Client side validation fails when scammers screen scrape your site and then directly send to your receiving script. You really need to consider using a server side validation.
Ken Sent from my Verizon Wireless BlackBerry -----Original Message----- From: "coder" <co...@gwelanmor-internet.co.uk> Sender: li...@webstandardsgroup.org Date: Wed, 22 Aug 2012 12:37:51 To: <wsg@webstandardsgroup.org> Reply-to: wsg@webstandardsgroup.org Subject: [WSG] More on spam traps Hi All, I have recently attempted to 'trap' spammers who use autofilling tactics on the site at www.gwelanmor-internet.co.uk. This is written in html5 and uses a mixture of simple tests to validate the form. However, yesterday I recvd a mail thus: -------------------------------------------------------------------------------- a.. name a.. igmgrtasel a.. email a.. a.. hidden a.. -9 a.. comments a.. CaWePF <a href="http://ipdszgwutyvp.com/";>ipdszgwutyvp</a>, [url=http://fkpbtvpaxitv.com/]fkpbtvpaxitv[/url], [link=http://rtcdalwdjrkb.com/]rtcdalwdjrkb[/link], http://xsejahukjzdr.com/ a.. send a.. send message . -------------------------------------------------------------------------------- The script I used to validate the form is this: <script type="text/javascript"> function validateForm() { var x=document.forms["contact"]["email"].value; var atpos=x.indexOf("@"); var dotpos=x.lastIndexOf("."); if (atpos<1 || dotpos<atpos+2 || dotpos+2>=x.length) { alert("This is Not a valid e-mail address"); return false; } // var y=document.forms["contact"]["hidden"].value; if (y==null || y=="") { return true;} else { alert("I think you are a machine") return false; } } <!--// --> function check(node) { var re = new RegExp('[<>\[\\]]', 'g'); document.getElementById('send').disabled = re.test(node.value); } </script> and it works locally and online. However the mail I quote from above is completely unaffected. Does this mean I give up trying, or what? Any thing? Thanks, Bob ******************************************************************* List Guidelines: http://webstandardsgroup.org/mail/guidelines.cfm Unsubscribe: http://webstandardsgroup.org/join/unsubscribe.cfm Help: memberh...@webstandardsgroup.org ******************************************************************* ******************************************************************* List Guidelines: http://webstandardsgroup.org/mail/guidelines.cfm Unsubscribe: http://webstandardsgroup.org/join/unsubscribe.cfm Help: memberh...@webstandardsgroup.org *******************************************************************
