Forums

I've got a new Chronoforms install that just went live yesterday. Since then I've been receiving numerous form submissions which are completely empty of content. They are not completing the fields - and I have numerous required fields.
​
I tested my form and was not able to send an empty submission bypassing CAPTCHA, and I was not allowed to enter spaces in the fields. So I'm not sure what is happening. If I had to guess I'd say they are spam attempts as they are coming in batches of 2-4 periodically, but again there is nothing in the fields. It's just totally blank. I do have a template and the output of the template is coming through; just without any of the fields completed.
​
I'm not sure how this is happening and with the testing I just mentioned I've exhausted any ideas I have. How are they able to do this and how do I make it stop?

Hi emills01,
​
Please make sure that you have serverside validation enabled - it is most likely that there is something scanning your site and checking all the URLs (it may even be a securoty feature on your host). Clientside validation relies on JavaScript being enabled and will not block this kind of 'submission'.
​
Bob

Make sure you're either using the "check security fields" option OR are using the check recaptcha action.

Please make sure that you have serverside validation enabled

I'm assuming this is "Validate Data" under Security under Setup...where does this go in the form? I can't find any instructions specific to Chrnonoforms 6 which I'm using, only 4 & 5.
​

Make sure you're either using the "check security fields" option OR are using the check recaptcha action.

I do have "Check Recaptcha" placed in Setup > Submit

And so you have an event load in the fail event?

And so you have an event load in the fail event?

I do not - just to make sure I'm perfectly clear, "Event Loader" under Basic should be placed inside Submit > Fail?

You need an event loader to go back to load in thefail event or it will continue executive

Is this correct? Is there anything else I'm missing?
​

Yes that will be correct

Please make sure that you have serverside validation enabled - it is most likely that there is something scanning your site and checking all the URLs (it may even be a securoty feature on your host). Clientside validation relies on JavaScript being enabled and will not block this kind of 'submission'.

​
Is this still necessary as well, and if so how do I implement it for CF 6 (Wordpress)?

Server side validation is always necessary

OK, great. Is there a guide for how to set this up specifically for CF 6 for Wordpress?

No you just need to use the validation actions in your submit event OR turn on the validation options on the first tab - "Enable server validations" and "Check security fields"

validation options on the first tab

I don't see this - could you clarify?

Emills the "Validation Options" you can only see if you switch to New 6.1.
Although, in my case, it didn't solve the empty messages issue.

The empty message ratio has now grown exponentially, around half of emails are received wih no text.