Skip navigation
jh369057
jh369057 Calculating status...
Currently Being Moderated

Honeypot Field

Feb 9, 2009 2:56 PM

I am trying to create a honeypot within my comments form. So I am wondering once I have a hidden field how do I tell dreamweaver not to submit the form if my hidden "honeypot" field is filled out by a bot.
844 Views   11 Replies   Latest reply: Toni-77, Jun 18, 2012 12:57 PM
 
Replies
  • Newsgroup_User
    Currently Being Moderated
    1. Newsgroup_User,
    Feb 9, 2009 3:06 PM   in reply to jh369057
    Report
    1. A honeypot field is not a type="hidden" field. It's a field that is
    styled with CSS to display:none. Thus, it's not visible on the screen, and
    unless you knew CSS, you wouldn't know that it's not visible.
    2. You process the form on the server after it's submitted, and if the
    honeypot has been 'touched' so that it doesn't contain the default value,
    then you simply discard the submission.

    It will require server scripting to accomplish. It's not a Dreamweaver or
    an HTML or even a javascript thing....

    --
    Murray --- ICQ 71997575
    Adobe Community Expert
    (If you *MUST* email me, don't LAUGH when you do so!)
    ==================
    http://www.projectseven.com/go - DW FAQs, Tutorials & Resources
    http://www.dwfaq.com - DW FAQs, Tutorials & Resources
    ==================


    "jh369057" <webforumsuser@macromedia.com> wrote in message
    news:gmqcac$p6v$1@forums.macromedia.com...
    >I am trying to create a honeypot within my comments form. So I am
    >wondering
    > once I have a hidden field how do I tell dreamweaver not to submit the
    > form if
    > my hidden "honeypot" field is filled out by a bot.
    >

     
    |
    Mark as:
  • Newsgroup_User
    Currently Being Moderated
    2. Newsgroup_User,
    Feb 9, 2009 3:58 PM   in reply to jh369057
    Report
    If your server supports PHP, this Formm@ailer script from DB Masters
    conceals your email address from prying eye email harvesters and it has
    several spam controls built into its script including hidden field
    (honeypot), "sorta captcha," and time limits on submissions to keep robots
    from exploiting your forms. Free to use if you credit the author; $20 if
    you don't.

    http://dbmasters.net/index.php?id=4

    Q&A Forum - http://dbmasters.net/forum.php?id=3&fid=9


    --Nancy O.
    Alt-Web Design & Publishing
    www.alt-web.com


     
    |
    Mark as:
  • jh369057
    Currently Being Moderated
    3. jh369057,
    Feb 9, 2009 6:18 PM   in reply to jh369057
    Report
    So I used <input name="LastName" type="text" id="LastName" style="display: none;"/>. And I set my filter to not display anything that is not 'NULL' but is there a simple code to either not submit or auto delete these so I dont have to manually delete these entries?
     
    |
    Mark as:
  • Newsgroup_User
    Currently Being Moderated
    4. Newsgroup_User,
    Feb 10, 2009 3:39 AM   in reply to jh369057
    Report
    > And I set my filter to not display anything that is not 'NULL'

    Where did you set that?

    > is there a simple code to either not submit or auto delete these

    In the form processing script the first thing you do is to check the
    honeypot fields. If they have been 'jiggered' you bypass the rest of the
    processing. It sends no email for them.

    --
    Murray --- ICQ 71997575
    Adobe Community Expert
    (If you *MUST* email me, don't LAUGH when you do so!)
    ==================
    http://www.projectseven.com/go - DW FAQs, Tutorials & Resources
    http://www.dwfaq.com - DW FAQs, Tutorials & Resources
    ==================


    "jh369057" <webforumsuser@macromedia.com> wrote in message
    news:gmqo52$9dr$1@forums.macromedia.com...
    > So I used <input name="LastName" type="text" id="LastName" style="display:
    > none;"/>. And I set my filter to not display anything that is not 'NULL'
    > but
    > is there a simple code to either not submit or auto delete these so I dont
    > have
    > to manually delete these entries?
    >

     
    |
    Mark as:
  • Toni-77
    Currently Being Moderated
    5. Toni-77,
    Jun 16, 2012 3:59 AM   in reply to Newsgroup_User
    Report

    Hi!, I have read that the users who have CSS disabled will see the field with the "display: none", and if we write something like "If you see this, leave this form field blank" for them the bot will read it as well and may avoid it.

     

    I was thinking a way to avoid this problem: just hide the honeypot field with an "ap Div" layer so the user won´t see it and I think it won´t be affected by a css disabled. Do you think it will work?, do you know a better solution?.

     

    Thanks in advance for your time!!

     

    Toni

     
    |
    Mark as:
  • Nancy O.
    Currently Being Moderated
    6. Nancy O.,
    Jun 16, 2012 9:21 AM   in reply to Toni-77
    Report

    You need CSS to create APDiv layers too.  So there's nothing to be gained here.

    Unlike JavaScript which some people disable for security reasons, CSS is almost never disabled anymore because all modern browsers support it.

     

     

     

    Nancy O.

     
    |
    Mark as:
  • Toni-77
    Currently Being Moderated
    7. Toni-77,
    Jun 17, 2012 3:25 AM   in reply to Nancy O.
    Report

    Thanks Nancy! I am new and it´s nice people help!. Isn´t there anything to put over the honeypot field to hide it from users without using CSS or anything else that could be disabled?.

     

    Toni

     
    |
    Mark as:
  • Nancy O.
    Currently Being Moderated
    8. Nancy O.,
    Jun 17, 2012 9:31 AM   in reply to Toni-77
    Report

    Isn´t there anything to put over the honeypot field to hide it from users without using CSS or anything else that could be disabled?.

     

    In a word, no. 

    Don't lose sleep over this. I've been using hidden fields on forms for years and it's never been a problem.

     

    If you don't like the hidden field approach, add a simple question to your forms that spam bots can't answer.

         "Which day of the week follows Tuesday?"

         "How many are in a dozen?"

     

     

    Nancy O.

     
    |
    Mark as:
  • Toni-77
    Currently Being Moderated
    9. Toni-77,
    Jun 18, 2012 1:07 AM   in reply to Nancy O.
    Report

    Ok and thanks very much!, I buy honeypot, it seems almost perfect!. Another issue I have just read about it: the honeypot field may be filled as well by the web browser's autocomplete function for users so we would treat them as bots. To avoid it we could add autocomplete="off", it seems it works for most browsers.

     

    Do you know if it really works fine?.

     

    Toni

     
    |
    Mark as:
  • Nancy O.
    Currently Being Moderated
    10. Nancy O.,
    Jun 18, 2012 9:39 AM   in reply to Toni-77
    Report

    Again, I don't see this as an issue to worry about.  I put my hidden field at the very top of the form.  Browser autocomplete only activates when the form input field is a) in focus by mouse click or tab key and b) when user types a character into the field. Since humans can't see the field, it never reaches focus.

     

     

    Nancy O.

     
    |
    Mark as:
  • Toni-77
    Currently Being Moderated
    11. Toni-77,
    Jun 18, 2012 12:57 PM   in reply to Nancy O.
    Report

    Ok and thank you very much for your time!. Best regards, Toni

     
    |
    Mark as:
Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points