Solved

You better be a god to make this e-mail script

Posted on 2004-07-31
7
194 Views
Last Modified: 2013-12-24
Well.... maybe not a god. Here is what I need.

I have a web page at xyz.com that had a open area and a members area. I have e-mail forms in the open area but need something to 'nudge' the browser into coming to the members area instead of just spamming my contact form in the open area... catch all that?

Please make a script to do the following.

Lock down my contact form in the open area.. I wish that no more than 2 contacts be allowed per IP address per 24 hour period. If a access database needs to be constructed to track this info ... please construct the database.

I would also like a 3 to 5 UPPERCASE code to be presented to whoever is using the cantact form.. Ya know.. something like yahoo uses for their groups when you subscribe to verify that you are you and not some bot.

Track all e-mails... add all email addresses that are made though the contact form, search for duplicates, do not add if the "do not add to e-mail list" checkbox is tagged.

< removed by modulo>

That should do it... Now .. I have one more question. What are some of the programs these people are using to spam a contact form from a web page? Does anyone know?

Thanks,
SpinCycle


0
Comment
Question by:SpinCycle
7 Comments
 
LVL 4

Expert Comment

by:crosenblum
ID: 11686610
1. Do you currently use a cookie or other method to identify non-members/members
2. What do you mean by nudge? Do you want a copy in two seperate folders? or to just automatically relocate open requests for the email form to be moved to the members form...
3. What kind of email validation scripts are you currently running to prevent cf errors for bad users typing in invalid email addresses?
4. IP Addresses are not a real good measurement of user identification,  set a cookie, and keep a value in there of how many email submission attempts, what date of last attempt. Then if that attempt is over 24 hours ago, reset their number of email submission attempts and allow them to send 2 more.

Make sense?
0
 

Author Comment

by:SpinCycle
ID: 11687020
Looks like from the MOD feedback that I am going to have to break this down piece by piece.

So... we'll just deal with mail first .. and the subscriptions to a e-list at a later time.

I do not use cookies... only a user session for the people that have listings on my page.
There is no validation for people that use bad e-mail addresses.
What I mean by nudge... people that are currently browsing my page are asking the listings to send them their members photos rather than subscribing to the page. I would rather that they were only alloed to e-mail 2 listings before they are promted to join the domain for an unrestricted ability to contact listings. As the people that come to the domain are not required to register, would it not be better to track how many mails were sent per person per IP address and not a cookie? Would not a person making a attempt to contact someone just have to delete their cookies in order to send more mail?
0
 
LVL 19

Accepted Solution

by:
cheekycj earned 500 total points
ID: 11687616
well, first let me point out that restricting by IP address is not a good approach.  AOL and other large ISPs use Proxy Servers and you will see that a large number of AOL users have the same IP address.  If you block one of those IP addys for 1 hour, you may potentially block a very large number of AOL users for an hour not just the person(s) who submitted the form twice.

Could you explain a bit more about these Listings?  Are they stored somewhere or is it FFA (Free for All) style?  Does the user have to submit an email addy along with the Submission?

In essence to nudge them to a members area, you need to have persistance for that user.  Either via cookies/session or a database (probably better via DB)


A DB design would be simple:  Have a DB table that represents your form that is has a unique index on email address.  When the submit a first time you add a row and set a "counter column to 1" When they submit a second time increment a "counter column" to 2.  Any subsequent tries where the counter column would be pushed to greater than 2 would be rejected.  

Of course someone could enter fake emails and that is tough to gaurd against.  The only way to gaurd against that is to requre them to recieve an email and click a link on the email to confirm the form submission.  So that would work that you would have a validated flag in the DB with each entry.   When they submit an email is sent for them to goto a specific url and enter a unique id that will set the validated flag to true and the listing will be processed.  This will reduce the fraud by a lot.

Gaurding against bots - you have to leverage a unique code that is in the form of an image (cannot be HTML and the image name cannot reflect the value it is displaying)  this will prevent smart bots from scraping the unique code.  There are several options for this (paid or develop your own)

Any of the above ideas sound like a design that would work for you?

CJ
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Script 12 134
Using Route 53, Record Sets & Health Checks 2 Node Exchange 2016 environment 2 97
Apache SSL and mod_rewrite not working 8 123
listing all functions in JavaScript 19 177
Article by: kevp75
Hey folks, 'bout time for me to come around with a little tip. Thanks to IIS 7.5 Extensions and Microsoft (well... really Windows 8, and IIS 8 I guess...), we can now prime our Application Pools, when IIS starts. Now, though it would be nice t…
One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now