Welcome Guest.   Make a donation to an author on the site May 24, 2013, 03:40:29 PM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.

You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
View the new Member Awards and Badges page.
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
+  DonationCoder.com Forum
|-+  Other Software
| |-+  Developer's Corner
| | |-+  PHP post form for bug reports and feedback
Pages: [1]   Go Down
« previous next »
  Reply  |  New Topic  |  Print  
Author Topic: PHP post form for bug reports and feedback  (Read 960 times)
Apathetic_Coding
Honorary Member
**
Posts: 27



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« on: June 01, 2011, 10:43:55 AM »
I am currently looking into using PHP and Get/Post functions to give my app the ability of sending user feedback or bug reports via an html form on our site. We are currently just sending these through POP3. I have never done any heavy work in PHP so I have a few concerns about the security downfalls of doing something like this.

Any opinions? Could I be going about this the wrong way?
Logged
Apathetic_Coding
Honorary Member
**
Posts: 27



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #1 on: June 01, 2011, 10:46:09 AM »
just realized I should have posted this in the Developers Corner board. Can I get this moved please?  embarassed
Logged
justice
Supporting Member
**
Posts: 1,857



Solve issues simply.

View Profile WWW Give some DonationCredits to this forum member
« Reply #2 on: June 03, 2011, 07:46:47 AM »
Form Security Anti Spam Techniques:
* a salted hash (hash1) that is unique to each session, and is unique everyday is generated and added to the form
* a differently salted hash (hash2) of the above is added to the session on the server
* when submitted we generate hash 2 from hash1
* if it is not the same then session or date is different, no submit
* on sending the form the session var is deleted, so resubmitting the same form is not possible'
* emails can only have a max of 3 urls
* emails cannot contain certain spamwords
* a  anti-spamid is added to each email that is only known to angus college so email filters can be adjusted for this if necessary
* when the page is opened and submitted, the time is recorded and compared. If the page is submitted within X seconds, the form will not be emailed to combat auto form filling software where humans are quickly manually filling in forms.

That's what I built on the website I maintained at work (not in php). And you can get the spamwords list from the wordpress codex.
« Last Edit: June 03, 2011, 08:01:17 AM by justice » Logged
Bard        S.VanDragt.com
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
« previous next »



[ may-june 2013 ad experiment; click here to learn more about donationcoder.com ]


 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.034s | Server load: 0.14 ]