Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

check email address is real

18 views
Skip to first unread message

Andre

unread,
Apr 19, 2007, 5:42:02 PM4/19/07
to
I get a lot of spam from my website feedback form.
Is there a way one can validate the email address that a user insert in the
form, and keeps nagging, until the email address verify correctly ?
Using frontpage 2003
Thanks

Tom Willett

unread,
Apr 19, 2007, 5:51:02 PM4/19/07
to
No.
--
===
Tom Willett
Microsoft MVP - FrontPage
---
FrontPage Support:
http://www.frontpagemvps.com/
===
"Andre" <An...@discussions.microsoft.com> wrote in message
news:09F049CB-9F10-400F...@microsoft.com...

Ronx

unread,
Apr 20, 2007, 4:31:30 AM4/20/07
to
Best you can do if using FPextensions to process the form is add a
question (and text box for the answer) that only a human can answer.
Example:
What colour is a black cat?
Then use JavaScript to check the answer is black (allowing for
uppercase, lowercase and combinations).
You can use the Form Properties to stop this field being uploaded to the
server or sent in email.
If the spambot is human or does not use JavaScript, there is nothing you
can do, other than switch to server-side scripting to process the forms.
--
Ron Symonds - Microsoft MVP (FrontPage)
Reply only to group - emails will be deleted unread.
FrontPage Support: http://www.frontpagemvps.com/
http://www.rxs-enterprises.org/fp

"Andre" <An...@discussions.microsoft.com> wrote in message

news:09F049CB-9F10-400F...@microsoft.com:

Andre

unread,
Apr 20, 2007, 4:50:01 AM4/20/07
to
Thanks Ronx, I will try the question/answer approach, it should at least
cut down on some of the spam, I think.
your response appreciated.

Murray

unread,
Apr 20, 2007, 9:54:03 AM4/20/07
to
Here's a very cool idea:

1. Add a link to an external js file before you close the form.
2. Have the external js file do a document.write of a hidden field with a
value, e.g.,

document.write("<input type=\"hidden\" name=\"whatever\" value=\"orange\" /"
+ ">");
3. Validate the form for this field and its value on the SERVER side.
4. Reject submissions that do not validate.

The idea is, spambots do NOT execute javascript, and therefore submissions
coming from them will lack that field, and therefore won't validate.

If you are concerned about those who might be surfing with js disabled, then
add a <noscript> tag that ACTUALLY CONTAINS THE FIELD, e.g.,

<noscript>
<input type="hidden" name="whatever" value="orange" />
</noscript>

Bots will miss that one too!

--
Murray
--------------
MVP FrontPage


"Ronx" <ron...@hotmail.com> wrote in message
news:%23fi27Yy...@TK2MSFTNGP03.phx.gbl...

Chris Leeds, MVP - FrontPage

unread,
Apr 20, 2007, 3:39:14 PM4/20/07
to
along those lines but not as intense;
I'd wondered if replacing the "submit" button with an "advanced" button
which has an "onclick" event to submit the form would side-step most of
those spam bot form fillers.

--
Chris Leeds
Contact: http://chrisleeds.com/contact
Have you seen ContentSeed (www.contentseed.com)?
NOTE:
This message was posted from an unmonitored email account.
This is an unfortunate necessity due to high volumes of spam sent to email
addresses in public newsgroups.
Sorry for any inconvenience.
"Murray" <for...@HAHAgreat-web-sights.com> wrote in message
news:OXDjcO1g...@TK2MSFTNGP05.phx.gbl...

Murray

unread,
Apr 20, 2007, 4:13:54 PM4/20/07
to
Interesting idea. I suppose you could also just have a new submit button in
the <noscript> tags, too!

--
Murray
--------------
MVP FrontPage


"Chris Leeds, MVP - FrontPage" <NewsG...@ChrisLeeds.com> wrote in message
news:OyhTVO4...@TK2MSFTNGP03.phx.gbl...

Jon Spivey

unread,
Apr 20, 2007, 6:01:14 PM4/20/07
to
Curious that bots don't read noscript though - is that documented anywhere?

Cheers,
Jon

"Murray" <for...@HAHAgreat-web-sights.com> wrote in message

news:ObuJti4...@TK2MSFTNGP06.phx.gbl...

Murray

unread,
Apr 22, 2007, 8:17:35 AM4/22/07
to
Honestly, I'm not sure. If it's a typical bot, I don't think they work from
a rendered page, so <noscript> tags become irrelevant, no?

--
Murray
--------------
MVP FrontPage


"Jon Spivey" <j...@NotThis-Nisusnewmedia.com> wrote in message
news:eSZdyd5g...@TK2MSFTNGP06.phx.gbl...

Jon Spivey

unread,
Apr 22, 2007, 4:47:11 PM4/22/07
to
Not a rendered page but surely they read the html as delivered by the server
and just ignore the tags they're not interested in but read the content
between? This is why the noscript tag works on every browser - if it doesn't
understand the tag it ignores it and reads whatever's inside. In the same
way as if you put
<murray>
some stuff
</murray>
Obviously Murray isn't a tag so a browser will ignore it but display the
content between. I can see that document writing a hidden field would make
automated submissions easy to catch - at the expense of making the form
unusable for non-js users.

I just wouldn't put money on the noscript tag distinguishing between users
and bots

Cheers,
Jon

"Murray" <for...@HAHAgreat-web-sights.com> wrote in message

news:uBr82hNh...@TK2MSFTNGP03.phx.gbl...

Murray

unread,
Apr 22, 2007, 5:45:49 PM4/22/07
to
Yeah - I'm not sure about that part of it, although the first part should
work well.

You could always have -

<noscript>This form requires javascript for proper operation. Please enable
it.</noscript>

--
Murray
--------------
MVP FrontPage


"Jon Spivey" <j...@NotThis-Nisusnewmedia.com> wrote in message

news:%23ICgv9R...@TK2MSFTNGP03.phx.gbl...

0 new messages