How to make a simple webform request secure from spam?
I have a web form and need it to be secure from spam I've got a robot that has found my form and is injecting hyperlinks into my text boxes. This is not good, Iv'e thought using an obfuscator would work not sure. Any suggestions?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, I had forgotten about that site.
ASKER
usachrisk1983
I'm not sure how to implement Capatcha? The documentation says its simple.
I've copied capatchaService.cfc and capatcha.xml over to the directory.
How do I have it appear on the web form? and how do I then take the
textbox info and hace the cfc work it?
I'm not sure how to implement Capatcha? The documentation says its simple.
I've copied capatchaService.cfc and capatcha.xml over to the directory.
How do I have it appear on the web form? and how do I then take the
textbox info and hace the cfc work it?
If Capatcha is too complicated for you, another viable solution is
http://tutorial406.easycfm.com/
It's a great tutorial - best of luck as Image Verification isn't the simplest of processes. Secondly if it is injecting hyperlinks into your search box set up some sort of replace statement to remove or not accept submissions with certain content. IF form.value contains "whatever" do something. Sorry for the fred flinstone terminology but i gotta run! Best of luck
http://tutorial406.easycfm.com/
It's a great tutorial - best of luck as Image Verification isn't the simplest of processes. Secondly if it is injecting hyperlinks into your search box set up some sort of replace statement to remove or not accept submissions with certain content. IF form.value contains "whatever" do something. Sorry for the fred flinstone terminology but i gotta run! Best of luck
ASKER
ctdigital,
I created captchaTest.cfm code given in the documentation. I ran the page and the captcha image was rendered.
So, I am making progress. How do I compare what captcha renders with what a user input into a txtbox for the challenge?
I created captchaTest.cfm code given in the documentation. I ran the page and the captcha image was rendered.
So, I am making progress. How do I compare what captcha renders with what a user input into a txtbox for the challenge?
ASKER
Throwing an exception now,
captchaService.cfc
Could not find the ColdFusion Component captchaServiceConfigBean
LINE: default="#CreateObject("co
captchaServiceConfigBean.c
captchaService.cfc
Could not find the ColdFusion Component captchaServiceConfigBean
LINE: default="#CreateObject("co
captchaServiceConfigBean.c
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Sorry, missed a bracket:
And your captcha test should look like this:
<cfif captchaText eq "" or application.captcha.valida
captcha was empty or failed
</cfif>
And your captcha test should look like this:
<cfif captchaText eq "" or application.captcha.valida
captcha was empty or failed
</cfif>
ASKER
Oneiroid,
Thanks for the help. I have not ever used CreateObject() so please forgive my lack of understanding.
I have created captcha.cfm with the code below:
<cfset variables.captcha = application.captcha.create
<cfoutput>
<input type="hidden" name="captchaHash" value="#variables.captcha.
<img src="showCaptcha.cfm?hashR
</cfoutput>
<cfset variables.captcha = application.captcha.create
<cfcontent type="image/jpg" file="#variables.captcha.f
<cfif captchaText eq "" or application.captcha.valida
captcha was empty or failed
</cfif>
My application.cfm file has the following:
<!--- initalize the captcha with the xml config --->
<cfparam name="url.reinit" default="false">
<cfif not structKeyExists(applicatio
<cfset application.captcha = CreateObject("component","
<cfset application.captcha.setup(
</cfif>
<!--- END initalize the captcha with the xml config --->
I created a directory called captcha, this directory includes the following:
img <!--- an image directory --->
captcha.xml
captchaService.cfc
captchaServiceConfigBean.c
If I load captcha.cfm I get the following error:
Element HASHREFERENCE is undefined in URL.
<cfset variables.captcha = application.captcha.create
What needs to happen here?
Thanks for the help. I have not ever used CreateObject() so please forgive my lack of understanding.
I have created captcha.cfm with the code below:
<cfset variables.captcha = application.captcha.create
<cfoutput>
<input type="hidden" name="captchaHash" value="#variables.captcha.
<img src="showCaptcha.cfm?hashR
</cfoutput>
<cfset variables.captcha = application.captcha.create
<cfcontent type="image/jpg" file="#variables.captcha.f
<cfif captchaText eq "" or application.captcha.valida
captcha was empty or failed
</cfif>
My application.cfm file has the following:
<!--- initalize the captcha with the xml config --->
<cfparam name="url.reinit" default="false">
<cfif not structKeyExists(applicatio
<cfset application.captcha = CreateObject("component","
<cfset application.captcha.setup(
</cfif>
<!--- END initalize the captcha with the xml config --->
I created a directory called captcha, this directory includes the following:
img <!--- an image directory --->
captcha.xml
captchaService.cfc
captchaServiceConfigBean.c
If I load captcha.cfm I get the following error:
Element HASHREFERENCE is undefined in URL.
<cfset variables.captcha = application.captcha.create
What needs to happen here?
The following code should not be in the same file as your form, and should therefore never cause an error.
Paste this code into a new file called showCaptcha.cfm. These should be the ONLY two lines of code in the file.
<cfset variables.captcha = application.captcha.create
<cfcontent type="image/jpg" file="#variables.captcha.f
Paste this code into a new file called showCaptcha.cfm. These should be the ONLY two lines of code in the file.
<cfset variables.captcha = application.captcha.create
<cfcontent type="image/jpg" file="#variables.captcha.f
ASKER
Oneiroid,
showCaptcha.cfm contains the following only:
<cfset variables.captcha = application.captcha.create
<cfcontent type="image/jpg" file="#variables.captcha.f
It is located same level as my form captcha.cfm, captcha.cfm has the following code:
<!--- CHALLENGE FORM BELOW --->
<cfset variables.captcha = application.captcha.create
<cfoutput>
<input type="hidden" name="captchaHash" value="#variables.captcha.
<img src="showCaptcha.cfm?hashR
</cfoutput>
<cfparam name="captchaText" default="">
<cfform name="form" action="Captcha.cfm" method="post">
<cfinput type="text" name="captchaText">
<cfinput type="submit" name="btnSubmit" value="submit">
<cfif captchaText eq "" or application.captcha.valida
captcha was empty or failed
<cfelseif captchaText NEQ application.captcha.valida
User is human
</cfif>
</cfform>
captcha.cfm calls showCaptcha.cfm and the jpeg is rendered. So, showCaptcha.cfm and my directory captcha that contains the service and xml file are working. The problem is the challenge form?
showCaptcha.cfm contains the following only:
<cfset variables.captcha = application.captcha.create
<cfcontent type="image/jpg" file="#variables.captcha.f
It is located same level as my form captcha.cfm, captcha.cfm has the following code:
<!--- CHALLENGE FORM BELOW --->
<cfset variables.captcha = application.captcha.create
<cfoutput>
<input type="hidden" name="captchaHash" value="#variables.captcha.
<img src="showCaptcha.cfm?hashR
</cfoutput>
<cfparam name="captchaText" default="">
<cfform name="form" action="Captcha.cfm" method="post">
<cfinput type="text" name="captchaText">
<cfinput type="submit" name="btnSubmit" value="submit">
<cfif captchaText eq "" or application.captcha.valida
captcha was empty or failed
<cfelseif captchaText NEQ application.captcha.valida
User is human
</cfif>
</cfform>
captcha.cfm calls showCaptcha.cfm and the jpeg is rendered. So, showCaptcha.cfm and my directory captcha that contains the service and xml file are working. The problem is the challenge form?
I am not quite sure what you are trying to do with that form. You are trying to submit and validate at the same time? Your captchasHash input is not between form tags. Why is your validation code inside the form?
When you say "If I load captcha.cfm I get the following error" - does that mean the error occurs when you load the page, or when you submit the form?
Also, for good measure, chnage the line
<cfelseif captchaText NEQ application.captcha.valida
to
<cfelse>
When you say "If I load captcha.cfm I get the following error" - does that mean the error occurs when you load the page, or when you submit the form?
Also, for good measure, chnage the line
<cfelseif captchaText NEQ application.captcha.valida
to
<cfelse>
ASKER
The question is how do I take input from the user and test it with what alpha char are in the jpeg?
ASKER
Oneiroid,
I get it now. The input form captcha.cfm displays the image, hides the hashID, inputs text from user, posts to the testing cfm page.
<cfform name="form" action="CaptchaResult.cfm"
<!--- create HashID then set as a variable--->
<cfset variables.captcha = application.captcha.create
<cfoutput>
<!--- Hide HashID --->
<input type="hidden" name="captchaHash" value="#variables.captcha.
<!--- reference HashID with JPEG and display JPEG --->
<img src="showCaptcha.cfm?hashR
</cfoutput>
<cfparam name="captchaText" default="">
<cfinput type="text" name="captchaText">
<!--- post form values to a results page which contains the test --->
<cfinput type="submit" name="btnSubmit" value="submit"><br>
</cfform>
captchaResult.cfm contains the test with conditional output:
<cfif captchaText EQ "" or application.captcha.valida
captcha was empty or failed
<cfelse>
human
</cfif>
I get it now. The input form captcha.cfm displays the image, hides the hashID, inputs text from user, posts to the testing cfm page.
<cfform name="form" action="CaptchaResult.cfm"
<!--- create HashID then set as a variable--->
<cfset variables.captcha = application.captcha.create
<cfoutput>
<!--- Hide HashID --->
<input type="hidden" name="captchaHash" value="#variables.captcha.
<!--- reference HashID with JPEG and display JPEG --->
<img src="showCaptcha.cfm?hashR
</cfoutput>
<cfparam name="captchaText" default="">
<cfinput type="text" name="captchaText">
<!--- post form values to a results page which contains the test --->
<cfinput type="submit" name="btnSubmit" value="submit"><br>
</cfform>
captchaResult.cfm contains the test with conditional output:
<cfif captchaText EQ "" or application.captcha.valida
captcha was empty or failed
<cfelse>
human
</cfif>
That is what the captchaHash does:
<cfif isdefined ("AuthenticateForm")>
<cfif captchaText eq "" or application.captcha.valida
captcha was empty or failed
<cfelse>
User is human
</cfif>
</cfif>
<cfform name="form" action="Captcha.cfm" method="post">
<cfset variables.captcha = application.captcha.create
<cfoutput>
<input type="hidden" name="captchaHash" value="#variables.captcha.
<img src="showCaptcha.cfm?hashR
</cfoutput>
<cfinput type="text" name="captchaText">
<cfinput type="hidden" name="AuthenticateForm">
<cfinput type="submit" name="btnSubmit" value="submit">
</cfform>
<cfif isdefined ("AuthenticateForm")>
<cfif captchaText eq "" or application.captcha.valida
captcha was empty or failed
<cfelse>
User is human
</cfif>
</cfif>
<cfform name="form" action="Captcha.cfm" method="post">
<cfset variables.captcha = application.captcha.create
<cfoutput>
<input type="hidden" name="captchaHash" value="#variables.captcha.
<img src="showCaptcha.cfm?hashR
</cfoutput>
<cfinput type="text" name="captchaText">
<cfinput type="hidden" name="AuthenticateForm">
<cfinput type="submit" name="btnSubmit" value="submit">
</cfform>
Posting at the same time. Yes, there you go, your new code looks a lot like mine now ;)
How does it work?
How does it work?
ASKER
What are you doing with <cfinput type="hidden" name="AuthenticateForm">
ASKER
Oneiroid,
I have been messing with the xml file to make adjustments on the appearence of the jpeg, but they changes do not make a difference. Height, width, backgroundColor, all do not change anything. Since this is a new issue for me I will open another question.
I have been messing with the xml file to make adjustments on the appearence of the jpeg, but they changes do not make a difference. Height, width, backgroundColor, all do not change anything. Since this is a new issue for me I will open another question.
Just using it as an example to identify the submission of a certain form / availability of a variable to compare so that you do not have to post your form to a new page.
ASKER
I'm going to increase the point value too 500 on this question because there was addtional instruction given beyond the original question. I will then split points among three members.