[RFC] Contact Page

These requests for comments/change have lead to an implemented feature that has been successfully merged into the 3.1/Ascraeus branch. Everything listed in this forum will be available in phpBB 3.1.
Post Reply
User avatar
naim
Registered User
Posts: 50
Joined: Thu Oct 13, 2011 7:21 pm
Location: Isolation
Contact:

Re: [RFC] Contact Page

Post by naim » Sun Oct 16, 2011 8:58 pm

you have a point...

phynixx
Registered User
Posts: 22
Joined: Thu Sep 22, 2011 12:18 am

Re: [RFC] Contact Page

Post by phynixx » Mon Oct 17, 2011 9:04 pm

naim wrote:The whole point of the contact us page is to let anyone contact support in-case there is a problem with the site,
so if there would be a problem, wouldn't it effect the contact sheet to?!
And in phpBB there are no spam filters against spammers (at least no yet), so what if a spammer starts sending requests to the contact sheet?! Today most email addresses have spam filters...
The image is to protect against robots the don't have OCR.
If there is a problem that affects the *whole* site (if that's what you meant) neither a publicly available email nor a contact form will work. Unless the user had the admin contact info memorized they simply wouldn't be able to reach the admin until some level of service was restored.

The originally stated intent behind this RFC was to help solve for the following issue:
  • 1.) Non-registered users contacting the admin (for boards where only registered users can do so)
    2.) Registered users not being able to PM admins (again, where so configured)
    3.) Contact with admins being possible to communicate DMCA notices
    4.) Contact with admins being possible to communicate registration errors
    5.) Contact with admins being possible to comply with local regulations
    6.) phpBB receiving complaints in lieu of admin contact availability
    7.) admin emails being posted in plaintext
To that end:
  • 1.) A contact form would solve this
    2.) Ditto
    3.) Ditto
    4.) Ditto
    5.) Sort of*
    6.) Sort of**
    7.) Ditto
*Depends on whether local regs are something like "someone must have some way to reach of you" or something like "you must post, plainly, the contact information of the administrator.". While the latter is unlikely, I'm just bringing up the possibility that a contact form may or may not solve all problems in that area.

**Make something idiot proof and they'll make a better idiot... A contact form will probably reduce phpBB contacts for this sort of thing. But it may help further to revise the powered by phpBB statement to instead point to a javascript pop-up or separate page on the forum that reads:
This forum powered by phpBB® Forum Software © by the phpBB Group. It is not however managed, administered or associated in any way with the phpBB development team nor does the team have any knowledge of or way to contact the administrators of this forum. Much in the same way that you would not contact a car manufacturer about an issue with the owners of a particular car, please do not contact the phpBB team with any problems, complaints, etc. with this specific forum.

Should you be interested in learning more about phpBB please click here.
Overall though the contact form should, with a few spam-limiting features like one-contact per day, provide enough protection for the admins that makes it worth it's while to implement. Especially because it removes their email addresses from any form of publication which is a great thing (coming from the admin of a board that would love to ensure his email never sees the light of day unless absolutely necessary).

User avatar
naim
Registered User
Posts: 50
Joined: Thu Oct 13, 2011 7:21 pm
Location: Isolation
Contact:

Re: [RFC] Contact Page

Post by naim » Mon Oct 17, 2011 10:16 pm

The type of problem i was aiming at is something like phpBB doesn't have the INSERT privilege or something like that...
That way it would look like phpBB is preforming like normal, but wouldn't let new-users, new posts/topics....

Oleg
Posts: 1150
Joined: Tue Feb 23, 2010 2:38 am
Contact:

Re: [RFC] Contact Page

Post by Oleg » Fri Oct 21, 2011 10:33 am

naim wrote: so what if a spammer starts sending requests to the contact sheet?!
I cannot imagine that anyone actually does that.

As a user, I find it extremely annoying to have to enter captchas to submit contact forms. Until someone provides proof that spammers actually use contact forms for sending spam to administrators I am completely against adding captcha to contact forms.

User avatar
DavidIQ
Customisations Team Leader
Customisations Team Leader
Posts: 1780
Joined: Thu Mar 02, 2006 4:29 pm
Location: Earth
Contact:

Re: [RFC] Contact Page

Post by DavidIQ » Fri Oct 21, 2011 10:38 am

I get some spam through the one I have on my site but it is actually pretty rare and is mostly just SEO junk. The "CAPTCHA" I have is just an old logo I used to have on my site. I don't think spammers are very interested in spamming just one person. That would be useless to them and to their purpose in life.
Image

User avatar
callumacrae
Former Team Member
Posts: 1046
Joined: Tue Apr 27, 2010 9:37 am
Location: England
Contact:

Re: [RFC] Contact Page

Post by callumacrae » Fri Oct 21, 2011 3:24 pm

Oleg wrote:
naim wrote: so what if a spammer starts sending requests to the contact sheet?!
I cannot imagine that anyone actually does that.
I've had about 80,000 (I can get the exact number when I get home) spam emails sent through the contact form on my website, the majority of which were blocked by Akismet.

Related: why not check submitted message with something like Akismet, and present the user with a captcha if they are flagged as spam?
Made by developers, for developers!
My blog

User avatar
nickvergessen
Former Team Member
Posts: 733
Joined: Sun Oct 07, 2007 11:54 am
Location: Stuttgart, Germany
Contact:

Re: [RFC] Contact Page

Post by nickvergessen » Sat Oct 22, 2011 11:00 am

Because when captchas are broken or you cant solve them (blind) you still need to be able to contact the admin, to tell him captcha is broken or you are blind and cant solve?
Member of the Development-TeamNo Support via PM

User avatar
callumacrae
Former Team Member
Posts: 1046
Joined: Tue Apr 27, 2010 9:37 am
Location: England
Contact:

Re: [RFC] Contact Page

Post by callumacrae » Sat Oct 22, 2011 12:26 pm

nickvergessen wrote:Because when captchas are broken or you cant solve them (blind) you still need to be able to contact the admin, to tell him captcha is broken or you are blind and cant solve?
I'm pretty sure that blind people can solve Q&A captchas, and recaptcha has an audio option.

Over the last year, Akismet has had a 99.98% accuracy rate (w/ 80,849 spam comments sent) - I'm pretty sure that if something is that wrong, more than one person will attempt to contact the owner:

If one person attempts to contact the owner, there is a 0.02% chance that they will have to solve the CAPTCHA. Let's say that 1 in 1000 people are completely blind (although realistically it is probably way less than that). That means that there is a 0.0002% chance that the admin will not get the message.

If two people attempt to contact that owner, there is a 0.00000004% chance that the admin will not get the message. With three, 0.000000000008%.


If the CAPTCHA is broken, then the chances are still pretty low: 0.02% chance if one person tries to contact, 0.0004% chance if two people try.

If Akismet or whatever service is being used is down, then everything should be allowed to send, not nothing.



Statistically, having a spam prevention service + a CAPTCHA is definitely worth it.
Made by developers, for developers!
My blog

User avatar
naderman
Consultant
Posts: 1727
Joined: Sun Jan 11, 2004 2:11 am
Location: Karlsruhe, Germany
Contact:

Re: [RFC] Contact Page

Post by naderman » Mon Oct 24, 2011 10:37 am

One of the purposes of the contact page is to be able to contact an admin in case a user cannot solve the CAPTCHA. How likely that is for a particular type of CAPTCHA really doesn't matter much.

phynixx
Registered User
Posts: 22
Joined: Thu Sep 22, 2011 12:18 am

Re: [RFC] Contact Page

Post by phynixx » Wed Oct 26, 2011 10:49 pm

I could get behind Akismet [+ CAPTCHA] so long as it fails open instead of closed.

That said, IMO it should be an option to implement: "Protect contact page with Akismet [+CAPTCHA] (check here): "

Post Reply