PHP Contact Form SPAM!

[Preeminent]

Hey all,
I know this is one of those questions that gets asked all the time. I did some looking around and can’t really find a good tutorial on a basic “3+4=?” type of question for my contact form. Basically, can anyone point me to a well detailed tutorial on adding that basic type of question to a contact form? I’m getting bombarded daily and just want to add a simple question to mine. I know about recaptcha and adding it to my form was extremely simple, BUT there is no way to shrink it down. It will not fit in my form. I really don’t know any PHP, so I would need something pretty easy to follow. Thanks!

[rickylamerz]

I could write a tutorial for you if you want. It includes basic PHP

[gno]

Preeminent, theres a much simpler solution to your problem than implementing a captcha check. Recaptcha is nice, and easily styleable if you know your way around with php. But Recaptcha, or anything like it would be overkill.

Most likely you are a victim of spam bots, the same kind of bots that we protect our blogs against with comment moderation, plugins and what not. Those spam bots are easily tricked;

All it takes is to add a input field (input type=”text-ish) and hide it with css (display: none;). That field will be empty, whenever someone visits your page in a browser and submits a message. Because they cant fill it out, due to it being hidden. But said bots, wont view your site in a browser – they’ll look at the markup, searching for forms. They fill out anything they find and submits it.

So if you just make sure that the check-input field is empty before you send the email to yourself, you can avoid the spam.

The code needed to implement this simple solution:
The HTML:

The CSS:

input.check { display: none; }

The PHP: (just wrap your current script in this if statement)

if ($_POST == '') {

// YOUR SEND-EMAIL-SCRIPT GOES HERE

}

?>

I hope that it will be useful for you!

[gno]

@SpeedGun:
You’re right – its not semantically beautiful. But as long as you have a site that is small enough to not become target to special designed spam bots, I consider this a better solution than captcha checks. You gain some usability and sleekness, with the only downside being slightly less semantic code. I can live with that. :-)

(To make it more semantic, one might make the input field of the hidden type instead. However, that would not trick the spambots to fill data into the field.)

[gno]

is PHP open and close tags. They only need to be wrapping php code – they can be opened and closed as many time as you with – you can even omit the closing tag in the end of the file, but there may never be two of the same following each other.

To implement the php check you should:

1) change the following line

if (!$_POST) exit;

into the next line

if ($_POST == '') {

2) add a closing } at the end of the file before the php closing tag.

[Rob MacKay]

There are loads of tuts out there already tbh, as gno said Recatpha is pretty awesome. Plus you help store books in digital form when you use it! :D

http://www.google.com/recaptcha

[Bob]

isEmail() is not a function for PHP, as far as I know, so either you have to create the function first or you can try the function is_email() thats built into WordPress.

[gno]

Bob is right. isEmail is a custom function, so you have most likely fucked something up when you attempted to implement my solution. It’s probably an include or require call you have removed.

[Rob MacKay]

Ok here is a quick explanation of what just happened.

PHP as you might have guessed has lot’s of built in functions for example is_array() gives you a true and false answer if something is an array or not. But you can write your own functions for PHP – as that is how you create applications etc etc…

So what someone has done with that script is create a function called isEmail() – which is not in PHP by default – and it is probably a regular expression match against if the email address given by the user is actually an email address or just a load of rubbish. If it is an email address you will get a true response, if not a false one. This will then give the answer to this part of your code.

elseif(!isEmail($email)) { $error .= '
You have entered an invalid e-mail address.
'; }

it reads:

if *Email is not actually an email* then the variable “error” equals *line of HTML error message*

So what has happened is somewhere along the line your isEmail() function has been removed or it’s name has changed. Normally things like this are “included” – so you would have another file with more PHP in it that you include into the main body of PHP – it saves space and lets your functions be kept nice and tidy :D

I would really recommend having a run through some basic PHP tutorials:

http://blog.themeforest.net/screencasts/diving-into-php-video-series/

This is good – if you go through them in about 2hrs you will have a massive jump on your understanding :)

[gno]

@Preeminent, I can ensure you that there is no way, that my “solution” to your problem is clashing with your script.

What is does is just to check if the field that we hide with css is empty. The problem is most likely your implementation of it.

The code which is sending your email should just be wrapped by if ($_POST == '') { and }

However, if you don’t know how the script works, I think it would be a good idea to look at some php tutorial as Rob suggests. This is very basic PHP (just checking if a given variable has a value or not)

[gno]

@Preeminent. You can try to email me the code if you want to, and I’ll look over it to see if I can spot the flaw :-) My email address is in my profile on this forum.

[AlterEagle]

@gno

An old post but, Thanks for this, I’m good with html css & jquery but php isn’t my strong suit so appreciate the simple solution.

[gno]

@AlterEagle thanks. :)

[Author]

Posts