attempted form script exploit
Monday, October 31st, 2005grr.. some individual or robot has been trying to hijack my contact form script and comments form on the skate site to send spam. all they have suceeded in doing so far is bog me down with the inconvenience of having to add more validation to the scripts. I’m pretty sure they didn’t suceed in getting anything through anyway other than random email to me with an attempt to inject more recipients and content in and loads of random crap in the comments on the skate site (not comment spam, I think they - or their bot- mistook the comment form as a contact form. The contact form script is hardcoded to send mail only to me and the comment form script doesn’t send email at all, so it should be pretty hard to hack them. oh well, both scripts are locked down a bit more now. If I get anymore trouble i’ll probably disable them altogether…
