• Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net
managed wordpress hosting

Some help with contact form please

I

Iorguzzu2

New Member
I get a lot of spam recently and I think is from my contact page... how do I encode my email address so that It won't be picked up by spam bots?
 
I have a contact form on my site but I still get lots of spam. I think bots see it as an add-a-comment form. I even added a captcha and it didn't help much.
 
if it is coming from your contact form, you can cut down by using captcha, but, you will never fully get rid of it all.
 
If your website is fairly small you don't have to go as far as a captcha, just put in a non-standard field, something like

Code: 
Are you a human? 
<label><input type="radio" name="jugs" value="yes" /> Yes</label>
<label><input type="radio" name="jugs" value="no" checked="checked" /> No</label>

Then in the script it posts to, before you do anything email-sending wise, put
PHP: 
if($_POST['jugs'] == "no") {
 die("Sorry, only humans are allowed to use the contact form");
}

That should help cut out quite a lot of spam.
 
you can also start a timer, and if the form was submitted to fast, then it was obviously a bot, and you can deny the message from being sent.

PHP: 
<?php
$encrypt_key = md5('RANDOM_STRING_OF_TEXT_HERE_WITH_NO_SPACES'.date('z'));
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_TWOFISH, MCRYPT_MODE_ECB), MCRYPT_RAND);
?>
<input type="hidden" name="hash0" value="<?=bin2hex($iv)?>">
<input type="hidden" name="hash1" value="<?=bin2hex(mcrypt_encrypt(MCRYPT_TWOFISH, $encrypt_key, time(), MCRYPT_MODE_CBC, $iv))?>">

<?php
//USE THIS WHEN PROCESSING THE FORM
### additional spam checks ###
$huzzah = "WEASSUMESPAM";

$encrypt_key = md5($_POST['eK'].date('z'));

$iv = $_POST['hash0'];
$hash1 = $_POST['hash1'];

if ($iv == '') {
	  print('Error: You are not authorized to do that');

	  exit;
} else if ($hash1 == '') {
     print('Error: You are not authorized to do that');
	  exit;
} else {
	$post_time = mcrypt_decrypt(MCRYPT_TWOFISH, $encrypt_key, pack('H*', $hash1), MCRYPT_MODE_CBC, pack('H*', $iv));
}

if ($post_time == '') {
     print('Error: You are not authorized to do that');
	  exit;
} else if (is_numeric($post_time)) {
     print('Error: You are not authorized to do that');
	  exit;
} else if (time() - $post_time > 60*1000000000) {
     print('Error: Your session has expired, please go back and try again.');
	  exit;
} else if (time() - $post_time < 0) {
     print('Error: You are not authorized to do that');
	  exit;
} else if (time() - $post_time < 5) {
     print('Error: You are not authorized to do that');
	  exit;
} else {
### spam check passed.... proceed with processing ###
	$huzzah = "TRUE";
}
?>
 
Add something so that people need to prove they are humans, like using the re-Captcha you see everywhere. It's really simple to use and implement.

That should help you cut down spam
 
You must log in or register to reply here.
Back
Top