Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Form action

Status
Not open for further replies.
Naoise

Naoise

Programmer
Dec 23, 2004
318
IE

I have a form that simply requires a user to enter
their email address.

<form name="myname" method="post" action="log.asp">
<input type="text" name="email">
<input type="submit" name="btnSubmit" value="submit">
</form>

Is there anyway to hide the action of this form so that it cannot be bombed with false email addresses that will be logged to the db. I am open to any solution be it HTML, Javascript or a client side scripting solution, ASP would be preferred in the final instance.

Thanks,
Naoise
 
Sort by date Sort by votes
Why not ask in the ASP forum then? I don't know how the 'hiding of action' would help in protecting against false email addresses though. You could perform validation at the parsing .asp script, to make sure addresses are properly formed, but that still does not give much protection. I think you should record a session on the form page and on the action page check if session exists and when it was created. After you insert data into database, change session to lock further inputs for a while. I think that might be the soundest option.
 
Upvote 0 Downvote
a) My post is open to a HTML/JS/ASP solution hence you
^^^^
find it here.

b) I am not trying to prevent false email addresses more
email addressses being added continually irrespective
of them being valid or not.

c) Your ending solution is a reasonable one.

d) Thank you for your time :)
 
Upvote 0 Downvote
what about the from validators like when they make you type in the numbers and digits of a graphic. this seems to be a guard against scripts from entering data. so it would limit it to a human entereing the data. you could also have it send you an email and wait for validation from you. i dont know if any of these ideas are worth anything. i hope that helps.

Sera
I often believe that...
My computer is possessed!
 
Upvote 0 Downvote
Is there anyway to hide the action of this form?
Click to expand...
No. The browser needs to know where to send its results, and if the browser knows, a scumbot will know too.

A simple security measure that you can take is to change the name of the fields:
Code: 
<form name="myname" method="post" action="log.asp">
<input type="text" name="banana">
<input type="submit" name="purple" value="submit">
</form>
Automated scripts are plodding round the net looking for forms that look like contact or comment forms so they can spam them. Picking meaningless names makes the bots' job harder.

-- Chris Hunt
Webmaster & Tragedian
Extra Connections Ltd
 
Upvote 0 Downvote
I think you should record a session on the form page and on the action page check if session exists and when it was created. After you insert data into database, change session to lock further inputs for a while. I think that might be the soundest option
Click to expand...
Alternatively, you can record the IP addresses of the person who registers & lock further inputs from the same IP for a while.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

scorney
  • Locked
  • Question
background image with overlay which Hover when over a specific Area/Form
Replies
1
Views
771
3esolar
3
PeDa
  • Locked
  • Question
Table not formatted correctly in all browsers 1
Replies
2
Views
186
PeDa
PeDa
ghbeers
  • Locked
  • Question
Viewing form through portal messing up .css formatting
Replies
4
Views
164
ghbeers
ghbeers
Everton1Blue
  • Locked
  • Question
How to display user error in form field
Replies
2
Views
197
Everton1Blue
Everton1Blue
pendle666
  • Locked
  • Question
contact form buttons not right on iPhone 4 HTML/CSS 2
Replies
9
Views
261
pendle666
pendle666

Part and Inventory Search

Sponsor

Back
Top