>- see footer for list info -< OK. I see that it only affects forms fields used in <CFMAIL>
<CFMAIL TO="[EMAIL PROTECTED]" FROM="#form.email#" SUBJECT="#form.subject#"></CFMAIL> So would have to do the <CFSET form.email = ReplaceList(form.email,"#Chr(13)#,#Chr(10)#", "")> <CFSET form.subject = ReplaceList(form.subject,"#Chr(13)#,#Chr(10)#", "")> Before sending the mail. Allan P.S. Its amazing what you learn if you read the articles right to the end! 8-) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Allan Cliff Sent: 13 September 2005 16:07 To: Coldfusion Development Subject: RE: [CF-Dev] spammers using your contact forms >- see footer for list info -< I don't fancy ploughing through all the recent projects I've done so... I assume that this would only affect forms where: 1. An email address length which isn't checked to be under X length? 2. You have a textarea field? Can someone explain in simple terms what they are doing to compromise the forms. Thanks Allan -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 13 September 2005 15:56 To: Coldfusion Development Subject: Re: [CF-Dev] spammers using your contact forms >- see footer for list info -< Looks like I have that problem with spammers, too. I've used added a randomized number sent as a session variable and compared to a form field. The user has to enter this number to send the contact form. http://www.fasttrackonline.co.uk/contact-us.cfm Is this going to be enough to stop the little darlings? Thanks, Jenny ----- Original Message ----- From: "Duncan Cumming" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Tuesday, September 13, 2005 2:26 PM Subject: Re: [CF-Dev] spammers using your contact forms >- see footer for list info -< that looks good. I've noticed this happening recently too, so will try it out shortly myself. Duncan Cumming New Media Developer Customer Relations Management / Education Fife Council 700 4105 / 01592 414105 >>> Damien Gallagher <[EMAIL PROTECTED]> 13/09/2005 13:33 >>> >- see footer for list info -< Just seen Russ's security announcement about spammers being able to use your contact forms. Had a look round the net and found the solution seems to be to strip out chr(10) and chr(13) from any field that will appear in the message header (eg. reply-to). Can anyone see anything wrong with the code below? #ReplaceList(form.email,"#Chr(13)#,#Chr(10)#", "")# Thanks, Damien _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- Hosting provided by www.cfmxhosting.co.uk -< >- Forum provided by www.fusetalk.com -< >- DHTML Menus provided by www.APYCOM.com -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help >-< ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed and should not be disclosed to any other party. If you have received this email in error please notify your system manager and the sender of this message. This email message has been swept for the presence of computer viruses but no guarantee is given that this e-mail message and any attachments are free from viruses. Fife Council Tel: +44 (0) 1592 414141 ********************************************************************** _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- Hosting provided by www.cfmxhosting.co.uk -< >- Forum provided by www.fusetalk.com -< >- DHTML Menus provided by www.APYCOM.com -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help >-< _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- Hosting provided by www.cfmxhosting.co.uk -< >- Forum provided by www.fusetalk.com -< >- DHTML Menus provided by www.APYCOM.com -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help >-< ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- Hosting provided by www.cfmxhosting.co.uk -< >- Forum provided by www.fusetalk.com -< >- DHTML Menus provided by www.APYCOM.com -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help >-< ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- Hosting provided by www.cfmxhosting.co.uk -< >- Forum provided by www.fusetalk.com -< >- DHTML Menus provided by www.APYCOM.com -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help -<
