DEV Community

Allan Mwaura
Allan Mwaura

Posted on

4

How to prevent web forms from spam

In the world of today,as a website/blog owner,you tend to receive tons of emails/comments from bots.Different prevention techniques have been taken,this article aims will cover honeypot method.

The honeypot method uses a hidden field on forms,as a trap for "less intelligent" bots who will automatically fill the form.

<form action="mail.php" method="POST">
<p>
    <label>Name</label>
    <input type="text" name="first_name">
</p>
<p>
    <label>Email</label>
    <input type="email" name="email">
</p>
<p id="phone">
    <label>Tel</label>
    <input type="text" name="phone_number">
</p>
<p>
    <label>Comment</label>
    <textarea name="your_comment"></textarea>
</p>
<p>
    <button type="submit">Submit</button>
</p>
Enter fullscreen mode Exit fullscreen mode

We then hide the field using CSS,so that visitors(assuming they are human) won't see it.On your CSS file add the following line

#phone{display: none;}

So here is where the catch is,any submission with not empty phone field,is spam.

if(!empty($_POST['phone_number']))
die();

Thanks for reading!!.

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read more →

Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more