HomeForumsPHPFormMailModifications

Spam check easy and effective

PHI got spammed by PFM. Read several threads. Just integrating a dropsown and making it required is NOT enough. I got that already, bots kept sending spam. So i did a very easy but effective Spam Protection for you PHM.

1. Insert a field "spamcheck" in your form, labeled "Spamcheck: 10+10+5=" eg
2. make this field required
3. insert this little piece of code into the function check_required():

$spamcheck = 25;
if($form['spamcheck']!=$spamcheck) {
$problem = false;
$errors[] = '0|You entered a wrong spamcheck string!';
}
Easier than Captcha, but quite effective...
Grtnx
www.ff-webdesigner.de

‹ Fix bug for checking a field that has a regex CSV Export ›
By ff-webdesigner.de on

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Spam check easy and effective

I received an error on line two of your code. I must have screwed it up. Parse error: parse error, unexpected T_STRING (2nd line of your code)

WHere exactly do you insert this? At the end after the last bracket of function check required? Here is what I did:/****************************************************************
* check_required() is the function that checks all required *
* fields to see if they are empty or match the provided regex *
* string (regex checking added in 1.02.0). *
* *
* Should a required variable be empty or not match the regex *
* pattern, a error will be added to the global $errors array. *
****************************************************************/

function check_required()
{
global $form, $errors, $invis_array, $fieldname_lookup;
$problem = true;
if ((!isset($form['recipient'])) && (!isset($form['recipient_bcc']))) {
$problem = false;
$errors[] = '1|There is no recipient to send this mail to. Please read the manual section titled "Form Configuration - Recipient".';
error_log('[PHPFormMail] There is no recipient defined from ' . getenv('HTTP_REFERER'), 0);
}
if (isset($form['required'])) {
$required = split(',', $form['required']);
while (list(,$val) = each($required)) {
$val = trim($val);
$regex_field_name = $val . '_regex';
if ((!isset($form[$val])) || (isset($form[$val]) && (strlen($form[$val]) < 1))) {
$problem = false;
if (isset($fieldname_lookup[$val]))
$field = $fieldname_lookup[$val];
else
$field = $val;
$errors[] = '0|Required value (' . $field . ') is missing.';
} else if (isset($form[$regex_field_name])) {
if (!eregi($form[$regex_field_name],$form[$val])) {
$problem = false;
$errors[] = '0|Required value (' . $fieldname_lookup[$val] . ') has an invalid format.';
}
$invis_array[] = $regex_field_name;
}
}
}
return $problem;
}
$Form_Authenticate = 963;
if ($form['Form_Authenticate']!=$Form_Authenticate) {
$problem = false;
$errors[] = '0|You entered a wrong Authentication string!';
}[/code]

Posted by zonetuke on Wed, 01/31/2007 - 01:30.

Spam check easy and effective

hi matthew!

i think you inserted it at the wrong position of function check_required().

i'm using a slightly modified version of this function, so just recognize the position of my spamcheck.
btw: works great. 10 spams per form per day before,
none since spamcheck (3 months).

function check_required()
{
global $form, $errors, $invis_array, $fieldname_lookup;
$problem = true;
if ((!isset($form['recipient'])) && (!isset($form['recipient_bcc']))) {
$problem = false;
$errors[] = '1|There is no recipient to send this mail to. Please read the manual section titled "Form Configuration - Recipient".';
error_log('['.date('d.m.y H:i:s').'] There is no recipient defined from ' . getenv('HTTP_REFERER'), 3, $logfile);
}
if (isset($form['required'])) {
$required = split(',', $form['required']);
while (list(,$val) = each($required)) {
$val = trim($val);
$regex_field_name = $val . '_regex';
if ((!isset($form[$val])) || (isset($form[$val]) && (strlen($form[$val]) < 1))) {
$problem = false;
if (isset($fieldname_lookup[$val]))
$field = $fieldname_lookup[$val];
else
$field = $val;
$errors[] = '0|Angabe im Feld "' . $field . '" fehlt.';
} else if (isset($form[$regex_field_name])) {
if (!eregi($form[$regex_field_name],$form[$val])) {
$problem = false;
$errors[] = '0|Angabe im Feld (' . $fieldname_lookup[$val] . ') hat ein ung?ltiges Format.';
}
$invis_array[] = $regex_field_name;
}
}
}
$spamcheck = 48;
if($form['spamcheck']!=$spamcheck) {
$problem = false;
$errors[] = '0|Sie haben eine falsche Zahl beim Spamcheck eingegeben!';
}
return $problem;
}

Posted by ff-webdesigner.de on Wed, 02/21/2007 - 14:57.

Spam check easy and effective

I fixed the error. Was just incorrect blank spaces in the code that I copied from your original post. The code from your last posting worked fine. Thanks much! $Form_Authenticate = 321;
if($form['Form_Authenticate']!=$Form_Authenticate) {
$problem = false;
$errors[] = '0|You entered the wrong spamcheck code!';
}

Posted by zonetuke on Thu, 02/22/2007 - 04:00.

Question

Hello,

I just noticed that in one block of the code it looks like this:

return $problem;
}
$Form_Authenticate = 963;
if ($form['Form_Authenticate']!=$Form_Authenticate) {
$problem = false;
$errors[] = '0|You entered a wrong Authentication string!';
}

Another one like this:

}
$spamcheck = 48;
if($form['spamcheck']!=$spamcheck) {
$problem = false;
$errors[] = '0|Sie haben eine falsche Zahl beim Spamcheck eingegeben!';
}
return $problem;
}

Just wondering about return $problem. Does it matter in these cases where it is?

Thanks. I'm new at this.

Glen

Posted by glend58 on Wed, 05/02/2007 - 22:20.