[thelist] what's the hole in my contact form anti-spam?
Roberto Gorjão
roberto at asenseofdesign.com
Thu Sep 10 12:14:18 CDT 2009
Well, you're not having spam, but you're also forbidding your visitors
to send any links to your client... what might be OK in his case but is
not a solution that does "not give visitors more hoops to jump through",
to use Joel's own words, specially if your script doesn't return an
explanation to the user about why her message was not accepted.
Anyway, Joel, what is decidedly strange in your logic is to have a
"prove that you're human" field and not to test it. If you don't try it,
why use it? You'll be even more successful if you make your "prove that
you're human" question random, and test it accordingly, as Tony suggested.
Good luck!
Roberto
-----------------------
Nan Harbison wrote:
> My client did NOT want a captcha under any circumstances, so in desperation,
> after watching how the fields were filled out by bots for a few weeks, I
> created this code:
>
>
> $findspam1 = strpos($_POST['message'], "[");
> $findspam2 = strpos($_POST['message'], "]");
> $findspam3 = strpos($_POST['message'], "url");
> $findspam4 = strpos($_POST['message'], "http://");
> $findspam5 = strpos($_POST['message'], "link=");
> if ($findspam1==false && $findspam2==false && $findspam3==false &&
> $findspam4==false && $findspam5==false)
> {
> if ---the code you already have here----
> {
> to do whatever
> }
> }
>
> And I haven't had any spam since then, and now, having said that, I bet I am
> going to have to eat those words!!!
>
> Nan
>
>
>
More information about the thelist
mailing list