I have a very simple html form which submits one text field to a database and then displays the results on my web page. It's been ok so far, but is now being filled up with spam links. How can I minimise these spam links, perhaps remove any submissions containing 'http' , 'www' etc? Here's my php code to submit the text field. $sql="INSERT INTO readersubmit (submit) VALUES ('".mysql_real_escape_string($_POST['suggestion'])."')"; PHP: any help would be appreciated.
I've added a javascript form checker to disallow 'http' perhaps this will help. if (form.suggestion.value.match("http")) { alert( "http is not allowed" ); form.suggestion.focus(); return false ; HTML:
Actually, to make a link you don't need "http" or even "www" (google.com) . I think you would be better off checking for the html link code: "<a". Also, you can implement recaptcha because most of that spam is being done by bots.
Thanks for the link, I've seen this on other sites and may give it go. There's no html links in the spam being submitted, just urls. I've found this little javascript form validator which may help, here's a snippet // regular expression to match only alphanumeric characters and spaces var re = /^[\w ]+$/; // validation fails if the input doesn't match our regular expression if(!re.test(form.suggestion.value)) { alert("Error: Input contains invalid characters!"); form.suggestion.focus(); return false; } HTML: I'd really like some server side php code to do the same tho. And here's where I'm using it http://homemadepizza.co.uk/reader.php