Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: General / Classic ASP versions(v3.4.XX)
 Send Topic to a Friend CAPTCHA		  New Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Webbo
Average Member

United Kingdom
982 Posts
Posted - 26 August 2015 :  05:11:56  Show Profile  Visit Webbo's Homepage  Reply with Quote
Is it possible to add CAPTCHA to the popup form that is displayed when 'Send Topic to a Friend' is used?


I've got the following code within contact.asp which would look consistent if used....


      "                 <td bgColor=""" & strPopUpTableColor & """ align=""right"" nowrap><b><font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """>Enter Code:</font></b></td>" & vbNewLine & _
      "                 <td bgColor=""" & strPopUpTableColor & """>" & vbNewLine
strRCCode = Request.QueryString("rc")
strRC = Request.QueryString("code")
strRCP = Request.QueryString("p")
If strRC = "image" then
   NullStop = False
   RandCode = (strRCCode + 17456) / 50000
   lenCode = Len(RandCode)
   If LenCode < 6 and Nullstop = False then
   For J = 1 to (6 - LenCode)
      NullRC = NullRC & "0"
   Next
   NullStop = True
   End If
   RandCode = NullRC & RandCode
   ImageP = Mid(RandCode, strRCP,1)
   Response.Redirect "images/" & ImageP & ".gif"
End If

HowManyNbr=6
         NumbersToShow = ""
      Randomize
         For I = 1 to HowManyNbr
         NumbersToShow = NumbersToShow & Fix(9*Rnd)
      Next
      RandomizedCode = NumbersToShow * 50000 - 17456
      NullStop = False
      For I = 1 to HowManyNbr
         Response.Write  "    <img src='contact.asp?code=image&rc=" & RandomizedCode &"&p=" & I & "' border='0' alt='Code'>"
      Next
   Response.Write "   <input type=""hidden"" name=""Coder"" value=""" & RandomizedCode & """>" & vbNewLine & _
                  "   <input type=""text"" name=""code"" size=""" & HowManyNbr & """ maxlength=""" & HowManyNbr & """></td>" & vbNewLine & _




Thanks
Edited by - Webbo on 26 August 2015 05:16:51

HuwR
Forum Admin

United Kingdom
20584 Posts
Posted - 26 August 2015 :  10:37:01  Show Profile  Visit HuwR's Homepage
looks like it would work ok
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20584 Posts
Posted - 26 August 2015 :  10:41:51  Show Profile  Visit HuwR's Homepage
Is there a particular reason you wanted to add a captcha on this? Only logged in members should be able to access the form anyway.
MVC .net dev/test site | MVC .net running on Raspberry Pi
Go to Top of Page

Webbo
Average Member

United Kingdom
982 Posts
Posted - 26 August 2015 :  13:47:51  Show Profile  Visit Webbo's Homepage
Hi Huw,

As part of the server change I'm undergoing (yes, we are nearly there :) ) one big issue was identified and that was there were 8 php scripts embedded within the site files that were generating large amounts of spam mail.

It amounted to over 3miilion emails blocking the email queue. However these were not noticed earlier as we used another server to handle the mail, not the dedicated server we were on for the site
According to our hosts the scripts were using other mail scripts/forms to send the emails and have advised that we implement CAPTCHA into all scripts that are used to send mail.

I've already got the code above in the contact.asp file
Other files within the site have been modified to send users to this file to contact us, but the one remaining one is the 'send topic to a friend' file/form

The php files were deeply embedded in various directories throughout the site; similar to the issue involving Drupal prior to the updates earlier this year. However we don't use Drupal, Wordpress or any other content management software so am surprised how they managed to get there.
Edited by - Webbo on 26 August 2015 13:48:48
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20584 Posts
Posted - 27 August 2015 :  04:48:23  Show Profile  Visit HuwR's Homepage
I would doubt very much if the problem exists in send to friend as it requires a logged in forum user so a script should not be able to execute it.
MVC .net dev/test site | MVC .net running on Raspberry Pi
Go to Top of Page

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 27 August 2015 :  06:23:57  Show Profile
Changing ASP pages to incorporate CAPTCHA will not affect the PHP scripts in any way, you're wasting your time. They can/will still use the PHP scripts directly without any interaction from the ASP pages. The real solution is to eliminate the PHP files and secure against someone adding them in the future.
Go to Top of Page

Webbo
Average Member

United Kingdom
982 Posts
Posted - 27 August 2015 :  15:08:14  Show Profile  Visit Webbo's Homepage
Thanks, the pho files are gone and some code is being added in so that it will make it easier to identify any future scripts should it happen again
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20584 Posts
Posted - 28 August 2015 :  04:56:10  Show Profile  Visit HuwR's Homepage
hopefully you won't get any more problems
MVC .net dev/test site | MVC .net running on Raspberry Pi
Go to Top of Page

Webbo
Average Member

United Kingdom
982 Posts
Posted - 28 August 2015 :  11:45:47  Show Profile  Visit Webbo's Homepage
The only problem I can envisage over the next fortnight is an over consumption of Pasties and Cider as I'll be sunning myself (hopefully) in Cornwall
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20584 Posts
Posted - 28 August 2015 :  11:50:26  Show Profile  Visit HuwR's Homepage
Nice, where in Cornwall are you going? my dad lives just outside St Austell

I'm off to the new forest for a damp weekend of camping
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.32 seconds. Powered By: Snitz Forums 2000 Version 3.4.07