/    Sign up×
Community /Pin to ProfileBookmark

Strange results from a form… spambot?

Copy linkTweet thisAlerts:
Feb 27.2006

Hi, I’ve recently been playing with a simple HTML registration form (that stores it’s contents within a MySQL database). It validates all entries by some basic javascript, including a bit of regex so that people don’t just write twaddle. Anyway, I’ve had a few strange entries ovr the last couple of days, and I’m wondering if anyone can tell me whether this is the result of a spambot, or something similar.

There are around 10 fields in the registration form. The first dodgy result is a row which has a ‘first_name’ field as “that Content-Type: multipart/alternativ”, and all other fields of the row are blank. NB they should all be filled in – the JavaScript validator wouldn’t allow it otherwise.

Following this, there are numerous rows with all fields filled in with a bizarre email address (eg mother0389@OUR URL).

The registration form still seems to run fine for normal users, but I was wondering if anyone could explain this? Many thanks!! ?

to post a comment
PHP

3 Comments(s)

Copy linkTweet thisAlerts:
@bokehFeb 27.2006 — Yes it is a spam bot of some kind trying to send email through your mailserver. All validation carried out with Javascript should be redone serverside with PHP to stop this. Also when validating your inputs check for what they should contain and not what they shouldn't. For example a subject line should contain an alphanumeric string with spaces and maybe certain punctuation but no new lines or other symbols. Use a regex against all inputs.
Copy linkTweet thisAlerts:
@nickismeauthorFeb 28.2006 — Hm, I'll have a play with the PHP - I guess if I simply add some kind of regex which says 'ignore if string includes "Content-Type: multipart/alternative" ' I can easily eliminate any kind of attempts at HTML email spam through the form. Thanks Bokeh
Copy linkTweet thisAlerts:
@bokehFeb 28.2006 — Hm, I'll have a play with the PHP - I guess if I simply add some kind of regex which says 'ignore if string includes "Content-Type: multipart/alternative" ' I can easily eliminate any kind of attempts at HTML email spam through the form. Thanks Bokeh[/QUOTE]That is precisely what you should not be doing. When doing validation you should check for what your fields a supposed to contain not what they are not supposed to contain. The former is called whitelisting and the latter blacklisting. Whitelisting will always be a more thorough validation tool.
×

Success!

Help @nickisme spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.18,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...