HTML and Perl CGI, HTML and Perl CGI |
HTML and Perl CGI, HTML and Perl CGI |
citabriabob |
Jul 27 2020, 04:32 PM
Post
#1
|
Newbie Group: Members Posts: 11 Joined: 27-July 20 Member No.: 27,457 |
I have html <form method="post" action="cgi-bin/order.cgi"> where inputs are <input autocomplete="off" type="text" size="1" maxlength="2" name="MI-527" value="">.
cgi script is perl. Random orders come in with unspecified inputs and all are very high quantities. I wrote this off as a chrome problem, but need to fix regardless. Thanks, |
citabriabob |
Jul 28 2020, 06:48 PM
Post
#2
|
Newbie Group: Members Posts: 11 Joined: 27-July 20 Member No.: 27,457 |
Those items were NOT ordered; they appeared totally out of the blue.
If you have a mix of browsers, I welcome you to place orders. Use 4111 1111 1111 1111 as credit card. Your name and address are not required to be correct. If you do, please say browser name in comments. Thanks, |
pandy |
Jul 28 2020, 07:29 PM
Post
#3
|
🌟Computer says no🌟 Group: WDG Moderators Posts: 20,732 Joined: 9-August 06 Member No.: 6 |
Oh! So the affected member weren't there at all? This is beginning to sound really serious. Are the CC numbers stored on the server?
|
citabriabob |
Jul 28 2020, 07:41 PM
Post
#4
|
Newbie Group: Members Posts: 11 Joined: 27-July 20 Member No.: 27,457 |
|
pandy |
Jul 28 2020, 08:33 PM
Post
#5
|
🌟Computer says no🌟 Group: WDG Moderators Posts: 20,732 Joined: 9-August 06 Member No.: 6 |
But when you get those fishy form submissions there is a CC number entered, isn't it? Is it a real number and does the card belong to the member who's name is used? If so, it must come from somewhere.
|
citabriabob |
Jul 29 2020, 02:20 PM
Post
#6
|
Newbie Group: Members Posts: 11 Joined: 27-July 20 Member No.: 27,457 |
Can you recommend someone who is paid to fix this?
|
pandy |
Jul 29 2020, 02:37 PM
Post
#7
|
🌟Computer says no🌟 Group: WDG Moderators Posts: 20,732 Joined: 9-August 06 Member No.: 6 |
Sorry, don't know.
Please answer my question about the CC numbers. I worry about that bit. |
citabriabob |
Nov 1 2020, 01:14 PM
Post
#8
|
Newbie Group: Members Posts: 11 Joined: 27-July 20 Member No.: 27,457 |
OK. Given that I am unable to find the source of this issue and most orders are received correctly, I would like to eliminate (set qty to 0)? any item with a quantity greater than 9. Is this easy to do?
|
Christian J |
Nov 1 2020, 06:31 PM
Post
#9
|
. Group: WDG Moderators Posts: 9,661 Joined: 10-August 06 Member No.: 7 |
I would like to eliminate (set qty to 0)? any item with a quantity greater than 9. Is this easy to do? The time-consuming part should be to understand where in the script to add it, otherwise it's trivial. An simpler alternative might be to use an INPUT TYPE=RANGE or (more compact) INPUT TYPE=NUMBER form field instead of an ordinary text field in the HTML code. That way you can limit the max value submitted by normal users. However it does not prevent bots, malware or malicious users from submitting bogus form data. See also https://www.w3schools.com/tags/att_input_type_range.asp and https://www.w3schools.com/tags/att_input_type_number.asp But I'm not sure what you meant with this reply from July 29th: QUOTE Those items were NOT ordered; they appeared totally out of the blue. Did you mean that: 1. The customer did place an order, but extra items in the order appeared out of the blue? 2. Or did the entire order including the CC number appears out of the blue? |
citabriabob |
Feb 17 2021, 03:51 PM
Post
#10
|
Newbie Group: Members Posts: 11 Joined: 27-July 20 Member No.: 27,457 |
Found the culprit! After reviewing the data and finding an uninvited line item of quantity 03, seems as though the Chrome Autofill inserts two-digits at a time. Since we seldom get orders for > 9, we eliminated all entries over qty Length of 1. in the script. Done.
|
Lo-Fi Version | Time is now: 27th April 2024 - 01:47 AM |