. .
ShallHelp

×


| Home | home
| Consumers |
| Quote |
| Licensed Professionals |
| Clients |

| EXPLORE |
| Community / Forum |
| Articles / Blogs |
| Members Chat |

| MY ACCOUNT | person
| Sign In or Register |
| Missions |
| Tech Team |

37 thoughts on “Session: May 7 2021, Friday

  1. ShallHelp Chat Forum : Welcome to the Chat Forum! Chat sessions are automatically erased every 60 minutes. Just select the REFRESH link above to go to the latest chat session. We are glad you are here!
    Consultant : Shift start!
    Consultant : helloooooooooooooooo
    CrisW : Hey!
    Consultant : Sorry, I read everything, I shouldn’t have started that comment.
    CrisW : It’s fine. People needed to vent too. 🙂
    CrisW : /I figured to split that so you all can say your piece too.
    CrisW : I’m not offended. These are difficult issues. You all needed to say your piece about it since you all saw how it negatively affected me.
    CrisW : We all cool.
    Consultant : Cool.
    CrisW : Cool
    Consultant : ok cool
    CrisW : k
    Consultant : ok the K!
    CrisW : Yes the BIG K now.
    Consultant K
    CrisW : lol
    CrisW : There’s too much stuff to do we have to prioritize where again.
    Consultant : Contact form. Then Decide whether Go or No Go on that.
    CrisW : Then if GO, we match it up with the Job App again.
    Consultant : Then the PM
    CrisW : OK. Sounds good. Do a new Session Date, copy paste this. 🙂
    Consultant : Cool
    CrisW : cool
    Consultant : cooler
    CrisW : coolest. STOP! LOL!
    Consultant : Stoppest!
    CrisW : I think we can knock it all out in an hour. So ok Let’s GO!
    Consultant : ok

  2. Simple Contact Form

    Settings

    EMAIL

    FORM
    Name
    Website
    Email
    Subject
    Custom Field
    Challenge Question
    Message
    Google reCaptcha (v2 or v3 Invisible)
    Carbon Copy
    Agree to Terms

    Test Scenario 1:

    I sent a Carbon Copy to myself, Verbiage appears like:

    “This is a carbon copy of the message you sent via ShallHelp:”

    “I am testing Jeff’s Contact Form and I am sending myself a carbon copy.”

    Result:

    Success! Your message has been sent.

    Test Scenario 2

    Used a fake non existent email.

    Result:

    Success! Your message has been sent.

    LOL!

    Ofcourse, if you click carbon copy and provide a fake email, you will NOT get the email address of the website. COOL!

    So it’s Success because the Admin still get’s the notification email that a Message sent from your Contact Form

    The Default Subject of the Form is:

    “Message sent from your contact form.”

    I’ve changed this to

    WEBSITE FORM SUBMISSION

    Terms: I give consent for ShallHelp to process my data and agree to the Terms and Privacy Policies.

    Test Scenario 3

    inputted goofy text to trigger error prompts.

    Worked. Triggered.

    Good to go.

    Done testing and thanks Jeff!

    Workflow works!

  3. Test Scenario 4 – Advanced

    Ooops not so fast.

    Testing with a Customized Field because I noticed the From comes from wordpress and not the Inquirer email.

    The Carbon copy works for the Sender. They get admin email.

    In Advanced – I enabled:

    – Include extra form information and user data with email message

    – When enabled, this setting tells the plugin to append some extra information to each email. This includes all form data plus extra meta information about the sender (e.g., IP address, referrer, user agent, and so forth.

    it should include the other fields

    like Name and Email. Without that only the body of the message is received by the admin.

    ——-

    Success! Your message has been sent.

    Message Summary
    05/07/2021 @ 3:20 AM

    Your Name: Cris Testingsenderemail
    Your Email: cris@ my email address dot com
    Agree to Terms: True
    Carbon Copy: True
    Your Message:

    Cris Testingsenderemail and I will include in the body my email address.

    cris@ my email address dot com

    This should also include Extra Info and should appear onsite after the Send Message button is clicked.

    ————
    Test Scenario 5 – Advanced

    – Enable collection of identifiable user data (IP address, host, user agent, and referrer)

    – and also to display Message and Extra Info and Reset Form

    Success! Your message has been sent.

    Message Summary
    05/07/2021 @ 3:31 AM

    Your Name: Cris Nowtestingdata
    Your Email: cris@ yes you wish dot com
    Agree to Terms: True
    Carbon Copy: True
    Your Message:

    Cris Nowtestingdata and IP on form and not including the email address on the body of the message.

    RESULTS:

    Admin gets email with sender message, email Date Time etc. plus important Meta Data to be able to identify & distinguish legit messages from the “manual spammmer” messages. BruteSquad’s forte. I just made it easier. 🙂

    ———-

    Obviously, I am doing these test scenarios and testing without a Test Plan but just winging it as I go. 🙂

    The Contact Form is LIVE now.

    I included the reset button as well after successful Submission of the Message, so the sender has the option to erase the sent message from their device quickly.

    We are all Admins, so feel free to check how to break it and add to the Test Scenario on your portals.

    —————
    Test Scenario 5 – Advanced

    I decided to test this with a fake email. Because I noticed that a Sender can “still send the message” and may include links, so they won’t be able to get the admin email address, since they can’t get a carbon copy if they put a fake email.

    I put the advanced settings to get the meta data so admins will get notified of the the IP address of the one trying to abuse the Contact Form.

    Informaticians are Information Scientists. 🙂

    —————-

    Success! Your message has been sent.
    Message Summary
    05/07/2021 @ 3:50 AM

    Your Name: Cris Testingafakeemail
    Your Email: crisandthis.isfakeemail@ in the interweb dot com
    Agree to Terms: True
    Carbon Copy: True
    Your Message:

    I am now testing a nonexistent email. And I will carbon copy and see what gets sent to the admin. Also, I will post some links to some site like our other site. Let’s see like the Share Button exact link which is

    https://www.shallhelp.com/forum/general-discussions/#button/#add_wpftopic.wpf-button?url=https%3A%2F%2Fwww.shallhelp.com%2Fcontact%2F&text=Contact%20Form%20%E2%80%93%20ShallHelp

    Sincerely yours,

    Testing

    —————-

    With the settings I put in and enabled, IN CASE a manual spammer or hacker is stupid enough to try and abuse our contact form, Admins will be automatically be notified of their IP addresses as well.

    Email is like a handshake. A Sender submits their email, and when they Carbon Copy themselves, they also get a copy of their message AND our email address, as recipients.

    If we don’t get their email address, when they submit a fake one, even if they submit the Contact Form, they will not know the email address of the website. It will not display onsite (that was why I immediately disabled that app when Con informed me of the Security issue when the other Job app displayed the email address of the Employer while we were testing it.

    The IP address is important to capture for spammers and hackers to get stopped. They can and will only stop when they are reported. I have had 200+ spammer websites shutdown and wiped out of the internet so yes I have enemies. So I’d let Brute handle the rest of that but thought I’d share these testing stuff here for the New Admins.

    We go with the flow and learn as we go. We were all once newbies! Share what we know.

    I might suggest to Jeff to make the following as the default settings:

    Success Display
    Success message + extra info + reset button

    – the Reset so that people can erase what they submitted from their device or browser (because browsers snoop too!)

    Extra Email Info
    – Include extra form information and user data with email message

    Data Collection
    – Enable collection of identifiable user data (IP address, host, user agent, and referrer)

    ————
    I added the Custom Field

    Please Confirm Your Email

    Results:

    Success! Your message has been sent.
    Message Summary
    05/07/2021 @ 4:14 AM

    Your Name: Cris Testingcustomfieldemailconfirm
    Your Email: cris@ yes you wish dot com
    Please Confirm Your Email: cris@ yes you wish dot com
    Agree to Terms: True
    Carbon Copy: True
    Your Message:

    Cris Testingcustomfieldemailconfirm

    ———

    The sender receives the body of email, carbon copy

    The Admin receives the Form Data plus Meta data.

    Done deal.

    ——

    Enough testing plus documenting it for your training on different ways to test it. For the New Admins. 🙂

  4. Also, I only got a hold of the software from the timestamps above.

    I started learning it at 1:03am.
    I got basic setup done at 2:28am (when I was high fiving myself since I think Con fell asleep already).

    Then I scrutinized email codes on the Admin Email (website email) and Sender (me) email. That took longer. Since I started incorporating other Security Test Scenarios.

    I think it’s okay to leave the Contact Page published.

    Admins will monitor contact page for those who can’t register for Forum Membership since I still have password protected it for us Admins.

  5. Okay, I just looked, I have about 6,989 new emails to go through.

    Looks like Team No Sleep #Coffee 🙁

    Con, please write a new job description for my New Assistant Email Filter Reader. 🙂

  6. TESTING SCENARIO 6 – Testing on Incognito Window

    Success! Your message has been sent.
    Message Summary
    05/07/2021 @ 6:35 PM

    Your Name: Con Sultant
    Your Email: Con Sultant EMAIL
    Please Confirm Your Email: Con Sultant EMAIL
    Agree to Terms: True
    Carbon Copy: True
    Your Message:

    Testing on an incognito window. Testing CW meta data capture.

    Love,

    Con Sultant

    P.S Clicked the “Get a carbon copy” and I agree to the terms.

    HEY CW, you have a typo, on the second box, this is the exact text: Look at the “terms Terms”. (LOOK LOOK!)

    “I agree to the terms Terms: I give consent for ShallHelp to process my data and agree to the Terms and Privacy Policies.”

    Maybe change to:

    “I give consent for ShallHelp to process my data on this form and agree to the Terms and Privacy Policies of this website”.

    Also, you skipped a DOT, PERIOD on “Get a carbon copy”

    The math question is too easy. I suggest you change it to something like what is the square root of 8,991 multiplied by the cube root of 26,973 =

    (since you said you were scared of stupidity, LOL!)

    1. Thanks! Result: Admins can still see the metadata even on an Incognito Window, when they use the form to submit. That’s great to monitor Contact Form legit submissions from spam submissions.

      1) Consultant: “Also, you skipped a DOT, PERIOD on “Get a carbon copy”” – DONE.

      The “Get a carbon copy” is a field LABEL. I added the period. Good catch!

      2) Consultant: “HEY CW, you have a typo, on the second box, this is the exact text: Look at the “terms Terms”. (LOOK LOOK!)
      “I agree to the terms Terms: I give consent for ShallHelp to process my data and agree to the Terms and Privacy Policies.”
      – DONE. CHANGED.

      Let me explain, so you know. The “I agree to the terms” is a FIELD LABEL. Then the verbiage “Terms: I give consent for ShallHelp to process my data and agree to the Terms and Privacy Policies.” is a DESCRIPTION LABEL. So on the back end, it looks okay, but depending on the Contact Form appearance template used, that can display as a seamless straight line, or a line with a break. I decided to add the DESCRIPTION LABEL so submitters would know WHAT they are agreeing to 🙂

      It should have displayed as

      “I agree to the terms
      Terms: I give consent for ShallHelp to process my data and agree to the Terms and Privacy Policies.”

      with the two active links to our Terms of Use / Service Page and Privacy Policy Page. It’s all spelled out there. I scrutinized and made changes to those based on how I would like people to know and learn, when they go to websites.

      But thanks that you decided to check it!

      I changed the LABEL Field – FROM
      I agree to the terms

      TO:
      I agree to the terms and give my consent

      Changed the DESCRIPTION Field FROM

      “Terms: I give consent for ShallHelp to process my data and agree to the Terms and Privacy Policies.”

      TO:

      to process my data submitted on this form, in accordance to ShallHelp's Terms of Use and Privacy Policies.

      So now it displays, on the Front End:

      “I agree to the terms and give my consent to process my data submitted on this form, in accordance to ShallHelp’s Terms of Use and Privacy Policies.”

      That one line ^ is actually two parts, LABEL Field, and DESCRIPTION Field on the Back End.

      End RESULT is Admins will receive the Email with the Form Data:

      “I agree to the terms and give my consent: True”

      That specific permission given is important for ALL websites to have, in order for them to contact or email the recipient.

      Because having a website and an email address does NOT automatically give website owners permission to send emails (commercial or not) to people. That’s the LAW. Otherwise it can be considered “spamming”. And THAT is easy to report. 🙂

      Thanks again! That’s why FRESH EYES are important! 🙂

  7. But the Author does not receive any email notification for his/her comment. So the commenter does not receive any email notification, only the Author.

  8. Can you hit the Reply button to this comment so I can check if I get an email? I set the Comment Thread level to just 2.

    1. REPLYING to “Can you hit the Reply button to this comment so I can check if I get an email? I set the Comment Thread level to just 2.”. I got email notification as the Author of the Post.

    2. I will just copy yours.

      REPLYING to “Can you hit the Reply button to this comment so I can check if I get an email? I set the Comment Thread level to just 2.”. I got email notification as the Author of the Post.

    1. REPLYING TO Got two email notifications on both comments above. How about you reply to this?

      To test whether commenter gets an email notification.

  9. Commenter did NOT. So if an Author spends time typing a response to a commenter, the Commenter would have no knowledge that the Author responded.

    I am increasing the Nested thread level from 2 to 3. Let’s test that.

  10. I think when we tested the threaded levels, one of the results we found was exposure of emails? Let’s just retest.

  11. How about we test the @crisw .. to test whether that would trigger an email notification?

    Because the forum triggers that. (I know I know, we are NOT on the forum). We can try …

  12. Switched it back to 2 threaded levels.

    So the CONCLUSION for Comment Testing – ONLY the Author receives an email notification. The Commenter does NOT.

    I think some verbiage should be included on the “Comment label” to “Check back on this page for a comment response from the Author.”

    I will log out and see if I can leave a comment while logged out.

    The test above is with the setting:

    “Users must be registered and logged in to comment”

    NEXT TEST: Testing it next for when that^ is disabled.

  13. Just testing Comment Leave a Reply Form Cris Whileloggedout

    The Text displays like so:

    “Leave a Reply
    Your email address will not be published. We are glad you have chosen to leave a comment. Please keep in mind that comments are moderated according to our Comment Policy.

    Name *

    Email *

    Save my name, email, and website in this browser for the next time I comment.

    Comment ”

    1) The Comment field should be required.
    2) The reCaptcha should be on the Comment Field.
    3) Or just put verbiage that says, “You have to be a Registered Member to leave a comment.” Or you can reach us via our Contact Form. Then add link to contact form. There’ recaptcha there.

  14. Two WP Core auto emails got triggered. One for Author and One for Admin. It shows:

    “A new comment on the post “Session: May 7 2021, Friday” is waiting for your approval
    https://www.shallhelp.com/session-may-7-2021-friday/

    among other things for Admins.

    Then once Admin approves, the Author receives another auto email from WP.

    All emails contain the contents of the messsage. Hitting reply on your email while you are logged out.

    To test whether you will get notified.

Comments are closed.