|P is for Practical|
Battling form spamby rickaltman (Initiate)
|on Nov 17, 2010 at 06:19 UTC||Need Help??|
rickaltman has asked for the
wisdom of the Perl Monks concerning the following question:
At our website, www.BetterPresenting.com, we take book orders and host an annual conference. Our modest submission-form needs are met with your basic garden-variety form.cgi script (www.betterppt.com/form.zip). Meanwhile, we average about four to six form spam intrusions per day, so this is not an emergency, just an annoyance. In my hope to find a solution that uses our existing plumbing, I came up with the following scheme:
1. Spam bots indiscriminately fill out every field in a form and send it off.
2. If a field is not visible to a human, he or she would most likely not enter data into it.
3. I added a CSS rule into our external .css file called hiddenrow.
4. I applied this rule to the row of the table that holds the field in question.
(I also included a simple "do not enter data in this field" comment next to the field, in case someone is using an old browser or for whatever reason the CSS rule is not working.)
5. It should be a simple matter to include a test at the beginning of the send_mail subroutine that checks for contents in the hidden field. If it finds content, the subroutine aborts; if it does not find content, it continues.
I suspect that this would eliminate 95% of the form spam we now receive. The only problem is that I don't know how to code it! I tried the following:
but it did not work properly. I would be most grateful if some of the expters here could a) test my theory and my logic; and b) if they are sound, help me figure out the proper syntax for this seemingly-simple task.