Support Forums

seymourjames + · 09-05-2011, 06:16 AM

One of the problems with the spam catchers like recaptcha is they are ugly, often too big and annoyingly difficult for people to fill in. However, they are very effective against robot spammers even though they rarely deter human beings. Not much will.

In my case, I wanted to code a simple test in the contact forms which would blend in nicely (the captchas never fit nicely) and should at least deter the robot spammers. It does however mean changing test values from time to time with which to make a comparison test. It is a small price to pay. In addition, in my case I get a copy of every email sent though the system so I know if a spammer has taken the time to find the answer to the simple question and put it into his spamming program. I simply change the test.

Here is what you can do. It is the same principle for the main admin contact form and registration form.

Open contact.php and replace line (line 33)

if ($validate->isError())

with this to test against the answer 'Paris'

$test = Filter::no_html($_POST['test']);
if ($validate->isError() OR $test != 'Paris')

then open contactowner.tpl in your template folder and just before {modulehook function="contact_owner_form" options=""} put this

<tr>
<td class="formleft"> </td>
<td class="formright"><strong>Spam Test -Type in the capital of France</strong></td>
</tr>
<tr>
<td class="formleft"> </td>
<td class="formright"> <input name="test" type="text" size="size="{$smarty.const.FIELD_SIZE}"" value="{$name|escape}" /></td>
</tr>

Of course you can style as you wish and make other questions e.g.

Property Dordogne

I don't claim this will work for ever but so far it has stopped spam (upto 40 emails a day) for a couple of weeks now and I have not had to change the test.

bowers01 + · 09-05-2011, 11:44 PM

thats a great idea, i will be implamenting this

seymourjames + · 09-06-2011, 04:25 AM

It not bad but as you realize it assumes that a human is not looking at it first. What is really needed is some type of randomization across a set of questions or simple sums. However that is effectively building a capture in its own right. I may try to use the advert id number so its always 1 + $lid. That way at least every form is different.

seymourjames + · 09-06-2011, 04:58 AM

OK so this works to making each form different by using the listing id number.

$test = Filter::no_html($_POST['test']);
$sum = $vehicle + 1;

if ($validate->isError() OR $test != $sum)

and then in the contctus.tpl file

<td class="formright"><strong>Anti-Spam - Enter 1 + {$lid} =</strong></td>

e.g - Gite For Sale

Now every form will at least be different - hopefully people can add up.

Still I am looking for improvements.

seymourjames + · 09-06-2011, 06:16 AM

Even better - random numbers on each form (in this case between 1 and 1024 but make it what you like)

In contact.tpl

{assign var=random value=1|rand:1024}

<form action="contact.php" method="post" name="contact" onsubmit="return checkform(this)">
.
.
.
<tr>
<td class="formleft">{$smarty.const.LANG_YOUR_MESSAGE} {$smarty.const.LANG_COLON}</td>
<td class="formright"><textarea name="message" cols="29" rows="5" id="message">{$message|escape}</textarea><br /><br /></td>
</tr>
<tr>
<td class="formleft"> </td>
<td class="formright">Anti-Spam - Enter this number {$random}</td>
</tr>

<input name="mode" type="hidden" id="mode" value="GO" />
<input name="random" type="hidden" id="random" value="{$random}" />

Then in contact.php

$random= Filter::no_html($_POST['random']);
$test = Filter::no_html($_POST['test']);

if ($validate->isError() OR $test != $random)

michael + · 09-06-2011, 06:30 AM

Appreciate you taking the time to share this, many thanks David.

seymourjames + · 09-06-2011, 07:00 AM

Works a treat but I would like John to look at it and make sure there is no security flaw in it. Seems to working really well with random numbers. Try it out Michael. It may not be as robust as recaptcha but it is definitely more pleasing on the eye.

What is really needed is a small image though at the end of the day. The spammers will find a way round.

09-05-2011, 06:16 AM	#1
seymourjames + All Hands On Deck Join Date: Mar 2008 Posts: 3,445 Rep Power: 87	A little anti-spam One of the problems with the spam catchers like recaptcha is they are ugly, often too big and annoyingly difficult for people to fill in. However, they are very effective against robot spammers even though they rarely deter human beings. Not much will. In my case, I wanted to code a simple test in the contact forms which would blend in nicely (the captchas never fit nicely) and should at least deter the robot spammers. It does however mean changing test values from time to time with which to make a comparison test. It is a small price to pay. In addition, in my case I get a copy of every email sent though the system so I know if a spammer has taken the time to find the answer to the simple question and put it into his spamming program. I simply change the test. Here is what you can do. It is the same principle for the main admin contact form and registration form. Open contact.php and replace line (line 33) if ($validate->isError()) with this to test against the answer 'Paris' $test = Filter::no_html($_POST['test']); if ($validate->isError() OR $test != 'Paris') then open contactowner.tpl in your template folder and just before {modulehook function="contact_owner_form" options=""} put this <tr> <td class="formleft"> </td> <td class="formright"><strong>Spam Test -Type in the capital of France</strong></td> </tr> <tr> <td class="formleft"> </td> <td class="formright"> <input name="test" type="text" size="size="{$smarty.const.FIELD_SIZE}"" value="{$name\|escape}" /></td> </tr> Of course you can style as you wish and make other questions e.g. Property Dordogne I don't claim this will work for ever but so far it has stopped spam (upto 40 emails a day) for a couple of weeks now and I have not had to change the test. __________________ "The fool doth think he is wise, but the wise man knows himself to be a fool.". TemplateCodes.com for 68C

09-05-2011, 11:44 PM	#2
bowers01 + Genius At Work Join Date: May 2008 Location: Geelong, Victoria, Australia Posts: 1,089 Rep Power: 36	thats a great idea, i will be implamenting this __________________ Nick Bowers 68c v4.1.10 Developer Custom Template

09-06-2011, 04:25 AM	#3
seymourjames + All Hands On Deck Join Date: Mar 2008 Posts: 3,445 Rep Power: 87	It not bad but as you realize it assumes that a human is not looking at it first. What is really needed is some type of randomization across a set of questions or simple sums. However that is effectively building a capture in its own right. I may try to use the advert id number so its always 1 + $lid. That way at least every form is different. __________________ "The fool doth think he is wise, but the wise man knows himself to be a fool.". TemplateCodes.com for 68C Last edited by seymourjames; 09-06-2011 at 04:59 AM.

09-06-2011, 04:58 AM	#4
seymourjames + All Hands On Deck Join Date: Mar 2008 Posts: 3,445 Rep Power: 87	OK so this works to making each form different by using the listing id number. $test = Filter::no_html($_POST['test']); $sum = $vehicle + 1; if ($validate->isError() OR $test != $sum) and then in the contctus.tpl file <td class="formright"><strong>Anti-Spam - Enter 1 + {$lid} =</strong></td> e.g - Gite For Sale Now every form will at least be different - hopefully people can add up. Still I am looking for improvements. __________________ "The fool doth think he is wise, but the wise man knows himself to be a fool.". TemplateCodes.com for 68C

09-06-2011, 06:16 AM	#5
seymourjames + All Hands On Deck Join Date: Mar 2008 Posts: 3,445 Rep Power: 87	Even better - random numbers on each form (in this case between 1 and 1024 but make it what you like) In contact.tpl {assign var=random value=1\|rand:1024} <form action="contact.php" method="post" name="contact" onsubmit="return checkform(this)"> . . . <tr> <td class="formleft">{$smarty.const.LANG_YOUR_MESSAGE} {$smarty.const.LANG_COLON}</td> <td class="formright"><textarea name="message" cols="29" rows="5" id="message">{$message\|escape}</textarea><br /><br /></td> </tr> <tr> <td class="formleft"> </td> <td class="formright">Anti-Spam - Enter this number {$random}</td> </tr> <input name="mode" type="hidden" id="mode" value="GO" /> <input name="random" type="hidden" id="random" value="{$random}" /> Then in contact.php $random= Filter::no_html($_POST['random']); $test = Filter::no_html($_POST['test']); if ($validate->isError() OR $test != $random) __________________ "The fool doth think he is wise, but the wise man knows himself to be a fool.". TemplateCodes.com for 68C Last edited by seymourjames; 09-06-2011 at 06:19 AM.

09-06-2011, 06:30 AM	#6
michael + Just get on with it! Join Date: Jan 2007 Location: Milton Keynes, England Posts: 506 Rep Power: 36	Appreciate you taking the time to share this, many thanks David. __________________ M Michael V4.2.3 Developer - Sigma Template "All truths are easy to understand once they are discovered; the point is to discover them" - Galileo Galilei (1564 - 1642)

09-06-2011, 07:00 AM	#7
seymourjames + All Hands On Deck Join Date: Mar 2008 Posts: 3,445 Rep Power: 87	Works a treat but I would like John to look at it and make sure there is no security flaw in it. Seems to working really well with random numbers. Try it out Michael. It may not be as robust as recaptcha but it is definitely more pleasing on the eye. What is really needed is a small image though at the end of the day. The spammers will find a way round. __________________ "The fool doth think he is wise, but the wise man knows himself to be a fool.". TemplateCodes.com for 68C Last edited by seymourjames; 09-06-2011 at 02:07 PM.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Spam	bowers01	Technical Support	6	07-07-2010 11:19 AM
how can I get rid of this spam?	Isje	Technical Support	9	10-13-2009 10:49 AM

Support Forums

A little anti-spam