Honeypot Captcha classic asp code? - asp-classic

Good morning, I am trying and failing miserably to implement a captcha, mostly because I have no asp experience, could anyone assist?
Multiple html pages have a contact form in footer, this has form validation in place and fires off an asp page which sends an email & redirects to thanku.asp.
I wanted to add the honeypot captcha, so added another field [body] and hid it using css. I then added the code below that to check its null. When I click submit the form is processed even when hidden field has content inside, can anyone spot where I am going wrong?
<div id="captchafield">
<input type="text" name="body" value="" />
</div>
<script language=javascript>
if(!String.IsNullOrEmpty(Request.Form["body"]))
IgnoreComment();
</script>

You're going wrong by checking the field with only JavaScript; you should check that it's blank server-side and if not, then ignore / reject submission. E.g.
HTML
<div id="captchafield">
<noscript>Security field; please leave this blank</noscript>
<input type="text" name="captcha" value="" />
</div>
ASP
Dim captcha
captcha = Request.Form("captcha")
If captcha <> "" Then
Response.Redirect("badcontent.asp")
End If
' continue
What you can use JavaScript for is to hide the captcha field and / or display a message which lets users know not to fill it in if their JavaScript is off (see <noscript> in example code above). Bots / scripts will ignore the warning and fill in the field and trigger your trap.

Related

How can I create Simple aspx webpage which will send me parameters in the link

I am trying to do something from scratch in asp
I would like to get something like below. From basic hard coded values.
http://localhost:2478/Default.aspx?phone=905123456&order=123456
After that I want to use this parameter in my variables for SQLquery
I am new to asp.net and vb , I'm learning. Can you please explain me in details? Any helps will be appreciate.
Can you please provide any basic code from where I can start
Based on your latest comments:
<form method="get" action="default.aspx">
<input type="text" name="phone" />
<input type="text" name="order" />
<input type="submit" value="submit" />
</form>
Key points:
method=get (fields are in url instead of body)
note that the form above doesn't have runat=server (more below) - it's a plain HTML Form on plain HTML page
in the context of ASP.Net Web forms, you may run into issues particularly if you are using Master Pages (you can't nest forms, and a Master page is a container for your entire page).
ASP.Net forms do POSTbacks - re: method=post
You can use/add plain forms in an ASP.Net page as long as you don't nest them (outside of the server side ASP.Net form).
If you have no choice (e.g. Master Page), you'll have to construct the Querystring manually after a POSTback, then Response.Redirect to some other target (adding the querystring manually).
there are other non-ASP.Net-y ways of doing it - e.g. javascript, but that a different story

Drupal WebForm With PinPointe--Avoid Confirmation Page

Our company uses PinPointe for email marketing and we have a Drupal 6 site with several language domains. I have created a web form except I did not create any fields in Drupal. Instead in the node Edit NOT THE NODE WEBFORM EDIT....in the node edit for the body section I added the HTML and the javascript for form. Everything works well and the data is captured to pinpointe. The problem lies in the fact that the page..upon clicking submit..actually redirects to PinPointe where I get a friendly message saying. Thanks for joining. Well I don't want this. I would like to just pop an alert saying thanks and leave the user on the page they were on. I tried this code for using jquery to do the post but it isn't loading and I suspect that's because I need it in the header not the body.
So all I want is to submit the data to pinpointe and not redirect the user. So here is where my limited Drupal knowledge runs out:
If I create the input fields in the node webform then how do I get the form to post to pinpointe?
If I create the fields dynamically in the node body (not node>>webform) I can direct the submission to PinPointe but then how do I stop the redirect?
FWIW here is the jquery I was trying to use but suspect has to go in the header http://jsfiddle.net/4xDFK/4/
FWIW here is the code for the dynamic creation:
<form action="http://na04.mypinpointe.com/...." id="webform-client-form-1375" method="post" onsubmit="return CheckForm257(this);">
<div>
<div id="webform-component-UsrEmail">
<div id="edit-submitted-UsrEmail-wrapper">
<input id="edit-submitted-UsrEmail" name="email" size="30" type="email" />
</div>
</div>
<div class="form-actions form-wrapper" id="edit-actions">
<input class="form-submit" id="edit-submit" name="op" type="submit" value=" " />
</div>
</div>
</form>
Create your custom confirmation page in Drupal. Then set up PinPointe to redirect to this confirmation page.
In the PinPointe form manager, there is a option under the 'Thank you page options' to send a signup user to a custom URL.

FORM POST not passing input values

I have a simple form that passes to an ASPX page to watch a video. The ASPX page uses a hidden field from the form to load the correct video.
This works for me, but a couple other people are the error message because it appears the value isn't being passed. I'm assuming it's a setting in IE... Anyone seen this or know how to fix? OR a better idea?
Simple form on "yourdomain.org"
<form action="http://www.mydomain.org/WatchVideo/Default.aspx" method="post" enctype="multipart/form-data">
<input type="hidden" name="hidden" value="movie.flv" />
<input type="submit" name="submit" value="Watch Video" />
</form>
The ASPX page on "mydomain.org"
If Request.Form("hidden") IsNot Nothing Then
lit.Text = Request.Form("hidden")
Else
Response.Write("Not Authorized. Video Not Passed.")
End If
Sounds and loooks pretty straight forward. Not sure why the same version of IE would have different results. Any other thoughts on how to do this? I need to keep the "off site" coding simple and in HTML for non-technical folks.
Thanks.
It appears to be a setting inside of the browser. I couldn't narrow it down to a specific setting, but once we changed the "Internet" zone to medium from medium-high it began working. It has something to do with posting form data across domains.

Post a form from asp to asp.Net

I have a classic asp application. I want to post a contest form from that page to an Asp.Net form. The reason is that I want to use a lot of logic i have built into an Asp.Net page for validation before entering into the database and I don't know asp very well. Not to mention asp.Net being more secure.
What's the best way to accomplish this goal? My thoughts are as follows:
My asp Page:
<html>
<body>
<form action="/Contests/entry.aspx" method="post">
Name: <input type="text" name="fname" size="20" />
Last Name: <input type="text" name="lname" size="20" />
<input type="submit" value="Submit" />
</form>
</body>
</html>
aspx page is running in a Virtual Directory and would handle anything posted to it.
Is this possible, or does aspx prevent this kind of thing?
I ( preferably ) don't want to create the form in aspx as my colleague wants to have control of the page and build the html himself and I don't want the hassle of constantly changing it.
Are there caveats I need to consider?
What roadblocks will I run into?
How do I access the Posted Form Values? Request.Form?
Yes it is possible. In general, a POST is a POST. So you can post from a PHP page to a .NET page if you wanted. You would access the Request.Form variables just as you do now. You will have to look at the ASP Classic page to see the names of the post items but in general, you can access them as if you had pasted from .NET page.
This can be done and works fine. You will access the Posted Form values as you said via Request.Form.
I think the biggest caveat is that you will need to handle invalid data in some way - typically with a webform the .aspx page would be displayed again with validation errors, but that would likely be inappropriate for your circumstance. Probably you will need to redirect them back to the .asp page with query string parameters indicating the failures and the page will need code allowing it to fill in the form fields with their previous values and display the error message.
How about calling an ASP.NET webservice from classic asp?
https://web.archive.org/web/20210125161040/http://www.4guysfromrolla.com/webtech/070302-1.shtml

ASP.Net Form send click but nothing happens

I am building a german payment provider into my site.
But when I click on "Submit", nothing happens. Can someone please help me? I think I've looked at it too much and I can't see the forest for the trees anymore...
<form method="post" action="https://www.sofortueberweisung.de/payment/start">
<input name="currency_id" type="hidden" value="EUR" />
<input name="reason_1" type="hidden" value="Zambuu" />
<input name="user_id" type="hidden" value="29593" />
<input name="project_id" type="hidden" value="80145" />
<input type="submit" value="Absenden" />
</form>
Okay, so it's a little bit unclear what I want, it seems:
I have a lot of asp-sites allready, and now I must send, however, the information that is given by the hidden inputs by post-method to the site "sofortüberweisung.de/payment/start".
However I can solve it, it's not nessecary, there is no need for a form-tag, if there is another solution (e.g. with the code behind).
So: How can I send a lot of post information (these here is only an exmaple, in the real site there are a lot more) with code and redirect it to the right site?
If the code you have provided is within a standard ASP.NET form, so that you have nested form tags, try the solutions provided to this Stack Overflow question.
If it is possible to have this page be a simple html form, that is another possible solution.
Your button needs to have the runat="server" attribute set and it might be worth doing the same on your form atttribute.
Also remember in asp.net webforms you can only have one form tag.
I've had this issue a couple of times before where when creating an HTML form inside an ASP.NET form tag, the inner form just wouldn't post out.
One solution for me was to adjust the ASP.NET form tag wrapper for that page (moving the close above the HTML tag).
Another (where I needed ASP.NET controls obove and below the HTML form) was to add an iframe, passing the parameters for the form post to the iframe URL. Using JavaScript, the iframe then used those parameters to post the form to a new window/the parent window. Probably better ways, but it worked for me.

Resources