View Full Version : Blank Form being recieved, Help please?

06-15-2006, 03:42 PM
We are recieving email that is listed as "New member info" but the email is completely blank. The form has been working perfectly for months but these blank forms started poping up a couple of days ago. The form still works when ever we try it. If you go to our website www.idea-league.org (http://www.idea-league.org), click join and dont fill out the form but click submit, at least the name of the fields names are sent so where are these completely blank emails with just the title coming from? I used the php page method of submiting a form. Has anyone else ever seen this problem? Thanks!!


06-15-2006, 03:53 PM
I shouls add this is the html I used on my php thanks for joining page.
$email = $HTTP_POST_VARS[email];
$mailto = "XXXX@idea-league.org";
$mailsubj = "New Member info";
$mailhead = "From: $email\n";
reset ($HTTP_POST_VARS);
$mailbody = "New member info:\n";
while (list ($key, $val) = each ($HTTP_POST_VARS))
$mailbody .= "$key : $val\n";
mail($mailto, $mailsubj, $mailbody, $mailhead);
The email is then forwarded by cpanel to the proper people. Thanks again.


06-15-2006, 04:20 PM

It is probably just someone hitting submit with out having put anything in it. How many are you receiving? If it is just a couple here and there, don't worry.

There have been recent exploits of php mailto forms across the internet. I am working on a tutorial to combat this as we speak and anticipate having it done some time this weekend. You can check back and click on the link in my signature for it.

Please post back and let me know how many you are receiving.


06-15-2006, 04:26 PM
Thanks Andy,
I just tried something by accessing the thanks you php page directly and got the exact same message so maybe someone has that address and is accessing it without going through the join us page. Ive been getting lots of them in a row like someone is using the back function.


06-15-2006, 05:54 PM
I will be done with the tutorial by morning. Please check back and I will post it here for you.

While I do not think your form is being hijacked- the fact that you are receiving many is disconcerting. Better yet- I will post a script specific to your form for you to use.


06-16-2006, 05:24 AM

I did not mean to presume that you would want me to provide you with a script. If you would like the script- e-mail me as I need to know what address to put in the script so that it sends the info to your e-mail.