Developer forum

Forum » Templates » Submitting comment form gets IP ban

Submitting comment form gets IP ban

E-mail notifications
Cátia Torego
Reply
Posted on 23/02/2023 11:57:28

Hi,

I have a form to add comments on the product detail page and if the antispam functionality is active in the backoffice (Image1) my IP gets baned and the following shows up in the banned file:

Form BAN: Bad form (Session field FormCH1_h not updated by script); Bad form (_sys_to_email should be emptied by the spam script); Bad form (missing timestamp field - ts); Bad form (Hidden email field (email) altered to ); 

 

I already have the antispam fields in the form like this:

 

var antiSpamFields = Dynamicweb.SystemTools.Security.FormAntispam.AntiSpamFields("commentForm");

<form id="commentForm" class="col-6 mt-4" method="post" enctype="multipart/form-data" action="/Default.aspx?ID=@Pageview.ID">
   @antiSpamFields

Is there anything else I need to do for this to work? Shouldn't it just work by adding those fields?

Dynamicweb version 9.15.1

Image1.png

Replies

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Posted on 01/03/2023 09:57:58
Reply
This post has been marked as an answer

Your submit is wrong on this.

You have to add the antispam script on the onsubmit event on the form - this is how the forms module does that:

string spamScript = FormAntispam.AntiSpamFieldsScript(LinkHelper.GetUrlWithPort(Context.Current.Request.Url.OriginalString, disablePortNumber));
string onSubmit = string.Format("{0};return s(this);", spamScript);
string formTag = string.Format("<form method=\"post\" id=\"FormSave{0}\" name=\"FormSave{0}\" enctype=\"multipart/form-data\" action=\"/Admin/Public/404.aspx\" onsubmit=\"{1}\">", form.ID, onSubmit));
Votes for this answer: 1

 

You must be logged in to post in the forum