ProcessForm/NateMail 4?
As posted on this site’s “Form Processing” page, the NateMail and ProcessForm projects had been put on hold due to a lack of development time and resources. Well, I’m not content to leave things that way… I hope to get back into development within the next couple weeks.
If anyone has any suggestions or feature requests, I’d appreciate any input here. Otherwise, I intend to completely re-write the scripts with more up-to-date coding practices. I’d also like to expand on the MySQL integration features and greater improve the customization options for both the confirmation page and the error page. I also need to build in the captcha security features and somehow make that easier to install and use. Now, if I can just free enough time to get the ball rolling again…
November 14th, 2007 at 12:19 am
Hello Nate
If there is a safe way to give visitors an automated reply after they have submitted the form, that woul’d be nice.
I’m looking forward to your new script.
regards,
Petran
November 16th, 2007 at 6:18 pm
Your last Script is a great addition for using Forms. Love to see you develop a more updated ProcessForm Script. It would be very nice if you could develop one that has more up-to-date security measures… Don’t see anyone else making a secure script that has the user friendly script like ProcessForm.
Looking forward to the new release. Sign me up once it’s done!
Thank you,
Mike D.
November 16th, 2007 at 7:57 pm
Thanks Mike - mind if I ask what kind of updated security measures you’re referring to (if you had anything specific in mind)?
November 26th, 2007 at 9:24 pm
thanks
December 2nd, 2007 at 1:18 pm
Sorry for the slow response!
I was speaking in general. Since I’m not a programmer I’m not aware of what security measures could be updated, but in reading your notes on ProcessForm 3.0.14, you say that this script is generally not intended to be used for sensitive information. So I was referring to something that can not be read/viewed by any outside source.
Once again I’m looking forward to Version 4.
December 19th, 2007 at 6:22 pm
Multiple page forms (for L O N G forms)
January 1st, 2008 at 12:58 am
Hi Nate
Possible exploit found on your ProcessForm.
Nate, one of my processforms seems to be exploited, somehow spammers are defeating the maxlenght=”" and submitting as much as they want even though I have it set to a fixed amount and under 30.
Im saving said email responses when I discovered this, and will let you do whatever you need, login, etc) to get at this exploit.
Hope to see you back soon.
Al Guevara
January 1st, 2008 at 11:06 am
Hi Al - most likely, the spammer isn’t using your for (assuming that’s where you have the maxlength set for the field). It’s much easier for them to make their own form and submit directly to the script (spoofing the referrer headers), which would by-pass any protections you’ve put in the form page. To force entries to at least go through your form initially (and eliminate most bot-submitted spam), you’d need a security confirmation image, like this one:
http://www.mindpalette.com/tutorials/captcha
Otherwise, might want to take this to the support forum:
http://www.mindpalette.com/forum
May 5th, 2008 at 10:57 am
Hi Nate -
I love your script and have been using it a couple of years. The only enhancement I’d like to see is customized error pages. I’d love to be able to apply simple customization as we’re able to do with the confirmation page. That’s it! Can’t wait to see the update.
Thanks again, Nate!
Dawn