spam-prevention

How can I detect (with regular expressions or heuristics) a web site link in a string of text such as a comment? The purpose is to prevent spam. HTML is stripped so I need to detect invitations to copy-and-paste. It should not be economical for a spammer to post links because most users could not successfully get to the page . I would like suggestions, references, or discussion on best-practices. Some objectives: The low-hanging fruit like well-formed URLs ( http://some-fqdn/some/valid/path.ext ) URLs but without the http:// prefix (i.e. a valid FQDN + valid HTTP path) Any other funny business

There are various ways to obfuscate email addresses on the web, but most of them don't work when you need to have a mailto: href. I generally use name[AT]domain.com , because I think it's fairly obvious to the user what they have to do to get a real email address, but I wonder if there's any benefit to this (as it's easy to automate by a spammer). I'm aware of the services which hide the email address behind a captcha, but to me this is too much work for the user. So, two questions: Is there any way that (a) retains the use of mailto: links, (b) will stop spammers and (c) isn't too complicated

I want to stop spammers from using my site. But I find CAPTCHA very annoying. I am not just talking about the "type the text" type, but anything that requires the user to waste his time to prove himself human. What can I do here? Requiring Javascript to post data blocks a fair amount of spam bots while not interfering with most users. You can also use an nifty trick: <input type="text" id="not_human" name="name" /> <input type="text" name="actual_name" /> <style> #not_human { display: none } </style> Most bots will populate the first field, so you can block them. Integrate the Akismet API to

For a website that takes input from kids we need to filter any naughty / bad words that they use when they enter their comments in the website (running PHP). The comments are a free field and users can enter whatever comments they want. The solution I can think of is to have a words list like BLACKLIST: bad,bad,word,woord,craap,craaaap, (We can fill this with all the blacklisted words). Then when the form is saved we can look at the list and if any of the words are present then we will not allow the comment to be saved. BUT the prolem with this method is that they can get around by adding

I'm building a simple contact form for a website. It does not connect to a database, it just sends the email. Will this code prevent spammers from using header injections? Are there any vulnerabilities I'm not seeing? //create short variable names $name= filter_var($_POST['Name'],FILTER_SANITIZE_STRING); $email= filter_var($_POST['Email'],FILTER_SANITIZE_STRING, FILTER_VALIDATE_EMAIL); $subject= filter_var($_POST['Subject'],FILTER_SANITIZE_STRING); $message= filter_var($_POST['Message'],FILTER_SANITIZE_STRING); //set up some static information $toaddress = 'blah@localhost.com,blahblah

I know that in first look many users mark this question as duplicate, but after reading more than 10 question I did not get any satisfactory answer, almost all question has answers having words like "There's not much you can do about it.", "I am not sure", "There is no sure shot trick" etc. that's why I am writing this question, and I think this is very generalized questions and every php developer faces it at least once, ok enough speech :) , now my question is.. I working on a project management application and am using phpmailer to send mail when any task is created or anybody comments on