SitePoint Sponsor

User Tag List

Results 1 to 10 of 10
  1. #1
    SitePoint Enthusiast sophieschoice's Avatar
    Join Date
    Mar 2009
    Location
    Belgium
    Posts
    33
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Looking for a secure contact form

    Hi,

    I am looking for a secure contact form that I can implement in my website. I found some scripts with Google, but when I read the comments I saw warnings that these scripts weren't secure (prone to injections etc.). Is there a good script out there that is known to be secure and thus safe to use?

  2. #2
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,319
    Mentioned
    462 Post(s)
    Tagged
    8 Thread(s)
    Hi sophieschoice. There are lots of them, indeed. I have a long list bookmarked, but have a look at this one, which is very secure and also very accessible:

    http://green-beast.com/blog/?p=128

    Edit:

    Actually, there's a version 3 new:

    http://green-beast.com/gbcf-v3/

  3. #3
    SitePoint Enthusiast sophieschoice's Avatar
    Join Date
    Mar 2009
    Location
    Belgium
    Posts
    33
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ralph.m View Post
    Hi sophieschoice. There are lots of them, indeed. I have a long list bookmarked, but have a look at this one, which is very secure and also very accessible:

    http://green-beast.com/blog/?p=128

    Edit:

    Actually, there's a version 3 new:

    http://green-beast.com/gbcf-v3/

    Hi Ralph,

    Thank you very much! This script sounds indeed very good, I am going to play with this one!

    Do you perhaps know if this one is also a secure script? http://www.html-form-guide.com/conta...tact-form.html

  4. #4
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,319
    Mentioned
    462 Post(s)
    Tagged
    8 Thread(s)
    Quote Originally Posted by sophieschoice View Post
    Do you perhaps know if this one is also a secure script? http://www.html-form-guide.com/conta...tact-form.html
    I just downloaded it and had a look at the code. It looks pretty secure to me, though I don't have the most expert eye by a long shot. It checks for a valid email address, and protects your fields from malicious injections, so that's pretty good. It doesn't check so well that some silly characters are entered into some fields, though, which is a minus.

  5. #5
    SitePoint Zealot 2ndmouse's Avatar
    Join Date
    Jan 2007
    Location
    West London
    Posts
    196
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Just a thought, but why not add a field to your form that asks a question like 8-2+3= and validate it on your action page.
    Bots can't answer questions and probably wouldn't know if a question even existed. I've used this concept for years and never had a problem (famous last words)

    As I said - just a thought.
    Detect file changes remotely. SimpleSiteAudit is an early
    warning anti-hacker system which sends an alert on detection.

    PHP Find Orphan Files - Finds all the unreferenced files on your site.

  6. #6
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,319
    Mentioned
    462 Post(s)
    Tagged
    8 Thread(s)
    Quote Originally Posted by 2ndmouse View Post
    Just a thought, but why not add a field to your form that asks a question like 8-2+3= and validate it on your action page.
    The first form I linked to actually has something like that. Personally, if I have something like that, I prefer to hide it in a "honeypot" field. An alternative is to have a time stamp on the form. There was a nice discussion about these options here:

    http://www.sitepoint.com/forums/show...-Use&p=5144556

  7. #7
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Wufoo...secure as can be. Let someone else handle the forms and their security. (It is free enough for simple sites and contact forms!)
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  8. #8
    SitePoint Member
    Join Date
    Aug 2013
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Is Green-Beast still your preferred contact page security provider?

    Quote Originally Posted by logic_earth View Post
    Wufoo...secure as can be. Let someone else handle the forms and their security. (It is free enough for simple sites and contact forms!)
    Hi, it's been almost a year since you recommended Green-Beast. Are they still your favorite? I need to implement a super simple contact form where the user types in a name, phone and email and clicks Submit, and an email goes to a hard-coded email address. I don't want bad guys to do anything malicious like send spam from the site.

  9. #9
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    17,258
    Mentioned
    196 Post(s)
    Tagged
    2 Thread(s)
    Hi TanyaS, welcome to the forums.

    Generally it's a very poor idea to revive old threads as the participants are unlikely to see your post.

    I think you quoted the wrong member, I think you meant @ralph.m ; no?

  10. #10
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,319
    Mentioned
    462 Post(s)
    Tagged
    8 Thread(s)
    Quote Originally Posted by TanyaS View Post
    you recommended Green-Beast. Are they still your favorite?
    It's certainly a reputable option, so worth a look, for sure.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •