Comments (4)
zyphlar
commented on August 16, 2024
1
Ah here we go, here is my page yaml, the only bit I really customized was the subject line, wherever I got this from years ago it's mostly copy-paste:
process:
-
email:
from: '{{ config.plugins.email.from }}'
to:
- '{{ config.plugins.email.from }}'
- '{{ form.value.email }}'
subject: '[Website Contact] {{ form.value.name|e }}'
body: '{% include ''forms/data.html.twig'' %}'
-
save:
fileprefix: feedback-
dateformat: Ymd-His-u
extension: txt
body: '{% include ''forms/data.txt.twig'' %}'
-
message: 'Thank you for your message! We''ll get back to you soon.'
-
display: thankyou
In more current examples we get this, which shows options not visible in the GUI and answers the question of how to enable CAPTCHA:
process:
captcha: true
save:
fileprefix: contact-
dateformat: Ymd-His-u
extension: txt
body: "{% include 'forms/data.txt.twig' %}"
email:
subject: "[Site Contact Form] {{ form.value.name|e }}"
body: "{% include 'forms/data.html.twig' %}"
message: Thank you for getting in touch!
display: thankyou
Seems to be more sane defaults in modern examples so maybe this is a non-issue, but I bet I'm not the only one who copy pasted some stuff and didn't realize what all needed configuring and forgot about it and let spammers go wild.
And yeah for whatever reason pasting config.plugins.email.from didn't clue me in to needing to go in and set a "from email" value in the plugin config system itself.
from grav-plugin-form.
rhukster
commented on August 16, 2024
First, this sounds like either a form plugin configuration issue, or a theme issue, but not an Admin issue. So first going to move this to the form plugin issue tracker.
from grav-plugin-form.
rhukster
commented on August 16, 2024
Actually this might be related to email specifically, but we'll leave it here until I know more...
So you have a Grav installation with form plugin and email plugin. That by itself does not provide a form in your site, so you must also have a page you created for a contact form. When you set that up, did you configure the form to + from? did you add any captcha configuration? I think a copy of your form YAML configuration for that contact form would be helpful to see how you have things configured.
Also a copy of your email.yaml configuration would be helpful.
from grav-plugin-form.
zyphlar
commented on August 16, 2024
Be aware I've had this install and just kept upgrading via Yunohost since at least Nov 2020 so my experience may be different from a brand new user, but that's still concerning since such users are evidently being drive-by spammed by bots 24/7.
I didn't customize the pages or themes practically at all; my custom theme just extends Twenty without changes. There aren't any particularly obvious settings inside the template stuff to configure any of these things. I tend to interact with Grav via the GUI and didn't notice that I had to configure the Form plugin to send me email instead of just magically bubbling up via the local Sendmail to the local sysadmin, since I run Nextcloud/etc on this same server I assumed it'd just work given the relative lack of configuration options. I still haven't gone through all the plugin pages to check every single option, maybe there's something hidden there.
I'm pretty sure I just took whatever was immediately obvious in the default install and tweaked some wording, I didn't create the form template and barely customized anything: there's setups here like a thankyou page after form submission that I'm not sure I'd know how to configure, googling around I see references to configuring things inside the form page itself but I see no such options in the page menus. (Apropos of nothing, I switched from my Default contact page template back to the Form contact page template for about 15 seconds and in that time a spammer managed to get an email through.)
Here's the include path beyond my shell of a theme, nothing really obvious for fixing this issue though:
- user/themes/twenty/templates/form.html.twig
- user/themes/twenty/templates/forms/form.html.twig
- user/plugins/form/templates/forms/default/form.html.twig
user/config/plugins/form.yaml
enabled: true
built_in_css: true
inline_css: true
refresh_prevention: false
client_side_validation: true
debug: false
inline_errors: false
files:
multiple: false
limit: 10
destination: self@
avoid_overwriting: false
random_name: false
filesize: 0
accept:
- 'image/*'
recaptcha:
version: 2-checkbox
theme: light
site_key: null
secret_key: null
turnstile:
theme: light
site_key: null
secret_key: null
basic_captcha:
type: characters
chars:
length: 6
font: zxx-noise.ttf
bg: '#cccccc'
text: '#333333'
size: 24
start_x: 5
start_y: 30
box_width: 135
box_height: 40
math:
min: 1
max: 12
operators:
- +
- '-'
- '*'
user/config/plugins/email.yaml (prior to my modification inside the GUI to figure out what was wrong)
enabled: true
from: [email protected]
to: [email protected]
mailer:
engine: mail
smtp:
server: localhost
port: 25
encryption: none
user: ''
password: ''
sendmail:
bin: '/usr/sbin/sendmail'
from grav-plugin-form.
Related Issues (20)
- Frontend File field tooltip blocks remove button when file is too large HOT 1
- Email plugin? HOT 1
- Default values for date type fields inside elements: only 1st default value is set.
- basic-captcha not showing image (404) HOT 24
- Split up langauges.yaml in separate language files for better maintainability
- Empty basic-captcha field allows bypassing the captcha HOT 3
- failed basic-recaptcha leads to error page HOT 2
- basic captcha: no letters are displayed HOT 4
- Unable to config turnstile using admin plugin HOT 1
- How to add math captcha? HOT 4
- Can't translate basic-captcha error message
- Can't update Flex User field from empty textarea HOT 1
- Math Captcha. x Multiplication operator works incorrectly. HOT 4
- Revisit: Field 'file' does not save file when used in front-end form
- Feature request: Possibility to modify the time format of the date field and to choose the first day of the week
- Addition to recent update on development build - Turnstile build still missing language / tooltip help info
- no longer processing after update - message: TypeError HOT 4
- [FIX] Critical Bug - Form save: File with extension not allowed HOT 7
- Form 7.3.0 Cloudflare Turnstile Captcha Help Text
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from grav-plugin-form.