check on the server to avoid
having your site hacked or database filled with junk.
The problem is I think the person
has the second page in favourites and every now and then goes there and
hits refresh-refresh-refresh-refresh.
I'm getting about 10 a day - How can I stop it? Help


You shouldn't send any email to an email address entered by the
user if you have sent email to that address recently (which might
mean 1 day or 1 week). This would make the spammer/bomber come up
with *different* email addresses each time. That probably only
annoys bombers with a specific target in mind, but it might keep
your site out of blacklists. The down side is you need to keep
track of to whom and when you sent email (probably in a database).

Oh, yes, you might look at your web server logs, figure out this
guy's IP address ($_SERVER['REMOTE_ADDR']), or the IP block he
usually connects from, and refuse to send any mail.

Gordon L. Burditt
Sep 7 '05 #5
bokke wrote:
I have a newsletter signup form on my front page - you insert your
e-mail hit submit and through php it sends it to me and the client in
an e-mail. The problem is - someone is sitting at home going
click-return-click-return-click-return-click.
So I put a javascript making the person at least fake an e-mail address
or it would not go to the next page. The problem is I think the person
has the second page in favourites and every now and then goes there and
hits refresh-refresh-refresh-refresh.
I'm getting about 10 a day - How can I stop it? Help


Hi,

I would get his IP-address, and block that specific IP-address.
It is stored in $_SERVER['REMOTE_ADDR'].
Just hardcode into your mailingscript to block that num.
Also, send him back an endless loop with HTML-bull to keep his spammingline
occupied.
That guy is maybe trying to use your email-script as a gateway to send his
missirable spam into the world.
I do hate spammers so much...

Good luck

Regards,
Erwin Moller
Sep 8 '05 #6
Hello,

on 09/07/2005 12:54 PM bokke said the following:
I have a newsletter signup form on my front page - you insert your
e-mail hit submit and through php it sends it to me and the client in
an e-mail. The problem is - someone is sitting at home going
click-return-click-return-click-return-click.
So I put a javascript making the person at least fake an e-mail address
or it would not go to the next page. The problem is I think the person
has the second page in favourites and every now and then goes there and
hits refresh-refresh-refresh-refresh.
I'm getting about 10 a day - How can I stop it? Help


I think those are nervous users that double click on the button by
accident or because they can wait and click again to make sure the site
gets the submitted form.

You may want to try this forms generation class that prevents submit
button double-clicking:

http://www.phpclasses.org/formsgeneration
--

Regards,
Manuel Lemos

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

PHP Reviews - Reviews of PHP books and other products
http://www.phpclasses.org/reviews/

Metastorage - Data object relational mapping layer generator
http://www.meta-language.net/metastorage.html
Sep 13 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

24
5031
by: Yang Li Ke | last post by:
Hi guys! Anyone know a way so that users purchasing my scripts would not be able to share them with other people ? Yang
4
2941
by: Scott Robinson | last post by:
I have been having trouble with the garbage collector and sockets. Unfortunately, google keeps telling me that the problem is the garbage collector ignoring dead (closed?) sockets instead of removing live ones. My problem is x.sock=socket.socket(socket.AF_INET,socket.SOCK_STREAM) do_stuff(x.sock)
6
2046
by: Doug | last post by:
Hi all. Have a SQL server with about 10 small databases on it. One database in particular, the tables are somehow being recreated each night at 12:03 AM. The tables are also empty of data. There's nothing in the logs either. All other databases are just fine. I've been searching and troubleshooting this problem for almost two weeks now and...
3
2125
by: NickName | last post by:
Here's the situation, developers inherit a web app from someone, backend SQL db has about 120 user tables and the db is also being used by other apps. Developers don't have a list of user tables being used by this app, now, I need to create a new db based on this one, which would be used by this app only. So, I intend to find all the user...
18
5447
by: Aaron Gray | last post by:
How do you stop the HTML source for a page being viewed on Windows View>Source menu option ? Aaron
9
1812
by: MR | last post by:
Why does the string value assigned to the RequestElementName in the SoapDocumentMethodAttribute get changed? The value below with a colon is changed to the hex value surrounded by underscores. this doesn't happen to the RequestNameSpace. How can i prevent it from being changed? thanks
44
2446
by: Jeff | last post by:
Hi I have a library mde that is used with some customer databases and I found out that another developer discovered it while doing some maintenance work on an old database for the same customer and has copied it to use with her databases. Naturally, I was not impressed and that story continues. It was not the customers fault. I assume...
9
1534
by: John C. Frickson | last post by:
My company produces reports for our customers in PDF format. I have a php script that verifies login status and access rights, and sends the pdf to the client using readfile(). This has worked fine until recently. One of our customers' reports is 10.6MB, and the customer never receives it and I can't get it either. I checked the Apache...
9
5404
by: tshad | last post by:
I am trying to get access to a file that may still being written because the file is so large (7-10MB). I get an error: The process cannot access the file 'c:\TestDocs\XMLFiles\492172.XML' because it is being used by another process
0
7893
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
0
7821
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
0
8172
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
1
7928
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
6574
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
1
5695
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
0
5369
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
0
3839
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
1422
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.