I Have A Free Lockerz Invite site basically its a php form which sends an email to me if some1 enters thier email and also saves in the db.. I Have created a function that stops badwords but how would i stop spam... like s;dfd sfssff such words ?? dont wanna add a captcha any other way ?? Lemme know
Use Adobe's (GetSQLValueString) this is the best function to stop sql injections and other things. TechBabu ------------ Don't just make a website: Make an impact
If stopping spam if your goal, add in a captcha. reCAPTCHA is the standard these days, and really easy to add to any form. I looked at the link you posted, are you just gathering an email address? If so, you can just use a regex to check for a valid email and then insert into the DB and send the email.
Well basically yes i do a check if the email is valid but then this can be cheated by entering something like or something like that.. Is there any other kind of security other than captcha
I think the best thing to do to prevent these fake emails from making it into your DB is to send out a confirmation email. It's a pain in the ass, but the only real way you can confirm an email address. wd_2k6: Wow, I was really excited by that program. But, I couldn't get it to work on my server with a few email providers. Plus, it's still in an alpha release. I'm not sure how well it would work to begin with, since hwat it's doing really isn't a supported feature of SMTP
Yep I haven't used it myself yet, but there's still some work to do with it. would pass a DNS check so you must use an SMTP check for real exsistance, but as added it's not really supported and loading times will vastly increase!!
Maybe you could store there email in a database, along with a code and an activated column, default is 1, and you send them an email with the code, which is created using mt_rand(), and when they click it it will take them to an activate page, which will check the code against the username, where active = 0, and then it updates active to 1, which then in turn notifies you that someone has activated their account.
The problems will emails nowadays is they go to spam sometimes dont even reach that pretty much sucks but i guess its a nice idea to prevent spam..
the best option is to check for javascript, because only browsers run javascript and bots don't, solution: in your script include lines: <input type="hidden" name="javascriptcookie" id="javascriptcookie" value="false"> <script language="JavaScript"> if (document.cookie != ""){ document.getElementById('javascriptcookie').value='true'; } </script> then, once you process the form, check for $_POST[javascriptcookie]==true if its false, means it was a bot ...