I know this is off the topic of DW but I would like to know what others are using to process website forms. I'm using a form processor now that works well but the code keeps getting more and more involved with each revision due to trying to improve it, which is always a good thing. My issue is, is that even tho there is a type of "captcha" built into the form (question that needs to be filled into the form with a specific answer) is still being sent with spam in it, or is being duplicated/spoofed/something... and my clients aren't happy about getting 5-15 form submissions per day with nothing useful in them. I know there aren't any "perfect" form processors out there but I would like one that is 1) not so code involved because some of my forms get pretty involved and 2) will keep the majority of the spam bot out.
Formm@ailer PHP from DB Masters
Has built-in spam prevention and other security safeguards to keep bots from exploiting your forms. It's flexible enough to process all the forms on your domain.
Thanks Jon I'll look into it.
How many forms have you built with it? are they complex or just contact??
I'd like to make one form that has several questions on one page, click to go to another page that has more questions, etc and then at the end submit. Can this do that??
I've used it on a half dozen sites since I found it.
Yep, you can make multi-page forms with it, they even give you a step by step on how to do it:
If you have an issue with any given part of the form or an error, they also have a forum to get answers if you can't find it in their extensive documentation.
I generally write in php. And roll my own.
And, though I appreciate Nancy and other's interest in Capcha, I absolutely never have a problem with spammers going after my forms. My solution is to record and sent the IP address of the sender to the recipient. And I am very happy to block IPs. Send a spam through my form once and you're done. Can't load the website again. I have (for small, local businesses) blocked whole countries.
It pays to learn enough php to do your own thing.
To clarify, I never use Captchas (those unfriendly, indecipherable symbols that most people can't read).
I use a hidden field (honeypot) to trap spam bots. It's very effective at blocking spam submissions without punishing humans.
IP blocking is an extraordinary measure. As for blocking entire countries, that's not an option as my clients do business all over the world.
With someone who is actually doing an international business, of course I would not block a country - just the offending IP address or, perhaps a block. Also I have found a direct complaint to the ISP, along with the email tends to get results at that level.
But I'm doing local businesses One of my clients does travel all around the world and he isn't being spammed. If he was, I'd probably ask him what I should do.
my form has a "honey pot" with an field that needs to be typed in to be sent with the correct answer but for some reason spammers are still getting thru. I've talked to the form processor programmer and he said that my forms are being "copied"... I don't understand all this as I only understand programming on a basic level...but there HAS to be some way to fix this issue for my clients.
Honey pot solution:
1. Create a field (or more) in your form that is hidden with CSS (not a hidden field using HTML)
2. Give this field a name (like "address2" or something)
3. Add a value to this field like "enter address"
4. On submit, check this field's value - if it's not "enter address" the submission is a spammer
You can also do this with an empty field and on submission if it's not empty then it's a spammer.
I'm struggling with formmail.. I keep getting an ini syntax error message... very frustrating!! Can you help since I can't find ANYTHING online that is working and their forum is less then helpful.