PDA

View Full Version : Blank Form being recieved, Help please?



pjskluzacek
06-15-2006, 03:42 PM
We are recieving email that is listed as "New member info" but the email is completely blank. The form has been working perfectly for months but these blank forms started poping up a couple of days ago. The form still works when ever we try it. If you go to our website www.idea-league.org (http://www.idea-league.org), click join and dont fill out the form but click submit, at least the name of the fields names are sent so where are these completely blank emails with just the title coming from? I used the php page method of submiting a form. Has anyone else ever seen this problem? Thanks!!

Paul

pjskluzacek
06-15-2006, 03:53 PM
I shouls add this is the html I used on my php thanks for joining page.
<?PHP
$email = $HTTP_POST_VARS[email];
$mailto = "XXXX@idea-league.org";
$mailsubj = "New Member info";
$mailhead = "From: $email\n";
reset ($HTTP_POST_VARS);
$mailbody = "New member info:\n";
while (list ($key, $val) = each ($HTTP_POST_VARS))
{
$mailbody .= "$key : $val\n";
}
mail($mailto, $mailsubj, $mailbody, $mailhead);
?>
The email is then forwarded by cpanel to the proper people. Thanks again.

Paul

Andy128
06-15-2006, 04:20 PM
Paul-

It is probably just someone hitting submit with out having put anything in it. How many are you receiving? If it is just a couple here and there, don't worry.

There have been recent exploits of php mailto forms across the internet. I am working on a tutorial to combat this as we speak and anticipate having it done some time this weekend. You can check back and click on the link in my signature for it.

Please post back and let me know how many you are receiving.

Andy

pjskluzacek
06-15-2006, 04:26 PM
Thanks Andy,
I just tried something by accessing the thanks you php page directly and got the exact same message so maybe someone has that address and is accessing it without going through the join us page. Ive been getting lots of them in a row like someone is using the back function.

Paul

Andy128
06-15-2006, 05:54 PM
I will be done with the tutorial by morning. Please check back and I will post it here for you.

While I do not think your form is being hijacked- the fact that you are receiving many is disconcerting. Better yet- I will post a script specific to your form for you to use.

Andy

Andy128
06-16-2006, 05:24 AM
Paul,

I did not mean to presume that you would want me to provide you with a script. If you would like the script- e-mail me as I need to know what address to put in the script so that it sends the info to your e-mail.

keith@netisopen.com

Andy