Protection from auto-fill forms
Confirmation code
The most common way.You are familiar with the requirement to enter text from the image. There is one significant disadvantage in this method - we force the visitor to do a meaningless job, i.e. Enter text that does not contain information. After trying various scripts, I recommend you developed . download I made my own script of this kind, but it is too unconventional, therefore I do not suggest it. In general, I recommend doing it yourself, the more artfully, the more reliable protection from robots.
Trap
Create a hidden field, not hidden, but ex. Hidden by means of CSS. We call the field ex. Email. An ordinary visitor does not see this field and naturally does not fill it. Spam robot will fill this field. The form should only be processed if this field is empty. You can do it differently. If the hidden field is not filled, the letter goes to you, and if some kind of email is entered, then the letter will go to him. But most likely the email will not be real. The undisputed plus of this method, it is completely invisible to the visitor, and should be so. The idea is taken from www.nedbatchelder.com/text/stopbots.html Create a field ex.<input type=text name=email style="display: none">And the processing page will look like
<? if($email=="") { $a="my@mail.ru";} else { $a=$email;} mail("$a", "Letter from the site", " from $name email-sender: $mail theme: $reason text: $message", "From: <$mail>\nContent-type: text/plain; charset=utf-8"); ?>
ID of session
If sessions are used, then in the element we write the session id ex.<input type=hidden name=id_ses value=<? echo id_session(); ?>>Then we check if
$_POST['id_ses']== id_session()Then we perform the action, if not do not.