WordPress.org

Ready to get started?Download WordPress

Forums

Fast Secure Contact Form
vCita and Captcha linked? (5 posts)

  1. bluemoon62
    Member
    Posted 1 year ago #

    I've been disappointed and frustrated with FSCF ever since I discovered that vCita is all over my database in the form of transient files, which is odd since I do not want or use it and have it UNchecked in all of my forms.

    One of its files in the wp_options table of the database was a very long base64 string that should be against the rules for clean WP coding. When partially decoded, it appeared to be in Russian! I deleted it.

    I found that it was also leaving a "hidden" javascript on my pages as a form of spyware or adware and confirmed that others have complained about a javascript on their pages.

    I reluctantly updated the FSCF plugin to the newest version yesterday. Then I renamed the vCita folder and its javascript contents to help block activity from it.

    Now the forms are not working because it won't recognize the corectly-entered Captcha code. It appears as if vCita is tightly integrated with the Captcha and is blocked if the vCita folder is altered. : (

    The creator of the form is making money by partnering with vCita, but he is harming his reputation and angering a lot of users that trusted his plugin. It seems that the only way to get rid of vCita is to get rid of an otherwise excellent plugin and find a replacement.

    http://wordpress.org/extend/plugins/si-contact-form/

  2. Mike Challis
    Member
    Plugin Author

    Posted 1 year ago #

    vCita and Captcha are not linked. If the CAPTHA is not working you can post a separate request to find the cause.

    vCita it is not spyware or adware. vCita is a hosted meeting scheduler service that is used by many of the form users who want to be able to have their form set a meeting appointment. It can be turned off if you are not going to use it.

    The new version 3.1.8.2 does not store session files in the database anymore. It also cleans up what was previously used there. Did you try it?

    vCita is not s Russian company, I not sure what happened with the transient. The plugin is open source, there is nothing bad hidden in it.

    When using the latest version, vCita will not leave any javascript on your page if it is disabled. Older versions might have still loaded the javascript because of a coding error, not for any malicious reasons. The javascript it uses is just to place the 'set a meeting' button in the correct location on the page.

  3. bluemoon62
    Member
    Posted 1 year ago #

    Thanks for your response.

    The Captcha worked fine until I updated the software so I assumed that the reason it wasn't working is because I renamed the vCita directory and its contents. The form is broken if the Captcha won't let a message send even if it's entered correctly numerous times.

    The long string in the base64 code was part of a FSCF KWS Ad in Wp Options as follows;

    <style>
    #kws_message {
    width:820px;
    font-size: 1.1em;
    }
    #kws_message h3 {
    display: block;
    margin: 1em 0 0 0;
    clear: both;
    }
    #kws_message .cc_logo {
    padding-top: .75em;
    }
    </style>

    <div id="kws_message" class="updated">
    <img alt="Constant Contact" src="data:image/png;base64,---- a very, very, very, very, very long obscure code here--"" width="187" height="27" />
    <h3>Add Users to a Newsletter</h3>
    <p>When your form gets submitted, add the contact to a Constant Contact email newsletter.</p>
    <p>With Constant Contact, use attractive, professional-looking email communications to stay in regular touch with your customers and build strong customer relationships.</p> <p>Install the Newsletter Plugin Learn More About Constant Contact</p>
    <img height="1" width="1" border="0" style="display: none;" src="http://tracking.katzseo.com/tracking#/static/gpx.php?amount=" />
    </div>

    Was that for an ad in the admin panel? If it's legit, why the need for an obscure base64 code? What is it tracking?

    It's too bad that you can't keep that software completely separate from the form for those that are not interested in it.

  4. Mike Challis
    Member
    Plugin Author

    Posted 1 year ago #

    >Was that for an ad in the admin panel?
    It is for the message that tells you about the availability of the Contact Contact addon for my plugin.

    >If it's legit, why the need for an obscure base64 code?
    The base64 code is just the image cached so it does not have to hit the server everytime you load the page. That is what WordPress transients do, cache things for better server performance.

  5. bluemoon62
    Member
    Posted 1 year ago #

    Thanks for the explanation.

    I guess people have to figure out if the extra overhead for something they aren't using is worth it, whether it's cached or not.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags