Some tips: Make sure the script can only be called with YOUR SITE as a referrer. Secondly, add the form to the page with javascript document.write() instead of just outputting it. Add some hidden form value with a key to match to the form which is checked before adding the remark to the shoutbox. These modifications should be enough to prevent it from being spammed.
They’re pathetic. People will spam just about EVERYTHING, they’re even spamming my bloody feedback form…
Have form? Will spam….
Basicaly that’s what happened, the bot saw a form, filled it out and submitted it. This is the first I’ve heard of a shout form getting hit though.
-tg
Why do people spam? Are there people stupid enough to respond to spam ads and buy products/services? I’m sure that’s a “Yes”; you see stupid every day.
It is like shooting with buckshot… only takes one pellet to bring home the bacon and since the buckshot if free…
Wish we could take them to small claims court like we can those who send unsolicited faxes.
My plugin was originally javascript only, now it works without js. This makes it easier for spammers to get to Wordspew.
You could take out the action=”….” in the <form> element of wordspew.php, and replace it with a bogus url. That should deter your spammers
I’ve got the 1.16 version and replaced the action value of this form with some url :
<form id="chatForm" method="post" action="<?php bloginfo('wpurl'); ?>/wp-content/plugins/wordspew/wordspew.php">
But it seems to cause a 404 error.
I could also write :
action="javascript: return '<?php bloginfo('wpurl'); ?>/wp-content/plugins/wordspew/wordspew.php'"
or modify it with some js backwards :
document.getElementById('chatForm').action = "<?php bloginfo('wpurl'); ?>/wp-content/plugins/wordspew/wordspew.php";
Would it be useful ?
Yeah, when someone deceptively attempts to subvert my protections and privacy, that I have set specifically to block them and they know it, with the intent to hock some product that couldn’t be peddled through legitimate means… the first thing I say is “Wow, this is someone I really want to conduct business with.”
🙂
