Jump to content


Photo

PHP Application Form help


  • Please log in to reply
18 replies to this topic

#1 RSprinkel

RSprinkel
  • Members
  • PipPipPip
  • Advanced Member
  • 69 posts

Posted 26 August 2006 - 11:35 AM

Hi all,

I am having a major issue with one of my application forms I have on my racing league site.

Seems it is being hit by bots or something cause I get an email with the details and in all the fields where the member info is supposed to be is full of links to junk and trash sites.  Is there any way to put a stop to this without having to go through passwording the directory?

The odd thing about this is, is I actually have 2 join forms on my site and this is the ONLY one getting hit like this.  The other one is in another directory.

Thanks very much for your time in Advance.

RSprinkel
RSprinkel
A PHP/MySQL NOVICE I AM

#2 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 11:42 AM

use this

www.digitalmidget.com/php_noob2006/captcha.php

been recomended a fair bit

basicaly user has to type the word that is in the picture else they cant sign up :)

regards
Liam
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#3 RSprinkel

RSprinkel
  • Members
  • PipPipPip
  • Advanced Member
  • 69 posts

Posted 26 August 2006 - 12:20 PM

Liam,

THanks for your prompt reply.  I do like the utility but I have an issue using that.

First I am in no way a PHP expert and my problem is this.  I have a join.php form which is actually just an html form and when the user clicks the submit button it calls another php script that actually process's the information which does all the error checks and stuff then places the info into a database, so I am not totally sure as to what php script to place this in.

Again thank you for your reply.

Ron
RSprinkel
A PHP/MySQL NOVICE I AM

#4 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 12:41 PM

cant you just change the plain html page to .php? wouldnt be too hard.. or is the php on seperate server? if so then im really not sure except from possibly logging IP addresses and then u will see the common one straight away.. or seta  cookie on the html page with java m,aby then check on the php page?

Liam
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#5 RSprinkel

RSprinkel
  • Members
  • PipPipPip
  • Advanced Member
  • 69 posts

Posted 26 August 2006 - 12:51 PM

well the form is actually labeled as .php but there is no <?php ?> brackets in the form.  Actually the form was designed for me for another type of site and I just modified the contents to fit this site.  Once the form is completed it posts in a form called process_app.php which does all the error checking and stuff.

I wish I knew how to convert both forms into one which would simplify the matter, but unfortunately I don't have the knowledge to do so and I wouldn't even know where to start.

Again Thanks for the reply.
RSprinkel
A PHP/MySQL NOVICE I AM

#6 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 12:53 PM

well paste the code from both pages and we will see what we can do for you mate?
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#7 RSprinkel

RSprinkel
  • Members
  • PipPipPip
  • Advanced Member
  • 69 posts

Posted 26 August 2006 - 12:57 PM

Are you sure, LOL?  Lot of code here
RSprinkel
A PHP/MySQL NOVICE I AM

#8 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 01:04 PM

depends how much u mean by alot? over 200 lines? shouldnt matter too much as most of the forms part will be kind of glanced over but the main code is the processing code for your php file that u submit to.
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#9 RSprinkel

RSprinkel
  • Members
  • PipPipPip
  • Advanced Member
  • 69 posts

Posted 26 August 2006 - 01:06 PM

Join form is 296 lines.  Process App is 166 lines
RSprinkel
A PHP/MySQL NOVICE I AM

#10 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 01:07 PM

yeah go for it then.. i've seen bigger posted :) else just make a copy on your server and save as .phps and then show us a link to them..
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#11 RSprinkel

RSprinkel
  • Members
  • PipPipPip
  • Advanced Member
  • 69 posts

Posted 26 August 2006 - 01:13 PM

Ok I will give the links to them.

http://www.cfrlracing.com/php_forms/

again THANKS Much in ADVANCE
RSprinkel
A PHP/MySQL NOVICE I AM

#12 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 01:14 PM

you have saved as php not .phps so we can't read the code..
.phps will show us all the code instead of executing it
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#13 RSprinkel

RSprinkel
  • Members
  • PipPipPip
  • Advanced Member
  • 69 posts

Posted 26 August 2006 - 01:20 PM

ahh sorry, ok I have fixed that now.

Sorry :-(
RSprinkel
A PHP/MySQL NOVICE I AM

#14 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 01:50 PM

1 way could be in first page join_form.php at the top add

<?php
start_session();
$_SESSION['formjoin']='yes';
?>

and then in process_app.php you can change

also add start_session(); to the top of process_app.php

if((!$fname) || (!$lname) || (!$address) || (!$city) || (!$state) || (!$zip) || (!$country) || (!$email) || (!$age) || (!$rules) || (!$answer) || (!$username) || (!$password)){

to

if((!$fname) || (!$lname) || (!$address) || (!$city) || (!$state) || (!$zip) || (!$country) || (!$email) || (!$age) || (!$rules) || (!$answer) || (!$username) || (!$password) || ($_SESSION['formjoin'] !== 'yes')){
    echo 'You did not submit the following required information! <br />';
    if($_SESSION['formjoin'] !== 'yes'){
        echo "Please sign up from our page.<br />";
    }
then right at the bottom of the page put $_SESSION['formjoin']='no';

I think that should do the trick for you mate :)
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#15 RSprinkel

RSprinkel
  • Members
  • PipPipPip
  • Advanced Member
  • 69 posts

Posted 26 August 2006 - 02:08 PM

Ok I did all of this and now I am getting this error on line 2:

Fatal error: Call to undefined function: start_session()
RSprinkel
A PHP/MySQL NOVICE I AM

#16 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 02:13 PM

sorry it's session_start(); i always get it wrong way :S
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#17 RSprinkel

RSprinkel
  • Members
  • PipPipPip
  • Advanced Member
  • 69 posts

Posted 26 August 2006 - 02:22 PM

ok that worked great, now will this stop all the other crazy entries I have been getting or do I still need to do the Captcha thing?


RSprinkel
A PHP/MySQL NOVICE I AM

#18 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 02:43 PM

yeah should work without that but i would recomend Captcha over my way as it's more secure..
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#19 RSprinkel

RSprinkel
  • Members
  • PipPipPip
  • Advanced Member
  • 69 posts

Posted 26 August 2006 - 04:23 PM

Ok Thanks for all your help.  Very much appreciated.  I will see if I can get that captcha thing going.

Then on to another project that is probably over my head, LOL.
RSprinkel
A PHP/MySQL NOVICE I AM




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users