The WebForm Defender

Quick Setup

HomeWhat is Defender?The SolutionPro vs StandardFAQPurchaseDocumentationPrivacy Policy
Quick SetupConfig OptionsPre-ValidatePost-Validate"On-Failure"Sample ScriptsForm Builder
Thank you for purchasing WebForm Defender, Standard Edition.

To setup your WebForm Defender, follow the steps below. We assume that you:
  • Have a web site already, to which you are adding WebForm Defender
  • Have confirmed (or already know) that your website can run PHP scripts
  • Know how to upload new files to that web site (possibly using an FTP tool, such as FileZilla or something comparable)
  • Have an editor with which you can modify the webdefender.ini.php file, and your existing webpages.
  • Know the names of the web pages you wish to add WebForm Defender to
  • Know at least a little bit about HTML, enough to follow the instructions below for modifying your existing forms pages.

To install WebForm Defender:
  • Create a directory on your website to hold the WebForm Defender files. For example: "defender" or "challenge" are good names. It may be good practice to use a name that is not completely obvious, however, something that doesn't sound like "here's my security stuff" if a hacker were to gain access to your website files. So you might also consider directory names like "golf" or "dox23".
  • Make the following change to the file "webdefender.ini.php"
    • Open the file webdefender.ini.php in your editor
    • Find the entry: $_DOC_ROOT = 'webdefender/';
    • Change webdefender/ to the directory you created on your website in the first step above. Be sure to keep the final "/".
  • Upload the files. The "doc" sub-directory does not need to be uploaded, but that won't hurt anything if it is.
  • Test the system by accessing in your web browser (Internet Explorer, FireFox, Opera, whatever) the following URL:
    [your domain name]/[defender dir]/wdef_test.php. For example: www.mydomain.com/defender/wdef_test.php You should see something like the following:
    snap shot of test page
  • If the test file shows a CAPTCHA form and all the functionality works (follow the instructions on that page) then your installation has been successful.
  • Now you are ready to add WebForm Defender to your web page(s) and get those forms protected.

Adding WebForm Defender to your Web Forms: Fast Setup
  1. In your editor, open the web page that has the form in it to wish to protect
  2. At the very top of the page, very first line, add the following:

    <?php require_once('[defender]/webdefender.ini.php'); ?>

    replace "[defender]" with the actual name of the subdirectory you created for Defender.
  3. Find the form. This will be a phrase like <form ... >
  4. The "form" statement needs to be modified. You will add the following to it:

    <?php wdefValidateSubmit(); ?>

    such that the form statement ends up looking (something) like this:
    <form action="..." method="post" onsubmit="<?php wdefValidateSubmit(); ?>" >

  5. If your form already has an "onsubmit" phrase in it, for example:

    <form .... onsubmit="ValidateForm()" >

    Then what you will do is just a little different. You will add the wdefValidateSubmit() phrase to it, like this:
    <form .... onsubmit="ValidateForm();wdefValidateSubmit()" >

    Be sure there is a semi-colon (";") between the two pieces, and that wdefValidateSubmit() is the last at the end of the phrase.
  6. This next part requires you make a decision, based on how the form has been setup. Usually a form is laid out such that columns line up and the whole has a pleasing appearance. This can be done using a <table> or using <div>s. Either way, you will need to determine where and how to insert the following statement, so that it fits into your form in a pleasing way.

    <?php InsertDefenderForm(); >

    An example form is shown shown below.
    If the form looked like this orginally:
    <form method="post" action="send_email.php" id="TheForm">
    <div style="text-align:center;font-size:large;color:blue">Send Us A Message!</div><br/>
    <table>
    <tr><td>Your Name:</td><td><input type="text" /></td></tr>
    <tr><td>Your email:</td><td><input type="text" /></td></tr>
    <tr><td style="vertical-align:top">Your Message:</td><td><textarea /></textarea></td></tr>
    </table>
    <div style="text-align:center"><input type="submit" value="Send" id="submit1" /></div>
    </form>

    Then the modified form would look like this (changes highlighted):
    <?php require_once('webdefender.ini.php'); // include as very first line of the page ?>
    ...

    <form method="post" action="send_email.php" id="TheForm" onsubmit="wdefVaildateSubmit()">
    <div style="text-align:center;font-size:large;color:blue">Send Us A Message!</div><br/>
    <table>
    <tr><td>Your Name:</td><td><input type="text" /></td></tr>
    <tr><td>Your email:</td><td><input type="text" /></td></tr>
    <tr><td style="vertical-align:top">Your Message:</td><td><textarea /></textarea></td></tr>
    </table>
    <?php InsertDefenderForm(); ?>
    <div style="text-align:center"><input type="submit" value="Send" id="submit1" /></div>
    </form>

  7. If the file you are adding WebForm Defender to is not already a PHP file (that is, if it does not end in ".php") then you will have to rename it so that it does end in .php. If it currently ends in .htm or .html (or something else), beware that this may require you to modify some of your other web pages, where there may be links (<a href="..."> tags) to that page under its old name.
  8. That's about it. Save your changes and give it a try. You should see a new element in your form, something that, hopefully, only a human can deal with.
    sample captcha insertion



Quick SetupConfig OptionsPre-ValidatePost-Validate"On-Failure"Sample ScriptsForm Builder