cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
0
Upvote

Securing an Email Form (PHP)

Guest
Apr 12, 2010 Apr 12, 2010

Copy link to clipboard

Copied

Good Morning Everyone,

Over the weekend an email form on my webpaged was, for lack of a better term, hacked.  They were filling out erroneous information and even able to change the subject of the email which is stored in a hidden field on the page.  It was nothing major, just more annoying than anything else.

I know that I could add CAPTCHA images to the page but at this point I don't want to change how the user fills out the form.  So I was wondering if there was anything standard flags that I could check for using PHP that would help filter out spam attacks.


I attached a link to the form in case anyone needs it.

http://www.powerhouse.com/Products/RequestInfo.php?UnitNumber=B-862

Thanks for the help everyone!

TOPICS
Server side applications

Views

1.5K
Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

bregent
LEGEND , Apr 14, 2010 Apr 14, 2010

>Also add a field that is hidden using css.

This works well for me. The OP can search the web for "honeypot form" for more details.

Votes

Translate
replies 4 Replies 4
latest latest Jump to latest reply
Mayga58
New Here ,
Apr 12, 2010 Apr 12, 2010

Copy link to clipboard

Copied

Captcha is the better way... but you can create your own form and ask a simple question

to answer. It will not destroy your design


Votes

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
pziecina
LEGEND ,
Apr 12, 2010 Apr 12, 2010

Copy link to clipboard

Copied

Hi

The way I have gone with this problem is to create a simple text input box at the bottom of the form and asked the user to input a 3 digit code, then used a simple if/else in my form processing script to check for the code.

The advantage of this over captcha is that it is accessible to users with disabilities and I can change the '3 digit code' at any time. Not as secure as captcha but unless you have a 'determined' spam bot visit your page that reads the instructions on the page, it does work and is simple to implement.

PZ

Votes

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Apr 13, 2010 Apr 13, 2010

Copy link to clipboard

Copied

In Response To pziecina

Also add a field that is hidden using css. If that field has data then you have someone reading the page and filling it out who has css disabled. Meaning that it is likely a bot putting garbage in all fields. Simply through away the data without sending an email.

You can also do a domain check - if you are using php - to make sure it is a valid domain entered for the email address. Again, discard if not.

Votes

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
bregent
LEGEND ,
Apr 14, 2010 Apr 14, 2010

Copy link to clipboard

Copied

LATEST
In Response To Deleted User

>Also add a field that is hidden using css.

This works well for me. The OP can search the web for "honeypot form" for more details.

Votes

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices