Hi
I’ve got a website which uses a mysql database.
There’s a comments table, and there’s normally a comments form (method=post) on the site which users can complete to leave a message.
Somebody is (right now) filling out this form and filling up the database with junk. I have removed the comments box therefore making it (I thought) impossible to continue posting to my database. However they are still managing to insert into the database tables!
Does anyone have any explanations for how someone is doing this, and better still, what I can do about it?
Many thanks
Probably they are sending values directly to the script that was called by the form. Eliminate that script, and they won’t be able to spam anymore.
As for a more longterm solution that gives you the possibility to put the comments form back on your site, you might want to look into captcha.
Thanks for the reply, the thing is, i’ve already removed the script the allows them to post to the database, and i’m using recaptcha already…
Any other ideas?
I’d just like to say I’ve solved this particular problem.
I was being incredibly stupid and forgot about some rogue SQL code I had on my site testing something out,
Doh!