contact

Spam-blocking techique for form submissions

Enjoy this article? Share it with others.

Bookmark on del.icio.us Bookmark on Design Float Bookmark on Digg Bookmark on Google Bookmark on Slashdot Bookmark on StumbleUpon Bookmark on TwitThis

An easy trick to keep site spammers at bay, for now.

On MadisonMusicians.Net I get a lot of spam classified ads.  They don’t usually get posted, because the email validation is never completed.  However, that generates a lot of bounced messages, and I got tired of deleting them from my inbox.  The spam ads also fill up the database with useless data.  I used a simple trick for form validation.  On the form page, I added a field:

<input type=”text” name=”countryCode” style=”display:none;” />

I chose countryCode arbitrarily, it could be anything.

On the form action page that does the processing, I check to see if this field was filled in.  Since its display is set to none, a human user would not see it and therefore not be able to fill it in.  But an automated spammer would try to enter some data in it.  In my validation, if the field is not equal to “”, I abort the form submission and redirect the user to a web page about spam.

So far, this seems to be working.  I’m sure the spammers will update their techniques soon, though, requiring more work to keep them at bay.

-Ben Seigel, owner, exp design