Eliminate String - Discard Data Silently

this is obviously a php-question? so should i move that to the appropriate forum for you? you could do some validation with javascript here ... but when the user/bot just disables it then the data are passed to the server ... so it should be checked there in any case ...

kind regards

Yes, please do...and sorry..

jim

no problem ... done ;)

Hi.

Have you considered using something like Captcha to prevent the bot from successfully submitting the form?

Anyways... to answer your question.

You make it sound like the bot always enters the same value. Is this true?
If that is the case, you could simply add a if clause that checks for this value and takes the appropriate action.

Alti, thank-you for the reply.

1) yes, captcha considered...bu t site owner does not want it.. And he would like it kept as simply as possible.

It is an international site presence, dealing with languages and such...and therefore "error correction" must be kept to a minimum, as you know syntax's etc..

People type (or think) in different ways...just like any type of "open source" coding, the same thing with "different words" (code) will still do the same thing, unlike C/C++ where one must follow specs.

I guess where I am lost is, I know I am able to "trap" the 123456 is I just need to create a TEMP VARIABLE?? in php, and then DELETE it, or with the "else" statement...tos s it into a blackhole situation?

So that they "think" it has went thru, and leave the site alone?

So that it "does not" get mailed ??

Here is the end of the php... Maybe somehow create a varibable assigned to it? This is where I am lost..

This sounds like a very strange bot. What I would like to know is: how does this bot know whether it's evil plan was successful? They're not that smart. You don't have to worry about assigning the value to a variable, etc. Just use a conditional statement to compare the values, if it matches the naughty string, skip it. Simple.

Sounds like you're making a mountain out of a molehill, or am I not seeing the issue?

??? (laugh)

This is my Statement in original

2) There is one user ( or bot ) that keeps entering a certain value of 1233456 and this adds up to 50+ per day.

Match it, and skip it...yes, but I am lost on how/where etc... as if I "check for it" and ALERT the ??Human??, or ask for (7) Characters, it will continue ( they will try another schema)

The only problem is this issue, I just want to make it look like they ARE successfull, and just toss it away.

Then? They will never know... :-) And think they ARE doing something.

Trust me, (laugh) there is a method...to this madness of what I need to do :-)

And what I mean by that, is I have told the site owner...who used to let one of his employees do the site work ( simple mods etc), but now is no longer allowed site access...

See where I am coming from? He has a guy within his organization... getting paid by owner...that has "lost his toy"...and is causing the BOSS a lot of headaches ( creating bogus entries)

The only problem? Is this.. trapping this...and not creating an ALERT (invalid entry)...and just let it "flow" to thank-you page, while deleting (not sending the e-mail)...

And he will still think he is doing damage...

Ok, you should maybe take up some action on this annoyance.. perhaps.

Anyway, to check for it, like has been mentioned before, compare the values.

Catch the drift?

Ahh ok. So the boss pissed of one of the IT staff.
A very dangerous thing to do :)

As an alternative to Markus' example, if you already have a procedural page set up to do all the work and you don't want to mess with that to much, you could simply test for the value at the start and use a die or exit statement to bail out.

Like:
[code=php]
if($_GET['phone-number'] == "123456") {
echo "Thank you for whatever you just did!";
exit; // Script ends here without doing anything.
}

// Do whatever the script is supposed to do here.
mail(...);

echo "Thank you for whatever you just did!";
[/code]

Yes Alti, and the amazing thing? The "pissed off guy, about an hour ago" just sent a test e-mail .. as I am danged sure, he's the one doing it.. :-(

No, he's not the IT staff...lol... He was just the bosses 2nd in command guy, (total employees of 16) that said he could do it.. He ended up screwing things up, and then behind the bosses back...started "outsourcin g to TEAMS in India"...<laugh > And I think was "billing the boss" on the side also...while pocketing some $$$

Now, the "hired help" [the teams] screwed it up (actually took down a cart also) it had been 4+ months of ongoing hell (prior to me running across this guy...)...and he contated me thru a friend of mine, and I am really just doing favors in a way... But someone elses code, screws with my head many times.

They actually were using AJAX, (and this form presently is NOT connected to a DB) just to get the little spinning thing ;-)

1) The procedural is set up, and I don't want to "change what they see"

The form itself has at least 17 entry fileds, and 4-5 of them...populate d for drop downs... (too much to mess with to recreate at the moment), but he does want all this eventually into a database.

2) For now, I just increased the <2 (15 minutes ago, before your reply) as the "gruntled party" I saw, was testing it.

3) for now, I just <7 [if less than seven characters] to see what happens in the next few hours.

4) I thank-you...as you expalnation and example...makes more sense to me (my logic)

I was thinking of justting this as a function, (another dir call in the code-page) so IF? The 123456 guy, look at the php code, he'd over look the outside call to the function located elswhere.

Thx again,

jim