so I was looked around on google for a simple solution to prevent spam and noticed that creating a ‘fake form’ was a good and simple solution to weed out spam, but I still seem to be receiving spam email daily asking about improving my SEO rankings for a site I help run.
check out the code I’m using and let me know if I’m doing something wrong or what extra steps can be taken to prevent spam…I’m currently just using the fake form, javascript form validation and also HTML Sanitization…should I also enable a captcha of some sort? if so, what do you guys recommend?
fake form with the real form:
<form id="contactpazrt" enctype="multipart/form-data" action="form.php" method="post" onsubmit="return validate_fields(this)">
<div style="display: none;">
<!-- Start Fake Form -->
<ul>
<li>Name:<br />
<input type="text" size="30" name="name" id="name" /></li>
<li><br /></li>
<li>Email:<br />
<input type="text" size="30" name="email" id="email" /></li>
<li><br /></li>
<li>Problem:<br />
<select name="problem">
<option value="website">Website Problem</option>
<option value="forum">Forum Problem</option>
<option value="misc">Miscellaneous</option>
</select></li>
<li><br /></li>
<li>Comments:<br />
<textarea name="comments" id="comments" rows="5" cols="45"></textarea></li>
</ul>
</div>
<!-- End Fake Form -->
<ul>
<li>Name:<?php echo $yourname; ?><br />
<input type="text" size="30" name="name1" id="name1" /></li>
<li><br /></li>
<li>Email:<?php echo $email; ?><br />
<input type="text" size="30" name="email1" id="email1" /></li>
<li><br /></li>
<li>Problem:<?php echo $problem; ?><br />
<select name="problem1">
<option value="website problem">Website Problem</option>
<option value="forum problem">Forum Problem</option>
<option value="misc problem">Miscellaneous</option>
</select></li>
<li><br /></li>
<li>Comments:<?php echo $comments; ?><br />
<textarea name="comments1" id="comments1" rows="5" cols="45"></textarea></li>
<li><br /></li>
<li><br /></li>
<li><input type="submit" name="action" value="Submit" />
<input type="reset" name="reset" value="Reset" /></li>
</ul>
</form>
</div>
HTML Sanitization:
<?php
$name = htmlspecialchars($_POST['yourname']);
$email = htmlspecialchars($_POST['email']);
$problem = htmlspecialchars($_POST['problem']);
$comments = htmlspecialchars($_POST['comments']);
?>
javascript validation:
function validate_fields(thisform)
{
if (thisform.name1.value == "" || thisform.name1.value == null)
{
alert("Please enter your name");
return false;
}
if (thisform.email1.value == "" || thisform.email1.value == null)
{
alert("Please enter your email address");
return false;
}
}
form processor with the fake form processor:
<?php
if(!empty($_POST['name']) or !empty($_POST['email']) or !empty($_POST['problem']) or !empty($_POST['comments'])) {
header ('Location: http://www.pazrt.com');
}
$name1 = $_POST["name1"];
$email1 = $_POST["email1"];
$problem1 = $_POST["problem1"];
$comments1 = $_POST["comments1"];
$address_to = "removed";
$address_from = "removed";
$email_subject_line = $name1 . "'s form";
$email_text = "Name? " . $name1 .
"\
Email? " . $email1 .
"\
Problem? " . $problem1 .
"\
Comments? " . $comments1;
mail($address_to, $email_subject_line, $email_text, $address_from);
header ('Location: http://www.pazrt.com/thanks.html');
exit ();
?>