Prevent Spam on HTML forms...

Rudy · 12-23-2006, 11:13 PM

Hey guys,
I've been having some real problems lately with spam being submitted on some forms on a website I run. A few nights ago, I added a PHP Captcha to the form, but it doesn't seem to have done much in reducing the amount of spam.

So now, as well as the captcha, I'm trying to implement another way to "trick" the spam bots... I want to have a hidden text box in my form that, when it is submitted with a value, will prevent the form from going through.

The following code is what I have so far. But I still can't seem to get the text box to be 'hidden': (Notice I'm not using the attribute type='hidden'... I'm trying to hide it another way - mainly so that the spam bots don't know it's "hidden" if you know what I mean)

This is part of the code found at http://www.huntsources.com/list.php (The actual form) -

Code:

<form method=POST action="list.php" name="list">
<input type="hidden" name="submitted" value="submitted">
<div class="form_01">
<label for="first_name">First name:</label>
<input title="Visually impaired users: do not enter anything in this box" type="text" name="first_name" id="first_name" value="" onKeyUp=" val = this.value; if (val.length > 0) { alert('Please place your cursor in ‘Name’ box to start your message'); this.value = val.substring(0,0); emailform.focus() } this.form.count.value=0-parseInt(this.value.length); ">
</div>

Now here's my css, found in http://www.huntsources.com/main.css:

Code:

#form_01 {
visibility: hidden;
display: none;
}

Any ideas why this is not working?
????: NamePros.com http://www.namepros.com/programming/272644-prevent-spam-on-html-forms.html

Also, do you have any other suggestions on ways I can curb the amount of spam I'm getting?

Once it is working on this page, I'm going to implement it onto other forms on the same website.

Thanks for any help,
David

Noobie · 12-24-2006, 08:10 AM

HTML Code:

<div class="form_01">

should be

HTML Code:

<div id="form_01">

OR
????: NamePros.com http://www.namepros.com/showthread.php?t=272644
change

Code:

#form_01 {
visibility: hidden;
display: none;
}

to

Code:

.form_01 {
visibility: hidden;
display: none;
}

sdsinc · 12-24-2006, 09:56 AM

Originally Posted by Rudy

...
????: NamePros.com http://www.namepros.com/showthread.php?t=272644
Also, do you have any other suggestions on ways I can curb the amount of spam I'm getting?

Check your web server logs and ban the IPs via .htaccess.
Also check the user agent. If it's automated spam by a script it could be an odd user agent string like PHP or whatever. You could disallow it as well.

Rudy · 12-24-2006, 10:17 AM

Thanks for the responses. With the help from Noobie, I got the form working properly now. Let's see if it helps....

Good suggestion sdsinc, Thanks. I'll definitely keep that in mind.

- David

Tree · 12-24-2006, 02:18 PM

What CAPTCHA script are you using? Bots shouldn't be able to get past a well-coded one.

Rudy · 12-24-2006, 02:37 PM

Hey Tree,
I'm not sure how well-coded it is... It's one I found on the internet, and modified a little. Here's the code I'm using:

(On the form):

Code:

<img src="captcha.php" alt="Validation Key">

(In the PHP verifying the Submission):

Code:

 // Checks for correct Validation Key
$key=substr($_SESSION['captcha'],0,5);
$number = $_POST['captcha_number'];
if ($number != $key) {
$incorrect_validation = 'yes';
}

And here's the code in captcha.php:

Code:

<?php

session_start();
$RandomStr = md5(microtime());
$ResultStr = substr($RandomStr,0,5);
$NewImage =imagecreatefromjpeg("images/captcha.jpg");


$font = imageloadfont("fonts/captcha.ttf");
$LineColor = imagecolorallocate($NewImage,233,239,239);
$TextColor = imagecolorallocate($NewImage, 255, 255, 255);
imageline($NewImage,1,1,50,100,$LineColor);
imageline($NewImage,1,50,50,10,$LineColor);
imageline($NewImage,30,50,150,30,$LineColor);
imagestring($NewImage, 5, 30, 10, $ResultStr, $TextColor);

$_SESSION['captcha'] = $ResultStr;

header("Content-type: image/jpeg");
imagejpeg($NewImage);
?>

12-23-2006, 11:13 PM	THREAD STARTER #1 (permalink)
Rudy NamePros Regular Join Date: Jul 2005 Location: United States Posts: 586	Prevent Spam on HTML forms... Hey guys, I've been having some real problems lately with spam being submitted on some forms on a website I run. A few nights ago, I added a PHP Captcha to the form, but it doesn't seem to have done much in reducing the amount of spam. So now, as well as the captcha, I'm trying to implement another way to "trick" the spam bots... I want to have a hidden text box in my form that, when it is submitted with a value, will prevent the form from going through. The following code is what I have so far. But I still can't seem to get the text box to be 'hidden': (Notice I'm not using the attribute type='hidden'... I'm trying to hide it another way - mainly so that the spam bots don't know it's "hidden" if you know what I mean) This is part of the code found at http://www.huntsources.com/list.php (The actual form) - Code: <form method=POST action="list.php" name="list"> <input type="hidden" name="submitted" value="submitted"> <div class="form_01"> <label for="first_name">First name:</label> <input title="Visually impaired users: do not enter anything in this box" type="text" name="first_name" id="first_name" value="" onKeyUp=" val = this.value; if (val.length > 0) { alert('Please place your cursor in ‘Name’ box to start your message'); this.value = val.substring(0,0); emailform.focus() } this.form.count.value=0-parseInt(this.value.length); "> </div> Now here's my css, found in http://www.huntsources.com/main.css: Code: #form_01 { visibility: hidden; display: none; } Any ideas why this is not working? ????: NamePros.com http://www.namepros.com/programming/272644-prevent-spam-on-html-forms.html Also, do you have any other suggestions on ways I can curb the amount of spam I'm getting? Once it is working on this page, I'm going to implement it onto other forms on the same website. Thanks for any help, David __________________ Smooth Stone Services Affordable Web Hosting Solutions Starting at only $4.95/month, IT Consulting and Technical Support Hunt Sources - Hunting Resources Online

12-24-2006, 08:10 AM	#2 (permalink)
Noobie NamePros Regular Join Date: Feb 2006 Location: Montreal, Quebec, Canada Posts: 324	HTML Code: <div class="form_01"> should be HTML Code: <div id="form_01"> OR ????: NamePros.com http://www.namepros.com/showthread.php?t=272644 change Code: #form_01 { visibility: hidden; display: none; } to Code: .form_01 { visibility: hidden; display: none; } __________________ Goldkey.com is a scam What's your BMI? \| Timestamp Generator

12-24-2006, 10:17 AM	THREAD STARTER #4 (permalink)
Rudy NamePros Regular Join Date: Jul 2005 Location: United States Posts: 586	Thanks for the responses. With the help from Noobie, I got the form working properly now. Let's see if it helps.... Good suggestion sdsinc, Thanks. I'll definitely keep that in mind. - David __________________ Smooth Stone Services Affordable Web Hosting Solutions Starting at only $4.95/month, IT Consulting and Technical Support Hunt Sources - Hunting Resources Online

12-24-2006, 02:18 PM	#5 (permalink)
Tree NamePros Regular Join Date: Feb 2006 Location: Atlanta, GA, USA Posts: 335	What CAPTCHA script are you using? Bots shouldn't be able to get past a well-coded one.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)