The latest articles on DEV Community by Allan Mwaura (@allanmwaura). https://dev.to/allanmwaura https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F473515%2Fa9f35fb4-5f26-45cc-a725-c248bc62c955.jpg https://dev.to/allanmwaura en Allan Mwaura Tue, 25 May 2021 14:22:07 +0000 https://dev.to/allanmwaura/how-to-prevent-web-forms-from-spam-2p4p https://dev.to/allanmwaura/how-to-prevent-web-forms-from-spam-2p4p <p>In the world of today,as a website/blog owner,you tend to receive tons of emails/comments from bots.Different prevention techniques have been taken,this article aims will cover honeypot method.</p> <p>The honeypot method uses a hidden field on forms,as a trap for "less intelligent" bots who will automatically fill the form.</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>&lt;form action="mail.php" method="POST"&gt; &lt;p&gt; &lt;label&gt;Name&lt;/label&gt; &lt;input type="text" name="first_name"&gt; &lt;/p&gt; &lt;p&gt; &lt;label&gt;Email&lt;/label&gt; &lt;input type="email" name="email"&gt; &lt;/p&gt; &lt;p id="phone"&gt; &lt;label&gt;Tel&lt;/label&gt; &lt;input type="text" name="phone_number"&gt; &lt;/p&gt; &lt;p&gt; &lt;label&gt;Comment&lt;/label&gt; &lt;textarea name="your_comment"&gt;&lt;/textarea&gt; &lt;/p&gt; &lt;p&gt; &lt;button type="submit"&gt;Submit&lt;/button&gt; &lt;/p&gt; </code></pre> </div> <p>We then hide the field using CSS,so that visitors(assuming they are human) won't see it.On your CSS file add the following line</p> <p>#phone{display: none;}</p> <p>So here is where the catch is,any submission with not empty phone field,is spam.</p> <p>if(!empty($_POST['phone_number']))<br> die();</p> <p>Thanks for reading!!.</p> spam