
<div dir="ltr">It appears that after the upgrade to 7.4 my changes to the webforms capture process were overwritten. So I guess the spammy content was in fact a bot.<div><br></div><div>I've fixed it, cleaned up a bit and made a MR: <a href="https://code.vtiger.com/vtiger/vtigercrm/merge_requests/832">https://code.vtiger.com/vtiger/vtigercrm/merge_requests/832</a></div><div><br></div><div>Even when the other captcha versión (v.1?) was in place, it wasn't correctly implemented as explained here: <a href="https://code.vtiger.com/vtiger/vtigercrm/issues/954">https://code.vtiger.com/vtiger/vtigercrm/issues/954</a></div><div><br></div><div> Saludos<div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><br></div><div>Rubén</div></div></div></div><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Jul 24, 2021 at 5:50 AM nilay khatri <<a href="mailto:nilay.spartan@gmail.com">nilay.spartan@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">That's the problem, technically and operationally!<div><br></div><div>Technically bots can bypass your validations in different ways. This when combined with the operational issue where 2 teams are involved, website dev and crm dev teams, it becomes a pain to manage.</div><div><br></div><div>However you can create abstraction such that the website team takes care of client side validation and at CRM side we add event listeners to sanitize/pre-process the form data.</div><div><br></div><div>Potentially with this you can even map fields from Lead gen forms like on FB, Insta, Webhooks data etc. to webforms :)</div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Jul 24, 2021 at 4:07 PM Alan Lord <<a href="mailto:alanslists@gmail.com" target="_blank">alanslists@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">We generally pre-process/sanitise/validate the form before submitting to <br>

the vtiger webform.<br>

<br>

Al<br>

<br>

<br>

On 24/07/2021 11:00, nilay khatri wrote:<br>

> This is one of the discussions carried upon earlier, where I pointed to <br>

> trigger events on webform submissions.<br>

> <br>

> This is one of the example situations where you want to add some sort of <br>

> filter before the webform gets submitted.<br>

> <br>

> Another scenario is where you might like to lookup if there is an <br>

> existing contact based on email/phone and link the form data.<br>

> <br>

> BDW, captcha support is still not fixed/updated for webforms since 3 years.<br>

> <br>

> <a href="https://code.vtiger.com/vtiger/vtigercrm/issues/1266" rel="noreferrer" target="_blank">https://code.vtiger.com/vtiger/vtigercrm/issues/1266</a> <br>

> <<a href="https://code.vtiger.com/vtiger/vtigercrm/issues/1266" rel="noreferrer" target="_blank">https://code.vtiger.com/vtiger/vtigercrm/issues/1266</a>><br>

> <a href="https://code.vtiger.com/vtiger/vtigercrm/issues/1265" rel="noreferrer" target="_blank">https://code.vtiger.com/vtiger/vtigercrm/issues/1265</a> <br>

> <<a href="https://code.vtiger.com/vtiger/vtigercrm/issues/1265" rel="noreferrer" target="_blank">https://code.vtiger.com/vtiger/vtigercrm/issues/1265</a>><br>

> <a href="https://code.vtiger.com/vtiger/vtigercrm/issues/954" rel="noreferrer" target="_blank">https://code.vtiger.com/vtiger/vtigercrm/issues/954</a> <br>

> <<a href="https://code.vtiger.com/vtiger/vtigercrm/issues/954" rel="noreferrer" target="_blank">https://code.vtiger.com/vtiger/vtigercrm/issues/954</a>><br>

> <br>

> On Sat, Jul 24, 2021 at 11:55 AM Prasad <<a href="mailto:prasad@vtiger.com" target="_blank">prasad@vtiger.com</a> <br>

> <mailto:<a href="mailto:prasad@vtiger.com" target="_blank">prasad@vtiger.com</a>>> wrote:<br>

> <br>

>     Description text-area is capturing the incoming content as text and<br>

>     displaying it.<br>

> <br>

>     You can add a pre-save handler to pre-process and reject.<br>

> <br>

>     On Sat, Jul 24, 2021 at 12:59 AM Rubén A. Estrada Orozco<br>

>     <<a href="mailto:rulotec1@gmail.com" target="_blank">rulotec1@gmail.com</a> <mailto:<a href="mailto:rulotec1@gmail.com" target="_blank">rulotec1@gmail.com</a>>> wrote:<br>

> <br>

>         Hi ,<br>

> <br>

>         I have a webform in a webpage with a  reCaptcha "I'm not a<br>

>         robot" checkbox.<br>

> <br>

>         However, lately I've been receiving leads in vtiger with a<br>

>         description like this:<br>

> <br>

>         Ideal para ti<br>

>         <a href="<a href="https://bit.ly/3zqbZMl" rel="noreferrer" target="_blank">https://bit.ly/3zqbZMl</a> <<a href="https://bit.ly/3zqbZMl" rel="noreferrer" target="_blank">https://bit.ly/3zqbZMl</a>>"><img<br>

>         src="<a href="https://lh3.googleusercontent.com/proxy/ytyaxlg_7yvuaSla5AjOvXO1TwrBllb1RPAeeb7BmRcerhx2vL2uWLEDUSctpRoSJ6U0pmbLdKKcRGIT33YX83kYY7Vg_cE_Hg" rel="noreferrer" target="_blank">https://lh3.googleusercontent.com/proxy/ytyaxlg_7yvuaSla5AjOvXO1TwrBllb1RPAeeb7BmRcerhx2vL2uWLEDUSctpRoSJ6U0pmbLdKKcRGIT33YX83kYY7Vg_cE_Hg</a><br>

>         <<a href="https://lh3.googleusercontent.com/proxy/ytyaxlg_7yvuaSla5AjOvXO1TwrBllb1RPAeeb7BmRcerhx2vL2uWLEDUSctpRoSJ6U0pmbLdKKcRGIT33YX83kYY7Vg_cE_Hg" rel="noreferrer" target="_blank">https://lh3.googleusercontent.com/proxy/ytyaxlg_7yvuaSla5AjOvXO1TwrBllb1RPAeeb7BmRcerhx2vL2uWLEDUSctpRoSJ6U0pmbLdKKcRGIT33YX83kYY7Vg_cE_Hg</a>>"<br>

>         alt="ytyaxlg_7yvuaSla5AjOvXO1TwrBllb1RPAeeb7BmRcerhx2vL2uWLEDUSctpRoSJ6U0pmbLdKKcRGIT33YX83kYY7Vg_cE_Hg"<br>

>         /></a><br>

> <br>

> <br>

>         This is how I see it in Vtiger:<br>

> <br>

>         image.png<br>

> <br>

>         Not sure whether that's a hacking attempt and if I should be<br>

>         worried. Shouldn't the webforms module filter html tags and such<br>

>         kind of contents?<br>

> <br>

>         Please share your thoughts!<br>

> <br>

>         Saludos<br>

> <br>

>         Rubén<br>

>         _______________________________________________<br>

>         <a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a> <<a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a>><br>

> <br>

>     _______________________________________________<br>

>     <a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a> <<a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a>><br>

> <br>

> <br>

> _______________________________________________<br>

> <a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a><br>

> <br>

_______________________________________________<br>

<a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a></blockquote></div>

_______________________________________________<br>

<a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a></blockquote></div>