Help Center Live Community

Development => Core System Development => Topic started by: victor on February 26, 2008, 05:47:20 PM

Title: [FIX] Securing Contact Form V1.0
Post by: victor on February 26, 2008, 05:47:20 PM
Hi, we've developed a small JS to prevent blank emailing from the HCL Contact Form.  As you know, in the current installation everyone can send a blank messages from the contact form.  These is a temporary fix, and it's not currently validating all fields as it should, but it will prevent the blank emailing option.

Complexity: Low
Time: ~ 5 Minutes
HCL Version: 2.1.5

1.- Download the script.js and copy it to your HCL folder (ex. hcl/script.js)
2.- Open the following file hcl/templates/Bliss/live_divert.tpl (change Bliss for G if you are using the G tamplate)
3.- Aprox on line 11 find {/if}.  Before this line copy this code:
<script type="text/javascript" language="javascript" src="../script.js"></script>
4.- Aprox on line 42 find this:
<form action="{$_SERVER.PHP_SELF}" method="post">
Replace it with
<form action="{$_SERVER.PHP_SELF}" method="post" onSubmit="return validate(this);">
5.- Save file

1.- If you want to change the text on the alerts, you will need to edit the script.js file.
2.- Currently the script is no validating if the email contains an @ or a valid TLD.  We will be working on that
3.- Consider this is a temporary fix, the new version will have this option fixed by default
4.- If you have questions or want to help improving this script you can reply to this post

Title: Re: [FIX] Securing Contact Form V1.0
Post by: HCL Admin on March 17, 2008, 01:25:38 PM
Victor, you should post this in the development section and share with the world. :) 

Title: Re: [FIX] Securing Contact Form V1.0
Post by: SpenserJ on June 11, 2009, 04:38:08 PM
And a captcha helps to block empty fields how?

Please leave the dead topics (anything that hasn't been posted on for over a month) alone. There will be no zombie threads while I am watching!

On another note, thank you for the fix Victor!