I would like to protect a form against bots without third party solutions as CAPTCHA/reCAPTCHA and after searching the web I got a few ideas.
One of them is to have a non-existence or empty page in the form's action attribute, and when the user enter a required field, fill in the correct page with JavaScript.
Are bots able to fire/trigger the onfocus event of an HTML element?
I intend using this solution together with at least one more trap like test question, Honeypots etc.
Related
I have created email contents as an html page.
I have placed 4 check boxes and every time one of them is checked I want to run ajax which calls a url with parameters. Is such a thing possible or the email client will not run it for security reasons or/and other reasons?
I can do it with a link to a page with the same contents but the recipient may not bother to click the link.
The whole idea is: Can we run ajax calls in html email contents as if the contents were in an autonomous web page?
No you can't. All JavaScript is stripped from emails for security reasons. The best you can do, as you've listed, is to have a link in the email with parameters to allow the landing page to do it.
You can achieve interactivity, however, with checkboxes - such as hiding/showing content (already placed in emails). If you're already inserting the parameters, I'm assuming then you have the information--so place that content hidden in the email, which when checked, shows. Mark Robbins shows how it's done: https://www.webdesignerdepot.com/2015/10/punched-card-coding-the-secret-of-interactive-email/ (if that's what you wanted, let us know in the comments and/or include your code and we can give a tailored example)
What is the best way to place 2 identical forms on the same page, but use the same form action and fields for each form? How can I keep response messages in the respective form area from which the data was submitted?
I'd have one form in the footer of my site, and one form in a popup on the home page of my site. I'm using a hidden div and Magnific to open the popup containing the same code from the form that is located at the footer. Essentially, both form do the same thing, and utilize the same form action.
I do not have access to the form action, or the code in the form action page.
Currently, the forms existing on the same "page" are no problem, but when I submit an email on one form, the errors and success messages show up on both the popup form as well as in the footer form.
I've read that this may be possible to do with ajax, but for completeness sake, I want to make sure that I'm building that I'm doing what I can with the form html, before moving on to studying ajax for this.
Sadly there is no nice html/liquid solution for this.
The only way is to use cookies in order to save information which form was submitted and show the error message only for that form instead of the two ones.
AJAX is not a good solution because of the Google Recaptch-a when you submit the form more than once, which is a real pain in the a** since there is no way to disable it and the form will fail if you try to submit it with ajax.
The easiest solution is to use cookies, other option is to rely on an APP for this, but it may be an overkill for this.
Forms in Shopify are... how to put it nicely... dumb... basic... not developer friendly or just not made to be tweaked in any sort of way ( excluding the front-end ).
Is there a way to create a page in ClickFunnels(https://www.clickfunnels.com/) website and when I submit that page, I need to store the form details in my rails app(into a particular table). Which means I want to display my database in the clickfunnels integrations list. I googled hours but couldn't get much information on this.
can anyone suggest me if you have done this. A reference link also much appreciated.
We couldn't find any way to do this inside clickfunnels itself, if there is a easy way to add custom systems to their integrations I too look forward to seeing those answers. Until then, here's what we did: We just put our custom form on their page and used ajax to send it back out the end point in our system it needed to hand that data too.
Then, since we also needed to submit the same info to click funnels, we build a fake CF form(I think we actually put one on the page, but used CSS to hide it, then filled it out dynamically from our custom form), and call submit on that form, sending the user through the normal click funnels submission process and sending them to the next page in the funnel.
I'm making a site in django which has profiles for users and companies with text fields, photos, choices, etc., and I want them to look the same while viewing or editing them (in case of the owner of the profile). Basically the user must click somewhere and all the information becomes editable, without having to go into other "profile editing" page.
The only way of doing this that I can think of is by making to different pages, one for only "viewing" the data, and other for editing it, and try to make them look the same anyhow..
I wonder, if there is an elegant and simple way of integrating this two functionalities in django?
Thanks.
You're talking about manipulating the DOM without page loads. You're going to use AJAX to retrieve your form. I would recommend using Tastypie to create REST endpoints. Then you'll need to do AJAX calls to get your form. I would recommend using jQuery.
If you would prefer something simplier. You could always user a hidden form field and then manipulate the DOM with jQuery.
My website uses ajax.
I've got a user list page which list users in an ajax table (with paging and more information stuff...).
The url of this page is :
/user-list
User list is created by ajax. When the user click on one user, he is redirected to a page which url is : /member/memberName
So we can see here that ajax is used to generate content and not to manage navigation (with the # character).
I want to detect bot to index all pages.
So, in ajax I want to display an ajax table with paging and cool ajax effetcs (more info...) and when I detect a bot I want to display all users (without paging) with a link to the member page like this :
JohnBob...
Do you think I can be black listed with this technique ? If you think so, could you please provide an alternative solution by keeping these clean urls and without redeveloping the user-list (without ajax) ?
Google support a specification to make AJAX crawlable:
http://code.google.com/web/ajaxcrawling/docs/specification.html
I did an experiment and it works:
http://seo-website-designer.com/SEO-Ajax-Google-Solution
As this is a Google specification, you won't get penalised (unless you abuse it).
Saying that, only Google support it at the moment (AFAIK).
Also, I believe following the concept of Progressive Enhancement is a better approach. That is, create a working html website then make the JavaScript enhance it
Maybe use the urls with an onclick to trigger your AJAX scripting? Like
Some URL
I don't think Google would punish you for this, you primarily use JScript, but you do provide a fall back for their bot, so your site doesn't get any less accessible.
EDIT
Ok, I misunderstood. Then my guess would be you basically have two options:
1. Write a different part of your site where bots end up, or,
2. Rewrite your current site to for example always give a 'full' page, with an option to only get, say, the content div. Then you can get only the content with JavaScript, but bots will always get a nice page.