Honeypot implementation

前端 未结 1 565
天涯浪人
天涯浪人 2021-02-06 12:11

Trying to filter out spam from an online form. I have a hidden div with an input. The idea is that if something goes into the field, the form will ID the user as a bot and re

相关标签:
1条回答
  • 2021-02-06 12:32

    In my opinion, a honeypot should consist of ALL of the below:

    • A field hidden by CSS
    • A field hidden by JavaScript
    • A field requiring a blank input
    • A field requiring a specific input

    For instance:

    <div class="input-field">
      Please leave this blank
      <input type="text" name="contact" value="" />
    </div>
    <div class="text-field">
      Please do not change this field
      <input type="text" name="email" value="your@email.com" />
    </div>
    

    Using CSS, hide the first field:

    .input-field { display: none; }
    

    Using jQuery, hide the second field:

    $('.text-field').hide();
    // or
    $('.text-field').addClass('hide');
    

    Then a couple of very simple checks in PHP:

    if($_POST['contact'] == '' && $_POST['email'] == 'your@email.com') {
      // Not a bot
    }
    
    0 讨论(0)
提交回复
热议问题