Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New to the CF scene
    Join Date
    May 2005
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Email form word verification error still attempts to Post

    Hello,

    I have an email form on a website. There was a lot of spam email coming through so I put a "word verification" box in the form. At the end of the form, I created a regular text box and ask users to enter the word "happy" without quotes.

    In the JavaScript, I have a simple IF statement checking to see if the value of the box is equal to the word "happy."

    The JavaScript works for the most part. When the correct word is entered, it posts the email and arrives in my inbox shortly thereafter.

    Unfortunately, when I enter the wrong word, the appropriate alert window pops up but it continues with the action and tries to post.

    I would appreciate any help you could provide. I've posted the JavaScript and the form so you can see the general idea behind the page. I've deleted most of the form entries to conserve on code space. Thanks

    superstar


    ====================================================

    JavaScript

    function checkPw() {

    if (document.form.pw1.value!="happy") {
    alert ("\nYou did not enter the word. Please type happy in the verification box.");
    window.location.href=window.location.href
    }
    else
    document.form.action = 'http://formmail.dreamhost.com/cgi-bin/formmail.cgi';
    return true;
    }




    ============================================

    Form

    <form name=form method="POST" align="center">
    <font face="Arial, Helvetica, sans-serif">
    <input type="hidden" name="recipient" value="siteadmin@sitename.com">
    <input type="hidden" name="subject" value="Guestbook Response">
    <input type="hidden" name="redirect" value="http://www.sitename.com/thanks.html">

    <input type="hidden" name="env_report" value="REMOTE_HOST,HTTP_USER_AGENT">
    </font>
    <div align="center">
    <center>
    <table border="0" width="561">
    <tr>
    <td width="169" align="right"><font face="Arial, Helvetica, sans-serif">Please type happy in the box in order to send. (Spam filter)</font></td>
    <td width="384">
    <input type="text" name="pw1" size="10" tabindex="8">
    </td>
    </tr>

    </table>
    </center>

    </div>
    <center>
    <p align="center"><font face="Arial, Helvetica, sans-serif">
    <input type="submit" value="Send" name="B1" tabindex="10" onclick="checkPw();">
    <input type="reset" value="Reset" name="B2" tabindex="11">
    </font></p>
    </center>
    </form>

  • #2
    ess
    ess is offline
    Regular Coder
    Join Date
    Oct 2006
    Location
    United Kingdom
    Posts
    866
    Thanks
    7
    Thanked 30 Times in 29 Posts
    Hello there,

    You should remove the following line and replace it with "return false;"

    Code:
    window.location.href=window.location.href
    Also, although i can see that you are trying to force the user to use JavaScript, I am afraid it is very easy to bypass this (just add the line in the url and you will see what I mean) and as such, you should not rely on JavaScript submitting the form. So, I suggest that you remove it and add an action to the form.
    Code:
    document.form.action = 'http://formmail.dreamhost.com/cgi-bin/formmail.cgi';
    Further more, I would change the submit buttom from
    Code:
     <input type="submit" value="Send" name="B1" tabindex="10" onclick="checkPw();">
    to the following
    Code:
     <input type="submit" value="Send" name="B1" tabindex="10">
    finally, I would add the following to the form declaration.

    Code:
    onsubmit="javascript: return checkPw();"
    your form declaration should now be
    Code:
    <form name=form method="POST" action = "http://formmail.dreamhost.com/cgi-bin/formmail.cgi" align="center" onsubmit="javascript: return checkPw();">
    Also, I just realized that you are using dreamhost. I believe that they support PHP and as such, you should be able to use the following captcha script as an alternative to using JavaScript. here is a website that provide an example of using captcha.
    http://www.white-hat-web-design.co.u...hp-captcha.php

    Cheers,
    Ess
    Last edited by ess; 02-16-2007 at 12:54 AM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •