An Alternative To CaptchasThere are some people who have far too much free time on their hands. Spending time writing applications to automatically and repetitively blast the forms on a website with volumes of nonsense is beyond my scope of understanding. To combat these morons, webmasters have gone to great lengths to make certain that whatever is being entered into a form and submitted, is actually from a human being and not another computer. The most often used defense against automated form fillers, is to use a captcha image of mutated numbers and characters. If one is lucky enough to posess perfect eyesight they can often actually correctly repeat the code displayed. For many of us, the code looks like a Rorschach Test, and after several futile attempts, we are told to email the site administrator.... Fat Chance! Since our objective is to trap malicious automated form fillers we will deal with the idiot who gets his jollies by pecking away on his keyboard repeatedly alone for now. He will get bored with it soon enough anyway. The Form's Trap-Field Code Snippets***Note: If you don't want to use a function to display the form, you can create it as a plain html table (but it must be on a .php page file). I use the function so the fields are automaticlly filled wherever a visitor has filled in information.This code represents just 1 single table row, which can be inserted into any form, as long as the form action is pointed to a php page and not an html page. ***Be sure to include the input style! This removes the border on the text boxes. input { border: 0px; } <?php //Trap Automated Spam field //The text is the same color as the backround and CSS input style must be border="0", so everything is really invisible to most humans //Thus the td's will need a backround color. function display_antispam_field($form_trap) { global $form_title; ?> <tr><td align="right" bgcolor="white"><font color="#FFFFFF">Form Title</font></td> <td> <input type="text" name="form_trap" value="<?php echo "$form_trap"; ?>"size="30" maxlength="40"> </td> </tr> <? Form Validation<?php//Register the variable at the top of the validation page $form_title=$_POST['form_trap']; //Validate the variable before processing information //and display an error message if variable exists. <?php //Block automated form spam if ($form_trap){ echo "<div style=\"text-align: center\"><i><b>It appears that you have entered information in the blank area, directly below the first box. Remove it and your form will be processed.</b></i></div>"; } ?> //Call the function from within the form <?php display_antispam_field($form_title); ?> Sequence of EventsSince the text and the form_trap field is invisible to all css compliant browsers, It appears as an extra space in the form gives visitors nothing to fill in, but to a robot, it appears the same as any other field and as such, it fills in it's garbage. When the form is submitted, the validation checks to see if $form_trap has a value. If it does, it kicks the robot back to the form and displays a message, just in case a human accesses the form with a non-css compliant browser. View A Sample of this in a real form Click below the Capcha Example Subject Field and enter something there and submit. Return To Previous Page |
