StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POcakephp form getting spammed - how?
primarykey
Id
1882031
data
AcceptedAnswerId
1883146
AnswerCount
4
ClosedDate
CommentCount
4
CommunityOwnedDate
CreationDate
2009-12-10T16:05:45.423
FavoriteCount
1
LastActivityDate
2009-12-10T18:46:51.870
LastEditDate
2009-12-10T16:13:49.807
LastEditorUserId
223019
OwnerUserId
223019
ParentId
0
PostTypeId
1
Score
1
ViewCount
995
LastEditorDisplayName
text
Body
I have a simple cakephp form WITH validation that submits to a database. It doesn't require a logged in user. No using the form normally via a browser and not filling in all required fields causes validation errors and the form is not submitted. However, I seem to be getting spammed by someone/something. They are filling the generic named fields (name,email,message etc) but not the obscure ones and these records are going into the database so they're obviously bypassing the validation! My question is HOW??? (and how can I stop them?) I have the feeling I'm missing an obviously loop hole or something... This is my add method: <pre><code> function add() { $this->pageTitle = 'Projects - Submit Project'; if (!empty($this->data)) { $this->Project->create(); if ($this->Project->save($this->data)) { $this->Session->setFlash(__('The Project has been saved', true)); $this->_sendStaffMail($this->Project->id); $this->_sendClientMail($this->Project->id); $this->redirect(array('controller' => 'pages', 'action'=>'thanks')); } else { $this->Session->setFlash(__('The Project could not be saved. Please, try again.', true)); } } } </code></pre> And validation from Model: <pre><code> var $validate = array( 'name' => array('notempty'), 'department' => array('notempty'), 'client' => array('notempty'), 'contact_name' => array('notempty'), 'email' => array('email'), 'phone' => array('notempty'), 'title' => array('notempty'), 'background' => array('notempty'), 'objectives' => array('notempty'), 'target_audience' => array('notempty'), 'message' => array('notempty'), 'logos' => array('notempty'), 'images' => array('notempty'), 'print_info' => array('notempty') ); </code></pre> I should also mention I have tried playing with the Security component but it seems over kill when my project has tons of forms throughout it (altho they're behind Auth login)
Tags
<security><validation><cakephp><forms><spam>
Title
cakephp form getting spammed - how?
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USdesignvoid
UserOwnerUserId
1. USdesignvoid
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POcakephp form getting spammed - how?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POcakephp form getting spammed - how?
 UserUserId
 USAlexBrand
 VoteTypeVoteTypeId
 VTFavorite
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.