This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.
The active forums are here.
December 30, 2008 3:49pm
Subscribe [4]#1 / Dec 30, 2008 3:49pm
Has anyone had any luck creating a spam free contact form using any of these methods below in this blog post?
http://www.webaim.org/blog/spam_free_accessible_forms/
If so please let me know, I am looking to apply some of these methods and seem to be striking out. I will pay for your time.
#2 / Dec 30, 2008 7:00pm
Why is EE captcha not working?
#3 / Dec 30, 2008 7:29pm
I sort of did the opposite of “Detect content within a hidden form element” and it seems to be working although it does require javascript. But my form is only accessible if you have javascript enabled so that was a non-issue for me.
What I did was use Solspace’s Freeform to assign a “required” field and then removed the input field from the HTML. I then set up a JQuery script that will add the field to the code if a visitor has javascript active. So anything that tries to fill in the incomplete form will fail. So far, so good.
#4 / Dec 30, 2008 8:12pm
Sorry, this is for a non-ee site.
#5 / Dec 30, 2008 8:20pm
Sorry, this is for a non-ee site.
Well, you could use this for php validation and use the hidden field trick. Then you could do it without javascript. Freeform didn’t allow for requiring a field to be blank so I went the other way, but I believe this script does have the option to let you require “0” characters.
#6 / Dec 30, 2008 8:31pm
then I second hidden form element with php validation or try this with recaptcha account
#7 / Dec 31, 2008 10:12am
I don’t want to use captcha or recaptcha at all. I am not a fan.
#8 / Dec 31, 2008 1:17pm
I am not a php guru but the logic should carry over.
How about using a “random number” along with the hidden form field?
Stick the number generated into hidden form field and then compare it to the field that use would enter. Also you could use (from the link above) the validation of format entered.
#9 / Dec 31, 2008 5:35pm
<?php
/*
* File: contact.php
* General Contact Form
* Created 2008 - StuffbySarah.net
*
* Do not edit the form fields cfname and cfemail. If you remove or change their names this script will cease to work!
* You may add additional form fields but not checkboxes or file upload boxes as these will not work correctly.
*/
// Change the $to_email to the address you want the email to be sent to
$to_email = "[email protected]";
// Change $redirect to where you want the user to be redirected to, usually a thankyou page
$redirect = "thankyou.html";
// Change the $subject to the subject of the email that you what
$subject = "Online contact form from your site";
// Specify the required fields
$req_fields = array("cfname", "cfemail", "cfmessage");
// this bit does the mailing
if (isset($_POST['cfsubmit']) && trim($_POST['cfsubmit']) != "") :
/*
* These validation functions are courtesey of Khalid Hanif at jellyandcustard.com
*/
// check no additional lines have been added to the email field
function has_newlines($text) {
return preg_match("/(
|
|\n+|\r+)/i", $text);
}
// Check that additional headers haven't been added
function has_emailheaders($text) {
return preg_match("/(
|
|\n+|\r+)(content-type:|to:|cc:|bcc:)/i", $text);
}
// check the email is of a valid form
function is_valid($text) {
return preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix",$text);
}
// clean up the form content
foreach ($_POST AS $key => $value) :
if (get_magic_quotes_gpc()) :
$value = stripslashes($value);
endif;
$formstuff[$key] = strip_tags($value);
endforeach;
// check required fields are completed
$formerror = FALSE;
foreach ($req_fields AS $formlabel) :
$value = trim($formstuff[$formlabel]);
if (empty($value)) :
$formerror = TRUE;
endif;
endforeach;
if (!$formerror) :
$error_msg = "";
// check the name field only contains letters (includes foreign characters) or a hyphen
if (!preg_match('/^[\p{L}-\.\'\ ]+$/u', $formstuff['cfname'])) :
$error_msg .= "<li>Your Name appears to be invalid.</li>\n";
endif;
if (has_newlines($formstuff['cfemail']) || has_emailheaders($formstuff['cfemail']) || !is_valid($formstuff['cfemail'])) :
// email address is invalid
$error_msg .= "<li>Your Email address is invalid.</li>\n";
endif;
// if all clear, proceed with building and sending the email
if (empty($error_msg)) :
$message = "";
foreach ($formstuff AS $key => $value) :
$message .= $key.": ".$value."\n\n";
endforeach;
$message .= "\n\nSender Info:\n";
$message .= "IP: ".$_SERVER['REMOTE_ADDR']." <a href="http://ws.arin.net/whois/?queryinput=.$_SERVER[REMOTE_ADDR].\n">http://ws.arin.net/whois/?queryinput=".$_SERVER['REMOTE_ADDR']."\n"</a>;
$message .= "Browser/OS: ".$_SERVER['HTTP_USER_AGENT'];
$headers = "From: ".$formstuff['cfname']." <".$formstuff['cfemail'].">\n";
$headers .= "Mime-Version: 1.0\n";
$headers .= "Content-Type: text/plain; charset=ISO-8859-1\n";
$headers .= "Content-Transfer-Encoding: 8bit\n";
$headers .= "Return-Path: <".$formstuff['cfemail'].">\n";
$headers .= "Errors-To: ".$to_email;
mail($to_email, $subject, $message, $headers);
// Redirect to a thank you page
header("Location:http://".$_SERVER['HTTP_HOST']."/".$redirect);
endif;
else :
$error_msg = "» Please complete all required details first.\n";
endif;
endif;
// function to print out form value, stripping any added backslashes
function get_value ($formvalue) {
if (!empty($_POST[$formvalue])) :
if (get_magic_quotes_gpc()) :
$form_value = stripslashes($_POST[$formvalue]);
endif;
echo $form_value;
endif;
}
?>
<!-- Your Header HTML code or include goes here -->
<?php
// this is the message if there is one.
if (!empty($error_msg)) :
echo "<ul class=\"warning\">\n"; // perhaps style the warning class to a bright colour
echo $error_msg;
echo "</ul>\n";
endif;
?>
<form id="contactform" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
<fieldset><legend>Contact Form</legend>
<div>
<label for="cfname">Name: <em>(required)</em></label>
<input type="text" name="cfname" id="cfname" size="30" maxlength="50" value="<?php get_value('cfname') ?>" />
</div>
<div>
<label for="cfemail">Email: <em>(required)</em></label>
<input type="text" name="cfemail" id="cfemail" size="30" maxlength="50" value="<?php get_value('cfemail') ?>" />
</div>
<!-- Add any more form fields that you want to add here -->
<div>
<label for="cfmessage">Your Message: <em>(required)</em></label>
<textarea name="cfmessage" id="cfmessage" cols="30" rows="8"><?php get_value('cfmessage') ?></textarea>
</div>
</fieldset>
<div><input type="submit" value="Submit" name="cfsubmit" id="cfsubmit" /></div>
</form>
<!-- Your footer HTML code or include goes here -->How would you apply some of the methods in my first post to this above code? I brain is fried and can’t seem to get this to work.
Thanks.
#10 / Dec 31, 2008 6:14pm
Add this:
...
...
// Empty form field check
if(!empty($_POST['email'])) :
$error_msg .= "<li>Looks Like SPAM.</li>\n";
endif;
// if all clear, proceed with building and sending the email
if (empty($error_msg)) :
....
....and html
...
...
<span>
<label for="email">
Ignore this text box. It is used to detect spammers.
If you enter anything into this text box, your message
will not be sent.
</label>
<input type="text" name="email" size="1" value="" />
</span>
</fieldset>#11 / May 14, 2009 1:48pm
Im looking to use this technique on some FreeForm fields…but I am not sure how to implement it.
I see on the last post here some code like this
// Empty form field check
if(!empty($_POST['email'])) :
$error_msg .= "<li>Looks Like SPAM.</li>\n";
endif;
// if all clear, proceed with building and sending the email
if (empty($error_msg)) :Is this php code? where do I add it? near the actual form in the template? do I need to activate php on the templates?