is created with version 6.02 under Linux.
I am getting lots of spam, apparently sent by the form being completed, example below:
The form has server validation on all fields and a hidden field which is correctly passed on in the email. If I change the values in the hidden field they are immediately used in the email so it appears to be used 'live'. I have tried changing the page name and I have wiped the server and re-published in case any residual old page was being used. I have tried Re-Captcha2 with no success and my latest trial has been to remove the submit button and use a hidden 'normal' button which is only visible if the question is answered correctly. The button triggers events 'Form Submit' then 'Form Reset'.Values submitted from Dyfi.com Talk to us page:
IP Address : 126.96.36.199
Referer : dyfi.com/Get_In_Touch.php
Form Source Is : dyfi.com contact form
NameBox : MarcusGaisk
EmailAddress : firstname.lastname@example.org
LocationBox : Yugoslavia
CommentBox : Hei?e Girls fur *** in deiner Stadt warten auf dich, mach mit: http:// <removed by betwixt>
I can't see how the form is being submitted, the only clue I have is that 'Editbox4' should contain a number (it does if I test the form myself) but in all the spam mails it is blank.
Any idea what is happening?