Preventing form spam

Discussion in 'PHP' started by almondj, May 11, 2010.

0
  1. #1
    Some of you may know that a form can be done via a simple cURL script on a remote server, this has happened to me, and it was a pain in the butt to deal with. Anyone know how to prevent it, besides a CAPTCHA?
     
    almondj, May 11, 2010 IP
  2. musicmasteria

    musicmasteria Peon

    Messages:
    33
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Add a hidden variable to the form and check for it's presence and correct value before processing the posted data.
    That should weed out at least some of the spam.

    You could also try and check the location the form was submitted from and make sure it's from your domain and not someone else's.
     
    musicmasteria, May 11, 2010 IP
  3. almondj

    almondj Peon

    Messages:
    768
    Likes Received:
    11
    Best Answers:
    1
    Trophy Points:
    0
    #3
    Yeah, the problem with HTTP_REFERER is that it can be faked, but I guess it's still valid.
     
    almondj, May 11, 2010 IP
  4. musicmasteria

    musicmasteria Peon

    Messages:
    33
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #4
    True but the point is to stop as much spam as possible while still being reasonable in the methods used to stop it.
    You can't stop them all but the more you stop the better.
     
    musicmasteria, May 11, 2010 IP