Securing an Email Form (PHP)

Question

Good Morning Everyone,Over the weekend an email form on my webpaged was, for lack of a better term, hacked.  They were filling out erroneous information and even able to change the subject of the email which is stored in a hidden field on the page.  It was nothing major, just more annoying than anything else.I know that I could add CAPTCHA images to the page but at this point I don't want to change how the user fills out the form.  So I was wondering if there was anything standard flags that I could check for using PHP that would help filter out spam attacks.I attached a link to the form in case anyone needs it.http://www.powerhouse.com/Products/RequestInfo.php?UnitNumber=B-862Thanks for the help everyone!

bregent · Accepted Answer

>Also add a field that is hidden using css.This works well for me. The OP can search the web for "honeypot form" for more details.

pziecina · Answer

HiThe way I have gone with this problem is to create a simple text input box at the bottom of the form and asked the user to input a 3 digit code, then used a simple if/else in my form processing script to check for the code.The advantage of this over captcha is that it is accessible to users with disabilities and I can change the '3 digit code' at any time. Not as secure as captcha but unless you have a 'determined' spam bot visit your page that reads the instructions on the page, it does work and is simple to implement.PZ

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded