Honeypot PHP for Comment Form

三世轮回 提交于 2019-12-22 17:47:55

问题


I am creating a jquery ajax popup comment form, but am having a problem with the way Im setting up my "honeypot" in php.

The honeypot ($robotest) isn't working; instead the script returns "E-mail is not correct". Can anyone point out my error? Thank you

The html form is:

<form class="cmxform" id="commentForm" method="POST" action="">
   <p>
     <label for="cname">Name</label>
     <input id="cname" name="name" size="25" class="required" minlength="2" />
   </p>
   <p>
     <label for="cemail">E-Mail</label>
     <input id="cemail" name="email" size="25"  class="required email" />
   </p>
   <p>
     <label for="curl">URL</label>
     <input id="curl" name="url" size="25"  class="url" value="" />
   </p>
   <p>
     <label for="ccomment">Your comment</label>
     <textarea id="ccomment" name="comment" cols="22"  class="required"></textarea>
   </p>
    <p class="robotic" id="pot">
        <label>Please leave this blank:</label>
        <input name="robotest" type="text" id="robotest" class="robotest" />
    </p>
   <p>
     <input class="submit" type="submit" value="Submit"/>
   </p>

EDIT:

Thanks to @JamWaffles for the support. Below is the correct way to implement the honeypot. (And as Kamalo noted you will want to have the id of 'robotest' set to display:none in your css):

<?php
$robotest = $_POST['robotest'];
$email = $_POST['email'];   
if((!filter_var($email, FILTER_VALIDATE_EMAIL)) && ($robotest == "")) { 
    print "E-mail is correct";      
    $to      = 'asdfdsafasdfsda@gmail.com';
    $subject = 'the subject';
    $message = 'hello';
    $headers = 'From: webmaster@example.com';       
    mail($to, $subject, $message, $headers);        
} else {
    print "E-mail is not correct";
}   
?>

回答1:


filter_var() returns a non-falsy value when the email is valid, not false. Remove the ! before filter_var( in your if():

if((filter_var($email, FILTER_VALIDATE_EMAIL)) && ($robotest = "")) 

You're executing code inside the if() when filter_var() fails, which is why you're getting

E-mail is not correct

for valid emails.


Something else I missed too is the fact you're assigning to $robotest instead of comparing it against an empty string. You need to use the double equals comparison operator instead of the single equals assignment operator. Your if() should look like this:

if((filter_var($email, FILTER_VALIDATE_EMAIL)) && ($robotest == "")) 



回答2:


For an alternative answer, I set up a "honey pot" input in my html with display:none

<input type="text" name="honeypot" id="honeypot" style="display:none;"/>


来源:https://stackoverflow.com/questions/9447716/honeypot-php-for-comment-form

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!