Protection from auto-fill forms

Beginning / Safety / Safety

Protection from auto-fill forms

Captcha to the site


Confirmation code

The most common way.
You are familiar with the requirement to enter text from the image.

There is one significant disadvantage in this method - we force the visitor to do a meaningless job, i.e. Enter text that does not contain information.

After trying various scripts, I recommend you developed . download

I made my own script of this kind, but it is too unconventional, therefore I do not suggest it. In general, I recommend doing it yourself, the more artfully, the more reliable protection from robots.


Trap

Create a hidden field, not hidden, but ex. Hidden by means of CSS. We call the field ex. Email.

An ordinary visitor does not see this field and naturally does not fill it. Spam robot will fill this field. The form should only be processed if this field is empty.

You can do it differently. If the hidden field is not filled, the letter goes to you, and if some kind of email is entered, then the letter will go to him. But most likely the email will not be real.

The undisputed plus of this method, it is completely invisible to the visitor, and should be so.

The idea is taken from www.nedbatchelder.com/text/stopbots.html

Create a field ex.

<input type=text name=email style="display: none">
And the processing page will look like
<?
if($email=="") { $a="my@mail.ru";}
else { $a=$email;}

mail("$a", "Letter from the site", " from $name
email-sender: $mail
theme: $reason
text: $message",
"From: <$mail>\nContent-type: text/plain; charset=utf-8"); 
?>

ID of session

If sessions are used, then in the element we write the session id ex.
<input type=hidden name=id_ses value=<? echo id_session(); ?>>
Then we check if
$_POST['id_ses']== id_session()
Then we perform the action, if not do not.

Screen Size

If you are familiar with a script that loads various pages of the site depending on the screen resolution.

Few adjust this script, if the screen has no dimensions, then the form is not processed.