Colin, I am afraid I do not know if there is a way of making the PHP
Feedback form configuration more secure but if your server permits the
use of ioncube decoders then you can use the ‘PHP easiForm’ actions
for your form ($20 per domain).
Once you have set your form up with the actions then you can do the
following to make the forms even more secure:
Select ‘Disallow HTML’ from the ‘HTML Filter menu’
Set the ‘Block domain’ menu to ‘yes’
Set the action to ‘Advanced’ and there you can add badwords (I find
adding ‘http:,[url’ without the quotes to the badwords field tends to
block fairly much everything) but you can add/adjust these to suit
If you have selected a confirmation to be sent to the sender then
enter the address of the web form into the ‘Footer email’ field and
not an email address.
If you want to go a little further then if you get the PHP easiForm
and PHP easuCaptcha bundle ($30 per domain) you can also add an image
or math question captcha to your form.
Hi Mike, Thanks for that. I am aware of these actions and will give it some thought. I do actually have another PHP form system which works, but it writes its own page. I wanted the form to be part of my site looks wise…
The PHP easiForm actions can generally fit in with the page design…
although if everything on the page is layered then the error text
output from the PHP easiForm Errors action when users do not fill in
required fields may overlap the other form items, this is why it best
to use non layered items for forms while using the actions although
this also depends on your forms design and that way the items below
the error text move down to compensate for this.
On Oct 27, 2008, at 10:27 AM, colinowen wrote:
Hi Mike, Thanks for that. I am aware of these actions and will give
it some thought. I do actually have another PHP form system which
works, but it writes its own page. I wanted the form to be part of
my site looks wise…