Re: Glutton for punishment ...

Discussion in 'HTML' started by Beauregard T. Shagnasty, Oct 21, 2009.

  1. Ed Mullen wrote:

    > Take a look at the site in my sig address. I just changed it to have
    > both a fixed top header and fixed footer. Tested in all major
    > browsers I know of and it seems to work just fine.


    I think the fixed areas need borders. Make it apparent those areas won't
    move. Not that I like fixed headers/footers; all they do is take up
    valuable space in your visitors' viewport.

    The hover effect on all your links -- ordinary link changes to a green
    button -- also makes the surrounding text jump about. That's
    disconcerting.

    The Back button on a failed 'contact form' is JavaScript dependent. Why
    not use a simple link that works all the time?

    > Obviously, in your comments, please state your OS, version, browser
    > and version, and any functional issues.


    Ubuntu 8.04. Several browsers.

    > And feel free to yell about drop-down menus and such as will please
    > your heart. I have rather thick skin.


    Ok. :) Drop-down menus suck!

    --
    -bts
    -Friends don't let friends drive Windows
    Beauregard T. Shagnasty, Oct 21, 2009
    #1
    1. Advertising

  2. Gazing into my crystal ball I observed Ed Mullen <> writing
    in news::

    >> The Back button on a failed 'contact form' is JavaScript dependent. Why
    >> not use a simple link that works all the time?

    >
    > Yes, I know. However, if I offer a link to contact.php none of the
    > user's data will be retained. I suppose I could take the actual button
    > off and just say "Use your browser's Back button to return to the form
    > and make corrections." <pondering> Hmm. Hmm.</pondering> Oh, ok!
    >


    If you let the form post to itself, you won't have that problem.

    --
    Adrienne Boswell at Home
    Arbpen Web Site Design Services
    http://www.cavalcade-of-coding.info
    Please respond to the group so others can share
    Adrienne Boswell, Oct 21, 2009
    #2
    1. Advertising

  3. Adrienne Boswell wrote:

    > Ed Mullen <> wrote:
    >> [Beau wrote:]
    >>> The Back button on a failed 'contact form' is JavaScript dependent.
    >>> Why not use a simple link that works all the time?

    >>
    >> Yes, I know. However, if I offer a link to contact.php none of the
    >> user's data will be retained. I suppose I could take the actual
    >> button off and just say "Use your browser's Back button to return to
    >> the form and make corrections." <pondering> Hmm. Hmm.</pondering>
    >> Oh, ok!

    >
    > If you let the form post to itself, you won't have that problem.


    Ahh, just what I was going to say. <g>

    On my forms, I post form to self, and if there are errors or omissions,
    I display a list above the form, with gentle "try again" message:

    Possible errors:

    * Please enter your name.
    * Please enter your email address in the form
    * Please enter a Subject for your message.
    * Please enter a comment or question before submitting the form.

    Years ago, when I discovered a form/script actually could post/call
    itself, sliced bread became 2nd on the list. ;-)

    --
    -bts
    -Friends don't let friends drive Windows
    Beauregard T. Shagnasty, Oct 21, 2009
    #3
  4. Ed Mullen wrote:

    > Adrienne Boswell wrote:
    >> If you let the form post to itself, you won't have that problem.

    >
    > The form is posting to a PHP script for processing that includes not
    > just error detection but spam processing as well. So I think that's
    > not an answer for me. Or am I misunderstanding your suggestion?


    You can see a simple example of self-processing here:

    http://safalra.com/programming/php/contact-feedback-form/

    It already checks for typical spammer input (cc/bcc), but you could
    certainly expand it to use your IP-blocking mechanisms.

    $crack=eregi("(\r|\n)(to:|from:|cc:|bcc:)",$body);

    I never found a need to block by IP, since the spammers are almost
    always using the bot machines of innocent compromised users, and the IP
    changes with every attempt.

    Here is a typical attempt by a spammer at one of my sites:

    ==========================================
    Name: vdekuedgtzy
    Email Address:
    Comment:
    gLqxv4 <a href="hXXp://mkaxyjedbyct.com/">mkaxyjedbyct</a>,
    fzcljmrgppev,
    [link=hXXp://xcyrujhnatbn.com/]xcyrujhnatbn[/link],
    hXXp://kruwnzryajad.com/
    ==========================================

    Note "http" munged as "hXXp" for this post. Other than that, it is
    exactly as the spammer sent it. The IP address was somewhere in
    Romania, but his next attempt a few minutes later was from Japan.

    --
    -bts
    -Friends don't let friends drive Windows
    Beauregard T. Shagnasty, Oct 21, 2009
    #4
  5. Ed Mullen wrote:

    > Beauregard T. Shagnasty wrote:
    >> You can see a simple example of self-processing here:
    >>
    >> http://safalra.com/programming/php/contact-feedback-form/

    >
    > The only problem I see with that script/example is that it contains
    > the actual email address to which the form is to be sent. Simply by
    > reading the source of the contact.php form page a spammer can harvest
    > my email address. That's why I post to a different page (which can't
    > be accessed) for processing.


    The email is in the PHP portion of the script, not the HTML part. It
    can't be read by anybody except those with FTP access to your files. All
    my forms have the TO address set like this example. Try safalra's script
    yourself on a test page and you will see the address is not visible when
    reading browser source.

    But if that still bothers you, set your email address in a global
    include file (don't we all have those?), and just use the $variable in
    the contact script.


    >> It already checks for typical spammer input (cc/bcc), but you could
    >> certainly expand it to use your IP-blocking mechanisms.

    >
    > Hmm. I don't filter IP addresses. Ah! You may have looked at the
    > source of my contact.php page and seen a comment regarding filtering.
    > I forgot to strip that out (done now, thanks!) after I was done
    > playing with ip filtering a long time ago and decided it wasn't worth
    > it for the very reasons you cited. :)


    Yes, you are correct; that's what I saw.

    Oh, while we're talking about the 'source' of your contact page, here's
    a question: why all those type="hidden" thingies in there? None of
    those should be necessary if you posted the form to self.

    I don't use CAPTCHAs either. I hate those suckers!

    --
    -bts
    -Friends don't let friends drive Windows
    Beauregard T. Shagnasty, Oct 21, 2009
    #5
  6. Ed Mullen wrote:

    > Beauregard T. Shagnasty wrote:
    >> I don't use CAPTCHAs either. I hate those suckers!

    >
    > Me too. But it has reduced spam somewhat.


    Here's another itty-bitty trick to keep the spammers away from your
    form.

    Typically, the spammers scour the web looking for contact forms to
    exploit. Once they find one, they add the URL to their bot-sending
    scripts and feed it to many/hundreds/thousands? of bots to go hit your
    form. I've set all mine up thusly:

    In that global include file:
    $contactpage = "contact.php";

    In all the places that link to the form (your menu, your footer, etc):
    echo "<a href='$contactpage'>Contact Ed</a>";

    If a persistent spammer finds your form and won't let go, simply change
    the value in the include file to, say,
    $contactpage = "aacontact.php";
    then FTP in, upload the new include file, and rename the contact form
    file to that new filename.

    So, one variable change and one filename rename, and the spammer gets
    only a 404 - which you'll never have to worry about. My sites are rarely
    bothered by spammers.

    --
    -bts
    -Friends don't let friends drive Windows
    Beauregard T. Shagnasty, Oct 21, 2009
    #6
  7. Ed Mullen wrote:
    > Beauregard T. Shagnasty wrote:
    >> Ed Mullen wrote:
    >>
    >>> Beauregard T. Shagnasty wrote:
    >>>> The hover effect on all your links -- ordinary link changes to a
    >>>> green button -- also makes the surrounding text jump about. That's
    >>>> disconcerting.
    >>>
    >>> Okay, I think I got that fixed.

    >>
    >> Not uploaded yet? I still see the text to the right of a link jumping
    >> about when hovering/unhovering a link.
    >>
    >> But it goes away if I remove these from a:hover.highlight
    >>
    >> border-color: #799B83 #000 #000 #799B83;/* buttonize links hover*/
    >> border-style: solid;/* buttonize links hover*/
    >> border-width: 2px 2px 2px 2px;/* buttonize links hover*/
    >>

    >
    > Yeah, it sure would have helped if had uploaded the fix to the server.
    > It's up now. Sheesh.
    >


    You may want to include a dark green background color as well to the
    hover so the link doesn't "disappear" when the link text turns white and
    the image is delayed loading on slow connections.

    --
    Take care,

    Jonathan
    -------------------
    LITTLE WORKS STUDIO
    http://www.LittleWorksStudio.com
    Jonathan N. Little, Oct 23, 2009
    #7
  8. Beauregard T. Shagnasty

    dorayme Guest

    In article <>, Ed Mullen <>
    wrote:

    > http://edmullen.net


    When all styles are off, your site is also a meaningful page. You are
    able to do this for a simple personal page but a leading Australian
    bank, absolutely huge in fact, cannot manage as much. They simply have
    not the skills to even recognise the problem of their crazy generated
    CSS and HTML. And this is generally true of most sites on the internet
    as far as I am seeing lately...

    --
    dorayme
    dorayme, Oct 23, 2009
    #8
  9. Beauregard T. Shagnasty

    dorayme Guest

    In article <>, Ed Mullen <>
    wrote:

    > dorayme wrote:
    > > In article<>, Ed Mullen<>
    > > wrote:
    > >
    > >> http://edmullen.net

    > >
    > > When all styles are off, your site is also a meaningful page. You are
    > > able to do this for a simple personal page but a leading Australian
    > > bank, absolutely huge in fact, cannot manage as much. They simply have
    > > not the skills to even recognise the problem of their crazy generated
    > > CSS and HTML. And this is generally true of most sites on the internet
    > > as far as I am seeing lately...
    > >

    >
    > and to think that all I'm doing is having fun, keeping my mind alive,
    > engaging in an online version of my daily crossword puzzles, as it were.


    You are the Forrest Gump of the web developer community.

    --
    dorayme
    dorayme, Oct 24, 2009
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dexter

    Capital Punishment

    Dexter, May 30, 2008, in forum: Java
    Replies:
    1
    Views:
    372
    Mike Schilling
    May 30, 2008
  2. dorayme

    Re: Glutton for punishment ...

    dorayme, Oct 21, 2009, in forum: HTML
    Replies:
    2
    Views:
    479
    +mrcakey
    Oct 21, 2009
  3. Neredbojias

    Re: Glutton for punishment ...

    Neredbojias, Oct 21, 2009, in forum: HTML
    Replies:
    0
    Views:
    452
    Neredbojias
    Oct 21, 2009
  4. Allodoxaphobia

    Re: Glutton for punishment ...

    Allodoxaphobia, Oct 21, 2009, in forum: HTML
    Replies:
    1
    Views:
    447
    dorayme
    Oct 21, 2009
  5. dorayme

    Re: Glutton for punishment ...

    dorayme, Oct 21, 2009, in forum: HTML
    Replies:
    3
    Views:
    592
    Neredbojias
    Oct 23, 2009
Loading...

Share This Page