Skip navigation
Currently Being Moderated

OT: I'm curious what everyone is using to process forms

Nov 26, 2012 6:14 PM

Hi,

 

I know this is off the topic of DW but I would like to know what others are using to process website forms.  I'm using a form processor now that works well but the code keeps getting more and more involved with each revision due to trying to improve it, which is always a good thing.  My issue is, is that even tho there is a type of "captcha" built into the form (question that needs to be filled into the form with a specific answer) is still being sent with spam in it, or is being duplicated/spoofed/something... and my clients aren't happy about getting 5-15 form submissions per day with nothing useful in them.  I know there aren't any "perfect" form processors out there but I would like one that is 1) not so code involved because some of my forms get pretty involved and 2) will keep the majority of the spam bot out.

 

TIA.

 
Replies
  • Currently Being Moderated
    Nov 27, 2012 10:00 AM   in reply to debibrighthope

    My favorite is Formmail from http://www.tectite.com

     

    It has a lot of built in spam prevention plus it has built in integration with reCaptcha.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 27, 2012 10:06 AM   in reply to debibrighthope

    Formm@ailer PHP from DB Masters

    http://dbmasters.net/index.php?id=4

     

    Has built-in spam prevention and other security safeguards to keep bots from exploiting your forms.  It's flexible enough to process all the forms on your domain.

     

     

    Nancy O.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 27, 2012 10:44 AM   in reply to debibrighthope

    I've used it on  a half dozen sites since I found it.

     

    Yep, you can make multi-page forms with it, they even give you a step by step on how to do it:

     

    http://www.tectite.com/fmhowto/multiforms.php

     

    If you have an issue with any given part of the form or an error, they also have a forum to get answers if you can't find it in their extensive documentation.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 27, 2012 12:43 PM   in reply to debibrighthope

    I generally write in php. And roll my own.

     

    And, though I appreciate Nancy and other's interest in Capcha, I absolutely never have a problem with spammers going after my forms. My solution is to record and sent the IP address of the sender to the recipient. And I am very happy to block IPs. Send a spam through my form once and you're done. Can't load the website again. I have (for small, local businesses) blocked whole countries.

     

    It pays to learn enough php to do your own thing.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 27, 2012 1:19 PM   in reply to mhollis55

    To clarify, I never use Captchas (those unfriendly, indecipherable symbols that most people can't read).

     

    I use a hidden field (honeypot)  to trap spam bots.  It's very effective at blocking spam submissions without punishing humans. 

     

    IP blocking is an extraordinary measure. As for blocking entire countries, that's not an option  as my clients do business all over the world.

     

     

     

    Nancy O.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 27, 2012 1:25 PM   in reply to Nancy O.

    With someone who is actually doing an international business, of course I would not block a country - just the offending IP address or, perhaps a block. Also I have found a direct complaint to the ISP, along with the email tends to get results at that level.

     

    But I'm doing local businesses One of my clients does travel all around the world and he isn't being spammed. If he was, I'd probably ask him what I should do.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 27, 2012 1:36 PM   in reply to mhollis55

    You really should try the honeypot method.  You'd be amazed at how simple and effective it is at blocking robot submissions.

     

    Human spammers are another problem but I don't get many of them.

     

     

     

    Nancy O.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 27, 2012 1:56 PM   in reply to Nancy O.

    So, doing:

     

    <input name="config" type="hidden" value="0" />

    <input type="text" name="nospam" style="display:none" />

     

    Does the trick?

     

    And the only type of spammer my clients have ever gotten was human.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 27, 2012 2:46 PM   in reply to mhollis55

    Along with PHP to kill processing or flag as spam if the empty_field contains characters.

     

     

    Nancy O.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 29, 2012 9:15 AM   in reply to debibrighthope

    Honey pot solution:

     

    1.  Create a field (or more) in your form that is hidden with CSS (not a hidden field using HTML)

    2.  Give this field a name (like "address2" or something)

    3.  Add a value to this field like "enter address"

    4.  On submit, check this field's value - if it's not "enter address" the submission is a spammer

     

    You can also do this with an empty field and on submission if it's not empty then it's a spammer.

     
    |
    Mark as:
  • Currently Being Moderated
    Nov 30, 2012 4:40 AM   in reply to debibrighthope

    Are you testing that field's contents before allowing the form to submit?  This is a critical step (see #4 in my list).

     
    |
    Mark as:

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points