I've written a bit of code to allow people to signup for a newsletter on my website. When I've tested the code it worked perfectly, but lately I've been getting these strange emails from the website. They usually come in groups of five emails or so and all have a variant of
'")<script id="80000000" />
in them. I have also gotten signups that work, but this repeating anomoly is concerning me. Can you guys take a look at my code and see if it's something wrong there? Has anything like this happened to one of you?
Here's the code for the signup form:
<table border="2" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#336699" width="95%" id="AutoNumber2" height="181">
<tr>
<td width="100%" height="181" align="left" valign="top">
<p style="margin-left: 5; margin-right: 5">Join our
Newsletter to receive discount news, security tips and more.</p>
<script language="JavaScript">
function checkSub(){
if (document.form1.Name.value == "") {
alert("Please fill in your Name.")
document.form1.Name.focus()
return false}
if (document.form1.Email.value.indexOf('@', 0) == -1) {
alert("Please fill in your valid Email address.\nYour email should be in the following format: email@address.com")
document.form1.Email.focus()
return false}
}
</script>
<form name="form1" method="POST" action="http://www.wholesalelocks.com/thankyou-signup.asp" onsubmit="return checkSub()">
<p style="margin-left: 5; margin-right:5">Your Name:<br>
<input type="text" name="Name" size="15" tabindex="1"><br>
Your Email Address:<br>
<input type="text" name="Email" size="15" tabindex="2"><br>
<input type="submit" value="Subscribe" name="Subscribe" tabindex="3"><br>
</p>
</form>
</td>
</tr>
</table>
Here's the script for the page the form leads to:
<html>
<head>
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>New Page 1</title>
<%
Set myMail=CreateObject("CDO.Message")
myMail.Subject="Try Me"
myMail.From="thething@the-edge.com"
myMail.To="chris@neverlockedout.com"
myMail.TextBody="Name: "&request.form("name")&vbcrlf&"Email: "&request.form("email")&vbcrlf
myMail.Send
set myMail=nothing
%>
</head>
<body>
<div align="center">
<center>
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#336699" width="800" id="AutoNumber1" bgcolor="#336699" height="402">
<tr>
<td colspan="3" height="75" width="100%" align="center" valign="top">
<!--webbot bot="Include" U-Include="header.html" TAG="BODY" --></td>
</tr>
<tr>
<td width="120" height="217" align="center" valign="top">
<!--webbot bot="Include" U-Include="nav-table.html" TAG="BODY" --> <p> </td>
<td width="520" height="217" bgcolor="#FFFFFF" align="center" valign="top"> <p style="margin-left: 10; margin-right: 10">Thank you for signing up for our newsletter. Keep an eye on
your email for upcoming discounts and security tips.<p></td>
<td width="160" height="217" bgcolor="#FFFFFF" align="center" valign="top">
<!--webbot bot="Include" U-Include="right-nav.html" TAG="BODY" --><p>
<br>
</td>
</tr>
<tr>
<td colspan="3" height="108" width="100%" align="center" valign="top">
<!--webbot bot="Include" U-Include="footer.html" TAG="BODY" --></td>
</tr>
</table>
</center>
</div>
</body>
</html>
Thanks for looking.
Sincerely,
Chris
