Prevent Spam on HTML forms...

Rudy · 12-23-2006, 10:13 PM

Hey guys,
I've been having some real problems lately with spam being submitted on some forms on a website I run. A few nights ago, I added a PHP Captcha to the form, but it doesn't seem to have done much in reducing the amount of spam.

So now, as well as the captcha, I'm trying to implement another way to "trick" the spam bots... I want to have a hidden text box in my form that, when it is submitted with a value, will prevent the form from going through.

The following code is what I have so far. But I still can't seem to get the text box to be 'hidden': (Notice I'm not using the attribute type='hidden'... I'm trying to hide it another way - mainly so that the spam bots don't know it's "hidden" if you know what I mean)

This is part of the code found at http://www.huntsources.com/list.php (The actual form) -

Code:

<form method=POST action="list.php" name="list">
<input type="hidden" name="submitted" value="submitted">
<div class="form_01">
<label for="first_name">First name:</label>
<input title="Visually impaired users: do not enter anything in this box" type="text" name="first_name" id="first_name" value="" onKeyUp=" val = this.value; if (val.length > 0) { alert('Please place your cursor in ‘Name’ box to start your message'); this.value = val.substring(0,0); emailform.focus() } this.form.count.value=0-parseInt(this.value.length); ">
</div>

Now here's my css, found in http://www.huntsources.com/main.css:

Code:

#form_01 {
visibility: hidden;
display: none;
}

Any ideas why this is not working?

Also, do you have any other suggestions on ways I can curb the amount of spam I'm getting?

Once it is working on this page, I'm going to implement it onto other forms on the same website.

Thanks for any help,
David

Noobie · 12-24-2006, 07:10 AM

HTML Code:

<div class="form_01">

should be

HTML Code:

<div id="form_01">

OR
change

Code:

#form_01 {
visibility: hidden;
display: none;
}

to

Code:

.form_01 {
visibility: hidden;
display: none;
}

sdsinc · 12-24-2006, 08:56 AM

Quote:

Originally Posted by Rudy

...
Also, do you have any other suggestions on ways I can curb the amount of spam I'm getting?

Check your web server logs and ban the IPs via .htaccess.
Also check the user agent. If it's automated spam by a script it could be an odd user agent string like PHP or whatever. You could disallow it as well.

Rudy · 12-24-2006, 09:17 AM

Thanks for the responses. With the help from Noobie, I got the form working properly now. Let's see if it helps....

Good suggestion sdsinc, Thanks. I'll definitely keep that in mind.

- David

Tree · 12-24-2006, 01:18 PM

What CAPTCHA script are you using? Bots shouldn't be able to get past a well-coded one.

Rudy · 12-24-2006, 01:37 PM

Hey Tree,
I'm not sure how well-coded it is... It's one I found on the internet, and modified a little. Here's the code I'm using:

(On the form):

Code:

<img src="captcha.php" alt="Validation Key">

(In the PHP verifying the Submission):

Code:

 // Checks for correct Validation Key
$key=substr($_SESSION['captcha'],0,5);
$number = $_POST['captcha_number'];
if ($number != $key) {
$incorrect_validation = 'yes';
}

And here's the code in captcha.php:

Code:

<?php

session_start();
$RandomStr = md5(microtime());
$ResultStr = substr($RandomStr,0,5);
$NewImage =imagecreatefromjpeg("images/captcha.jpg");


$font = imageloadfont("fonts/captcha.ttf");
$LineColor = imagecolorallocate($NewImage,233,239,239);
$TextColor = imagecolorallocate($NewImage, 255, 255, 255);
imageline($NewImage,1,1,50,100,$LineColor);
imageline($NewImage,1,50,50,10,$LineColor);
imageline($NewImage,30,50,150,30,$LineColor);
imagestring($NewImage, 5, 30, 10, $ResultStr, $TextColor);

$_SESSION['captcha'] = $ResultStr;

header("Content-type: image/jpeg");
imagejpeg($NewImage);
?>

12-23-2006, 10:13 PM	#1 (permalink)
Rudy NamePros Regular Join Date: Jul 2005 Location: United States Posts: 588 613.72 NP$ (Donate)	Prevent Spam on HTML forms... Hey guys, I've been having some real problems lately with spam being submitted on some forms on a website I run. A few nights ago, I added a PHP Captcha to the form, but it doesn't seem to have done much in reducing the amount of spam. So now, as well as the captcha, I'm trying to implement another way to "trick" the spam bots... I want to have a hidden text box in my form that, when it is submitted with a value, will prevent the form from going through. The following code is what I have so far. But I still can't seem to get the text box to be 'hidden': (Notice I'm not using the attribute type='hidden'... I'm trying to hide it another way - mainly so that the spam bots don't know it's "hidden" if you know what I mean) This is part of the code found at http://www.huntsources.com/list.php (The actual form) - Code: <form method=POST action="list.php" name="list"> <input type="hidden" name="submitted" value="submitted"> <div class="form_01"> <label for="first_name">First name:</label> <input title="Visually impaired users: do not enter anything in this box" type="text" name="first_name" id="first_name" value="" onKeyUp=" val = this.value; if (val.length > 0) { alert('Please place your cursor in ‘Name’ box to start your message'); this.value = val.substring(0,0); emailform.focus() } this.form.count.value=0-parseInt(this.value.length); "> </div> Now here's my css, found in http://www.huntsources.com/main.css: Code: #form_01 { visibility: hidden; display: none; } Any ideas why this is not working? Also, do you have any other suggestions on ways I can curb the amount of spam I'm getting? Once it is working on this page, I'm going to implement it onto other forms on the same website. Thanks for any help, David __________________ Smooth Stone Services Affordable Web Hosting Solutions Starting at only $4.95/month, IT Consulting and Technical Support Hunt Sources - Hunting Resources Online

12-24-2006, 07:10 AM	#2 (permalink)
Noobie NamePros Regular Join Date: Feb 2006 Location: Montreal, Quebec, Canada Posts: 324 66.75 NP$ (Donate)	HTML Code: <div class="form_01"> should be HTML Code: <div id="form_01"> OR change Code: #form_01 { visibility: hidden; display: none; } to Code: .form_01 { visibility: hidden; display: none; } __________________ Goldkey.com is a scam What's your BMI? \| Timestamp Generator

12-24-2006, 09:17 AM	#4 (permalink)
Rudy NamePros Regular Join Date: Jul 2005 Location: United States Posts: 588 613.72 NP$ (Donate)	Thanks for the responses. With the help from Noobie, I got the form working properly now. Let's see if it helps.... Good suggestion sdsinc, Thanks. I'll definitely keep that in mind. - David __________________ Smooth Stone Services Affordable Web Hosting Solutions Starting at only $4.95/month, IT Consulting and Technical Support Hunt Sources - Hunting Resources Online

12-24-2006, 01:18 PM	#5 (permalink)
Tree NamePros Regular Join Date: Feb 2006 Location: Atlanta, GA, USA Posts: 335 13.25 NP$ (Donate)	What CAPTCHA script are you using? Bots shouldn't be able to get past a well-coded one.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)