I have a site that uses CFv6 for several forms. Lately we've seen an uptick in the amount of Russian-language spam form submissions (despite having a ReCaptcha v2 field set up on the form).
I'd like to set up a server side validation rule to restrict any email address entered into the form's "Email" text field that ends in ".ru".
How do I do this?
I'd like to set up a server side validation rule to restrict any email address entered into the form's "Email" text field that ends in ".ru".
How do I do this?
https://www.chronoengine.com/forums/posts/t106813/validate-data-action-and-settings
Could use the doesntContain orregex options, or use PHP
Could use the doesntContain orregex options, or use PHP
I added a doesntContain rule on the "Email" form as you suggested. When I test the form myself I can see the validation is working (i.e. if I try to put an email ending in .ru in the field) it is not accepted.
However I am still receiving junk/spam emails containing .ru email addresses. See the screen grabs below.
The spammers are somehow circumventing the field validation. What other methods could I try to stop this?
However I am still receiving junk/spam emails containing .ru email addresses. See the screen grabs below.
The spammers are somehow circumventing the field validation. What other methods could I try to stop this?
You need server validation as well. In the action tab.
I already have a "Field Validation" action on the Setup tab. See below. Or are you referring to something else?
You have an event load in the fail event of that action? Or Use validate data action and put the validation rule in it
I have an event load in the fail event of the Validate Fields action. See below. Do I also need a Validate Data action?
Give it a try can't hurt
OK, I've added it. The Validate Data action has a "Fields Setup" area. So in my case I would put in there:
email/doesntContain[.ru]
^^^ is that the correct formatting?
email/doesntContain[.ru]
^^^ is that the correct formatting?
Try it
OK, I just did. According to a CF tutorial (https://www.chronoengine.com/faqs/74-chronoforms/chronoforms6/5293-validating-fields) it looks like the Validate Data action doesn't require an event load action in its fail event.
We've been getting a lot of these spam .ru emails recently. So I guess I will know if this works if they stop!
We've been getting a lot of these spam .ru emails recently. So I guess I will know if this works if they stop!
Put one in anyway
OK, I just added one. The weird part is that it appears that the field validation based on that rule has always been working. You can see for yourself.
If you go to https://mission-bbq.com/contact and try to put any email address with an ".ru" in the Email field, it doesn't allow you to do so.
If you go to https://mission-bbq.com/contact and try to put any email address with an ".ru" in the Email field, it doesn't allow you to do so.
If you're talking about the validation on the form, it's JavaScript so can be easily deactivated. That's why you need the server validation too
Unfortunately adding the Validate Data action broke the form. When that action is added I get a "Call to undefined action" error message in the browser tab.
The incorrect part was putting the following...
email/doesntContain[.ru]
... in the "Fields Setup" portion of the Validate Data action. So that formatting is incorrect.
The incorrect part was putting the following...
email/doesntContain[.ru]
... in the "Fields Setup" portion of the Validate Data action. So that formatting is incorrect.
Also: I see you actually posted a useful list of how to use the Validate Data action at:
https://www.chronoengine.com/forums/posts/t106813/validate-data-action-and-settings?keywords=
And that post shows the formatting I tried using. So it's like "doesntContain[.ru]" is working in the validation settings of the text field itself, but that same rule isn't working when put in the Validate Data action.
https://www.chronoengine.com/forums/posts/t106813/validate-data-action-and-settings?keywords=
And that post shows the formatting I tried using. So it's like "doesntContain[.ru]" is working in the validation settings of the text field itself, but that same rule isn't working when put in the Validate Data action.
email/doesntContain[.ru]:Message to show if wrongWorks for me
This topic is locked and no more replies can be posted.
