In the video you're first checking if the fields (name, email and query) are set. Personally, what i'd do is first check if the "title" field has been filled in... if so, immediately invalidate the request. There is no need to first validate the actual form, since it's a bot. Cheers

No need to check for isset() when using !empty(), as one of the equivalent sides of the empty() check is !isset().

I'll give this a go. Much appreciated John

Good job! I like your solution to form spam.

Smart idea! im going to use this from now on! thanks

I can see how this could be implemented with JavaScript as well. Love the concept! Thanks!

Added to favorites

Great tip. Useful even in 2024.

This might work for bots that were created to mass post spam multiple sites, but if a programmer wants to create a bot to post spam this particular website, he's probably going to figure this out and implement it into the bot, so it doesn't fill in the 'title' field. You should probably add this to your description.

Best PHP tutorials period.

Brilliant! Thank you very much.

Thanks :) I will keep this in mind

Wow. Added to my Useful playlist. Will use this later.

Are you still going to make a tutorial (playlist) for Laravel 4? I really want to learn it, but there aren't good tutorials. Thanks

another very useful knowledge thanks you sir for all your tutorials :D

This is so cool, and so easy :) Thanks a lot!

I use this all the time, only I don't call my class hidden , works really well, you can't really do it with jquery as a bot simply reads the raw markup ie. It would nt see any javascript code applied

Very cool idea. This is simpler and less intrusive than using a captcha script although probably not as effective. I have actually read a tutorial which uses the PHP image manipulation (gd) library to create a captcha. For those who are interested, the idea is simple. You generate a random string using a character set you wish. Hash the string and set it to a session variable. Then generate an image with the original string and apply lines and dots and stuff to make it harder for computers to read. Then on the second page, you take the input field and run it through the same hash to verify that it was typed in correctly. I know I glossed over the details, but hopefully, this should give you an idea of how to work through this. Perhaps Alex could do a tutorial on this? That would be nice.

I've done this a couple of weeks ago on a site, and it's very effective indeed :)

I did this and it, tested it, works. Thanks

Really helpful thanks!

Ingenious!

Oh, I see what you did there!

Can you help me understand how to do this in CodeIgniter. I'm using $this->form_validation->set_rules('title_1', 'title1', 'max_length[0]'); Form still goes through

make us a full contact form with attachment

But maybe that bot can be smarter and check if input fields ar invisible, if they are, don't write anything in there.

wouldnt be for example .addClass("hidden") in jquery a more save way to prevent bots from checking display:none etc? And something like DO NOT FILL - BOT PREVENTION most people deactivating JS are able to understand that. lech00 two comments below also wrote something very nice! Dont you think?

Great video

use reCAPTCHA that can't be read by OCR

Thank you for this but I have a question is there a more complex way in avoiding spam because i think if they will try to bypass the input filled that is hidden they can still continue to spam.

This still work in 2022, asking for a friend 😂😂🤣

Why don't you check for the title field at the beginning of the if-statement that was already there? Also, what happens if I use the die function if my email form doesn't forward to another page but uses the same page to send it, will the email form become useless?

Just so people know, this will help against a lot of the bots but not the more sophisticated ones. It is not a substitution for a captcha but can be used in less critical instances or to complement other security measures.

Wow, thats so simple...

Genious!

I know this is old, but... just makes my mail page go blank....... perhaps something to do with the die command?

very clever

Could someone please confirm for me that this is what is known as the honey pot spam prevention method? If not what is this kind of method actually called?

Bruno Lustosa Ferrari, da uma olhada nisso aqui.

Why pick CAPTCHA when you have phpacademy !

...or you can use js like

user easyly can remove this hidden input from DOM... :)

2020

CAPTCHA is an awful method to use.. I ment awful because its not clier and annoying.. If I see any forms with captcha, register,contact forms, etc, all I do is exit page.. What I do for my forms, to prevent spam, I just generate random code, lets say (1,999) and ask to enter that number for user..This number is storred in session, so after you click submit button its not going to change, but if this session is already set, we generate another one.. Its super simple for user to enter, no eye breaking like with captcha and you can generate numbers + letters, if you think is going to be more secure..

Your voice🤔

My Spambot can hack it