I suggest to pass on the user info message to the attack detection URL either as a POST or GET variable. Example see below.

Currently I manually changed the formmail.php code (8.23) from:

Redirect(ATTACK_DETECTION_URL,GetMessage(MSG_FORM_ERROR));
to:
Redirect(ATTACK_DETECTION_URL.'?msg='.urlencode($s_user_info),GetMessage(MSG_FORM_ERROR));
PB

Hi,

Thanks. Good suggestion, and it's on the TO DO list for a future version.

Thank you for your consideration.

As said above, I patched the current version so its not urgent for me, but ideally like to use the "out-of box" version.

Probably not a lot of real people see that page anyway, but I am bit paranoid and like to have consistent styling just in case, so I am using a custom attack notification page.

PB

Hi Polarbear,

I too would like consistent styling and am trying to implement a custom attack notification page. I have the custom page working, but am having difficulty passing along information like the user info message. Any chance that you can detail implementing a bit? Maybe some example code of the custom attack notification page?

Thanks for any help!

Best,

Matt

Have a look at the very first post in this thread. It contains the PHP code of the modified Redirect function. It passes the user message as the URL parameter msg to the custom page.

Here is a page template:



<H2> Form Submission Error </H2>

<B><FONT color="red">
Your form submission has been rejected as it appears to be an abuse of our server!
</FONT></B>

<P>

Our supplier of forms processing software has
provided <a href="http://www.tectite.com/serverabuse.php"
target="_blank">more information about this error</a>.<br /><br />

<P>

<B><?=strip_tags($_GET['msg'])?></B>

<P>

<FORM action="">
<INPUT type="button" value="Back" onClick="history.back()">
</FORM>

Hi,

Here's a supported alternative...

FormMail creates a PHP session and keeps it active after the redirect to "good_url" or the ATTACK_DETECTION_URL.

This means these pages, if written in PHP, can access anything in the session.

In addition, FormMail can place your forms' fields into the PHP session, using this feature: http://www.tectite.com/fmdoc/session_access.php

Once they are in the session, your page can access them.

Thanks! I'll take a look into both approaches.

Keep up the great work!

Best,

Matt