SitePoint Sponsor

User Tag List

Results 1 to 12 of 12
  1. #1
    SitePoint Evangelist John D's Avatar
    Join Date
    Jun 2003
    Location
    Derry, Ireland
    Posts
    426
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Simple verification to stop spammers?

    Hey,

    I have a contact form and I just started getting over 20 emails a day from spambots, can anyone tell me some simple code just to stop spambots?

    Maybe a textbox to enter a verification word or something automatic, I don't mind as long as it stops the spam.

    Thanks very much
    CanaryHotspot.com - Canary Island forum and information
    InternationalChatForum.com - International Travel Chat Forum and information

  2. #2
    SitePoint Addict
    Join Date
    Feb 2005
    Location
    Brisbane, Australia
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This Google search offers a number of resources for free CAPTCHA options. Perhaps some can be implemented into your form?

  3. #3
    SitePoint Member
    Join Date
    Jun 2007
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i have a simple input box and above it i ask what 1 + 2 is.
    believe it or not, this stops about 99% of them for me.
    hth

  4. #4
    SitePoint Wizard bronze trophy bigalreturns's Avatar
    Join Date
    Mar 2006
    Location
    The Wirral, England
    Posts
    1,293
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by matt_rogers View Post
    i have a simple input box and above it i ask what 1 + 2 is.
    believe it or not, this stops about 99% of them for me.
    hth
    Yep, a lot of bots are simply put to work on contact.php files found through Google, and aren't built to deal with any form of verification. If they do find any then they'll simply move onto the next site until they find one they have free access to.
    "The proper function of man is to live - not to exist."
    Get a Free TomTom


  5. #5
    SitePoint Wizard cranial-bore's Avatar
    Join Date
    Jan 2002
    Location
    Australia
    Posts
    2,634
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Firstly make sure you are not vulnerable to email injection. If you are then there are probably hundreds of people getting that spam via your form (as a BCC when sent to you).

    Basically if your form asks for the submitters name or email, then uses that value as the from name / address in the mail headers without careful validation you are probably passing on spam without knowing it. See the wikipedia entry for more info.

    Once you sort that out your could install a CAPTCHA, or more accessibly a random question that needs answering. Some spam bots will be smart enough, but most won't.
    mikehealy.com.au
    diigital.com art, design . Latest Work ó Saturday Morning

  6. #6
    SitePoint Member maksimovic's Avatar
    Join Date
    Jul 2006
    Location
    Novi Sad, Serbia
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You can add simple checkbox "This is not spam" (make it required field on the server-side as well). It stopped spam on 99.99% of my websites

  7. #7
    SitePoint Evangelist John D's Avatar
    Join Date
    Jun 2003
    Location
    Derry, Ireland
    Posts
    426
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for this, could anyone help with the code for any of these methods?

    Its getting even worse now, I am using a vbulletin.org hack for a form going through vb - http://www.vbulletin.org/forum/showthread.php?t=126676

    Thanks
    CanaryHotspot.com - Canary Island forum and information
    InternationalChatForum.com - International Travel Chat Forum and information

  8. #8
    SitePoint Enthusiast
    Join Date
    Apr 2007
    Posts
    57
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok I have done 1+9 check. I hope that it will do the trick for me too. Stopping spam.

  9. #9
    SitePoint Enthusiast
    Join Date
    Jun 2007
    Location
    Frankfurt/Germany
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    To stop mail form hijacking, treat the vars this way:

    $var = preg_replace('/\s+/s', ' ', $var);

  10. #10
    SitePoint Evangelist John D's Avatar
    Join Date
    Jun 2003
    Location
    Derry, Ireland
    Posts
    426
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    mainlink, should I do that for the vbulletin hack?

    Sorry, no idea about PHP to be honest.

    Thanks again
    CanaryHotspot.com - Canary Island forum and information
    InternationalChatForum.com - International Travel Chat Forum and information

  11. #11
    SitePoint Zealot Servyces's Avatar
    Join Date
    Jun 2007
    Location
    The Netherlands
    Posts
    112
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    John,

    I use a CAPTCHA verification on my contact page and it works like a charm
    Got the info on how to do it from this site.

    Hope it's of help to you.
    Last edited by Servyces; Jun 13, 2007 at 10:22.
    Servyces.com
    Where itís all about you.
    Your partner in online solutions.
    Visit our website at http://www.servyces.com/

  12. #12
    SitePoint Enthusiast
    Join Date
    Jun 2007
    Location
    Frankfurt/Germany
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by John D View Post
    mainlink, should I do that for the vbulletin hack?

    Sorry, no idea about PHP to be honest.

    Thanks again
    Sorry, I am not into vBulletin.

    All I can say is that all name, head and mail address data should be "cleaned" that way.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •