Equipping You to Communicate Effectively
| support CMN & share a |
library of 19K+ images, videos, etc
| ||Thread Tools||Search this Thread||Rate Thread||Display Modes|
At work (web development company) our first step is a honeypot, i think it is called.
Basically, you have one field for the form, named something common like "txtURL", however set styles for it to display off the left side of the screen, (and for accessibility reasons, (ie, text readers), give it a label that says "Leave this field blank")
Now, when the form is processed, do not send anything that has something in this field, as then it is almost always a spam bot filling it out, as except for those browsing with styles shut off, or using a text reader, won't even know it is there, and even then, they are told not to fill it in.
This is a good first line of defense, and solves most of the problems on our sites. Then if it is still a problem do the recaptcha.
I have the form set up that the fields must have something typed in them for the contact form to process. I haven't received any goofy emails with rubbish in the fields. The problem is on the next page. Once the email is sent the user is sent to a "Thank you for contacting us" page. Its the sendmail.php If you were to go there and hit refresh I'll receive a blank contact form.
I spoke with a web manager for a church in my area. He said to add
in the beginning and
// end if isset ?>
at the end
It seems to have worked.
I starts school the 7th to finally learn all this stuff. =)
"What saves a man is to take a step. Then another step" - C. S. Lewis
Yep, the empty field that must remain empty has done wonders for stopping the spam we get through our contact form at work. Between that and common sense validations on things like email address (to prevent open relay), it's gone down to next to nothing.
Another handy trick I've found is to, on a receiving page, do all the mechanics before printing any of the page, and then redirect the user somewhere else -- a thankyou page, the same page without a post array (if it's something like a client detail page that shows you stuff), something. Then the user can press Refresh to his heart's content without triggering any unintended actions.
|contact form, empty|
|Thread Tools||Search this Thread|
|Display Modes||Rate This Thread|
Register Now for FREE!