Solved

You better be a god to make this e-mail script

Posted on 2004-07-31
7
192 Views
Last Modified: 2013-12-24
Well.... maybe not a god. Here is what I need.

I have a web page at xyz.com that had a open area and a members area. I have e-mail forms in the open area but need something to 'nudge' the browser into coming to the members area instead of just spamming my contact form in the open area... catch all that?

Please make a script to do the following.

Lock down my contact form in the open area.. I wish that no more than 2 contacts be allowed per IP address per 24 hour period. If a access database needs to be constructed to track this info ... please construct the database.

I would also like a 3 to 5 UPPERCASE code to be presented to whoever is using the cantact form.. Ya know.. something like yahoo uses for their groups when you subscribe to verify that you are you and not some bot.

Track all e-mails... add all email addresses that are made though the contact form, search for duplicates, do not add if the "do not add to e-mail list" checkbox is tagged.

< removed by modulo>

That should do it... Now .. I have one more question. What are some of the programs these people are using to spam a contact form from a web page? Does anyone know?

Thanks,
SpinCycle


0
Comment
Question by:SpinCycle
7 Comments
 
LVL 4

Expert Comment

by:crosenblum
ID: 11686610
1. Do you currently use a cookie or other method to identify non-members/members
2. What do you mean by nudge? Do you want a copy in two seperate folders? or to just automatically relocate open requests for the email form to be moved to the members form...
3. What kind of email validation scripts are you currently running to prevent cf errors for bad users typing in invalid email addresses?
4. IP Addresses are not a real good measurement of user identification,  set a cookie, and keep a value in there of how many email submission attempts, what date of last attempt. Then if that attempt is over 24 hours ago, reset their number of email submission attempts and allow them to send 2 more.

Make sense?
0
 

Author Comment

by:SpinCycle
ID: 11687020
Looks like from the MOD feedback that I am going to have to break this down piece by piece.

So... we'll just deal with mail first .. and the subscriptions to a e-list at a later time.

I do not use cookies... only a user session for the people that have listings on my page.
There is no validation for people that use bad e-mail addresses.
What I mean by nudge... people that are currently browsing my page are asking the listings to send them their members photos rather than subscribing to the page. I would rather that they were only alloed to e-mail 2 listings before they are promted to join the domain for an unrestricted ability to contact listings. As the people that come to the domain are not required to register, would it not be better to track how many mails were sent per person per IP address and not a cookie? Would not a person making a attempt to contact someone just have to delete their cookies in order to send more mail?
0
 
LVL 19

Accepted Solution

by:
cheekycj earned 500 total points
ID: 11687616
well, first let me point out that restricting by IP address is not a good approach.  AOL and other large ISPs use Proxy Servers and you will see that a large number of AOL users have the same IP address.  If you block one of those IP addys for 1 hour, you may potentially block a very large number of AOL users for an hour not just the person(s) who submitted the form twice.

Could you explain a bit more about these Listings?  Are they stored somewhere or is it FFA (Free for All) style?  Does the user have to submit an email addy along with the Submission?

In essence to nudge them to a members area, you need to have persistance for that user.  Either via cookies/session or a database (probably better via DB)


A DB design would be simple:  Have a DB table that represents your form that is has a unique index on email address.  When the submit a first time you add a row and set a "counter column to 1" When they submit a second time increment a "counter column" to 2.  Any subsequent tries where the counter column would be pushed to greater than 2 would be rejected.  

Of course someone could enter fake emails and that is tough to gaurd against.  The only way to gaurd against that is to requre them to recieve an email and click a link on the email to confirm the form submission.  So that would work that you would have a validated flag in the DB with each entry.   When they submit an email is sent for them to goto a specific url and enter a unique id that will set the validated flag to true and the listing will be processed.  This will reduce the fraud by a lot.

Gaurding against bots - you have to leverage a unique code that is in the form of an image (cannot be HTML and the image name cannot reflect the value it is displaying)  this will prevent smart bots from scraping the unique code.  There are several options for this (paid or develop your own)

Any of the above ideas sound like a design that would work for you?

CJ
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Join & Write a Comment

Have you ever sent email via ColdFusion and thought of tracking this mail to capture the exact date and time when the message was opened ?  If yes, then this article is for you ! First we need a table user_email with columns user_id , email , sub…
Most ColdFusion developers get confused between the CFSet, Duplicate, and Structcopy methods of copying a Structure, especially which one to use when. This Article will explain the differences in the approaches with examples; therefore, after readin…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now