I had a weird thing happen. A bot went to one of my forms and was able to execute the php script in there which runs after the submit action but the form itself was never actually posted. We are not using captchas on them right now since we have a large filtering list in Admin Tools to reduce form spam. What happened was evidently this bot went in and was able to run the php script which creates a ticket in our crm system for followup. But the emails never got sent and there is no record that anything was ever submitted on a form. I went in and blocked their server ip which I found easily just by Googling their email address listed in the CRM ticket. The information went through to the script including first name, last name, email, and comments.

This is a unique problem because the company responsible is bragging about how they use a company's own contact forms to contact them, just a fancy name for form spam. The company is [url=http://]http://www.contactuschannel.com/[/url].

Any thoughts on this, and has anyone had the same thing happen from these clowns?

Jim

Hello,

There's no such thing as a bot being able to run a PHP script in RSForm! Pro by passing the validations. If the submission isn't found in RSForm! Pro then it didn't pass through RSForm! Pro. If you're using a known CRM, chances are the bot guessed the URL and accessed it directly.

Another possibility is that you have the script added in "Scripts called on form process" (which means it executes every time the form is submitted, regardless if it passes the validation or not). If this is the case, the correct field to add your script to is the one called "Scripts called after form has been processed". This gets executed right after all validations check (when the submission actually happens).

If you're a server guy, you could always grep your web server's log (if you're using apache something along the lines of "cat /var/log/apache2/access_log | grep IP.OF.SPAMMER") and find out exactly what pages the bot was browsing. You can also try "cat /var/log/apache2/access_log | grep IP.OF.SPAMMER | grep POST" so you'll find exactly what forms he submitted.

Thanks, my script is called after the form has been processed. So either they guessed the URL or possibly they found another web page we had in which that code was posted by itself. I downloaded the server logs and am digging through them to see what happened. Thanks for your help. Jim