Solved

You better be a god to make this e-mail script

Posted on 2004-07-31
7
200 Views
Last Modified: 2013-12-24
Well.... maybe not a god. Here is what I need.

I have a web page at xyz.com that had a open area and a members area. I have e-mail forms in the open area but need something to 'nudge' the browser into coming to the members area instead of just spamming my contact form in the open area... catch all that?

Please make a script to do the following.

Lock down my contact form in the open area.. I wish that no more than 2 contacts be allowed per IP address per 24 hour period. If a access database needs to be constructed to track this info ... please construct the database.

I would also like a 3 to 5 UPPERCASE code to be presented to whoever is using the cantact form.. Ya know.. something like yahoo uses for their groups when you subscribe to verify that you are you and not some bot.

Track all e-mails... add all email addresses that are made though the contact form, search for duplicates, do not add if the "do not add to e-mail list" checkbox is tagged.

< removed by modulo>

That should do it... Now .. I have one more question. What are some of the programs these people are using to spam a contact form from a web page? Does anyone know?

Thanks,
SpinCycle


0
Comment
Question by:SpinCycle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 4

Expert Comment

by:crosenblum
ID: 11686610
1. Do you currently use a cookie or other method to identify non-members/members
2. What do you mean by nudge? Do you want a copy in two seperate folders? or to just automatically relocate open requests for the email form to be moved to the members form...
3. What kind of email validation scripts are you currently running to prevent cf errors for bad users typing in invalid email addresses?
4. IP Addresses are not a real good measurement of user identification,  set a cookie, and keep a value in there of how many email submission attempts, what date of last attempt. Then if that attempt is over 24 hours ago, reset their number of email submission attempts and allow them to send 2 more.

Make sense?
0
 

Author Comment

by:SpinCycle
ID: 11687020
Looks like from the MOD feedback that I am going to have to break this down piece by piece.

So... we'll just deal with mail first .. and the subscriptions to a e-list at a later time.

I do not use cookies... only a user session for the people that have listings on my page.
There is no validation for people that use bad e-mail addresses.
What I mean by nudge... people that are currently browsing my page are asking the listings to send them their members photos rather than subscribing to the page. I would rather that they were only alloed to e-mail 2 listings before they are promted to join the domain for an unrestricted ability to contact listings. As the people that come to the domain are not required to register, would it not be better to track how many mails were sent per person per IP address and not a cookie? Would not a person making a attempt to contact someone just have to delete their cookies in order to send more mail?
0
 
LVL 19

Accepted Solution

by:
cheekycj earned 500 total points
ID: 11687616
well, first let me point out that restricting by IP address is not a good approach.  AOL and other large ISPs use Proxy Servers and you will see that a large number of AOL users have the same IP address.  If you block one of those IP addys for 1 hour, you may potentially block a very large number of AOL users for an hour not just the person(s) who submitted the form twice.

Could you explain a bit more about these Listings?  Are they stored somewhere or is it FFA (Free for All) style?  Does the user have to submit an email addy along with the Submission?

In essence to nudge them to a members area, you need to have persistance for that user.  Either via cookies/session or a database (probably better via DB)


A DB design would be simple:  Have a DB table that represents your form that is has a unique index on email address.  When the submit a first time you add a row and set a "counter column to 1" When they submit a second time increment a "counter column" to 2.  Any subsequent tries where the counter column would be pushed to greater than 2 would be rejected.  

Of course someone could enter fake emails and that is tough to gaurd against.  The only way to gaurd against that is to requre them to recieve an email and click a link on the email to confirm the form submission.  So that would work that you would have a validated flag in the DB with each entry.   When they submit an email is sent for them to goto a specific url and enter a unique id that will set the validated flag to true and the listing will be processed.  This will reduce the fraud by a lot.

Gaurding against bots - you have to leverage a unique code that is in the form of an image (cannot be HTML and the image name cannot reflect the value it is displaying)  this will prevent smart bots from scraping the unique code.  There are several options for this (paid or develop your own)

Any of the above ideas sound like a design that would work for you?

CJ
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Help Fix A 403 error 13 120
Unsearchable in Google,Yahoo and Bing. 6 66
Help with a redirect in web.config file 8 65
Customising IE behaviour on certain pages 2 61
A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
Article by: kevp75
Hey folks, 'bout time for me to come around with a little tip. Thanks to IIS 7.5 Extensions and Microsoft (well... really Windows 8, and IIS 8 I guess...), we can now prime our Application Pools, when IIS starts. Now, though it would be nice t…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question