A spammer will not run JavaScript validation, either, so you need to do this on your server. If you use Tim Plumb’s PHP Feedback Form Action to process your form on your server, there is a “honeypot” option in that Action which will unobtrusively trap many spam-bots. It works by creating a form field that is hidden from human visitors, but which is part of the form, so the bot sees it and fills it out. If there is any value in that field when it reaches your server, the form submission is quietly dropped on the floor and never sent by mail. This is one of my favorite spam-combating tricks, because it doesn’t clue the spammer in to how they’re being trapped, and doesn’t tell them that their message won’t be delivered.
Walter
On Apr 19, 2014, at 2:57 PM, DVTVFilm wrote:
I’m trying to devise a simple way to identify a bot from a real person filling out forms on one of my sites.
I would like to set up a text box with the answer to this question:
What color is this word? BLUE
The word “Blue” of course would be colored RED.
So the answer is RED and that is what the person would have to write in the text box.
If the word he writes is not “red” then the form is not submitted.
Can this be accomplished simply? VALIDATE ACTION does not seem to validate for a specific word-- just either a text or numeric entry.
I know this will not stop a human spammer-- but I think it might stop a bot…
Ray
On Apr 19, 2014, at 3:18 PM, Walter Lee Davis email@hidden wrote:
A spammer will not run JavaScript validation, either, so you need to do this on your server. If you use Tim Plumb’s PHP Feedback Form Action to process your form on your server, there is a “honeypot” option in that Action which will unobtrusively trap many spam-bots. It works by creating a form field that is hidden from human visitors, but which is part of the form, so the bot sees it and fills it out. If there is any value in that field when it reaches your server, the form submission is quietly dropped on the floor and never sent by mail. This is one of my favorite spam-combating tricks, because it doesn’t clue the spammer in to how they’re being trapped, and doesn’t tell them that their message won’t be delivered.
Walter
On Apr 19, 2014, at 2:57 PM, DVTVFilm wrote:
I’m trying to devise a simple way to identify a bot from a real person filling out forms on one of my sites.
I would like to set up a text box with the answer to this question:
What color is this word? BLUE
The word “Blue” of course would be colored RED.
So the answer is RED and that is what the person would have to write in the text box.
If the word he writes is not “red” then the form is not submitted.
Can this be accomplished simply? VALIDATE ACTION does not seem to validate for a specific word-- just either a text or numeric entry.
I know this will not stop a human spammer-- but I think it might stop a bot…
Do I need to change the page to .php instead of .html to make it work?
No - the php file is created by the action and uploaded separately by FW as part of the upload process.
It is important that if you are using Tim’s action that you name your Name and Email fields correctly - with these fields selected look under the 3rd Tab in the inspector. They should be name and email respectively (case sensitive)
No - the php file is created by the action and uploaded separately by FW as part of the upload process.
And just to add to this - the page will still work if you call it whatever.php but you will lose the ability to preview your page locally (on your Mac).
There is no php in your page with the form on it but there is an instruction to send the contents of the submitted form to a whatever-go.php page for processing.
It is important that if you are using Tim’s action that you name your Name and Email fields correctly - with these fields selected look under the 3rd Tab in the inspector. They should be name and email respectively (case sensitive)
The fields will be returned in source-code order. Put all your fields in a table and they will be exactly in the order you place them, every time. You must name them precisely name (lower-case) and email (also lower-case). Every other field in the form can be named any other way you like.
Walter
On Apr 19, 2014, at 10:00 PM, DVTVFilm wrote:
Ah…
We have: 01_Name and 10_Email in those respective fields.
Since there are 43 possible entries we could receive from this form, we numbered them so they would print in defined order in the resulting email.
Do we need to change this for these two fields only? – to “name” and “email” ? or the action will not work?
The PHP Feedback Form Action will validate the e-mail address on the server, which is always more reliable than in-browser. You can leave both in place if you like, it shouldn’t hurt anything.
Walter
On Apr 20, 2014, at 11:51 AM, DVTVFilm wrote:
Excellent then.
I still have the “validate action” on the email entry.