Web Forms

lucan2
lucan2 Posts: 294
edited May 2014 in The cake stop
Any web-savvy people give me any advice?

I have a website which contains an enquiry form, set up using HTML. It's quite simple, mainly because my knowledge of HTML is very basic. People fill in the boxes, or click a button from a list, then hit 'send' and it is forwarded to me as an e-mail.

My problem is that it is being spammed constantly, so I'd like to make it a little more difficult for the spammer - but how?

I don't want to spend a lot (any!) money on this unless it's unavoidable, so any suggestions would be appreciated.

Thanks.

Comments

  • metronome
    metronome Posts: 670
    Verification question?
    tick - tick - tick
  • me-109
    me-109 Posts: 1,915
    Look into the likes of Captcha.
  • lucan2
    lucan2 Posts: 294
    metronome wrote:
    Verification question?

    Good idea, but how would I add it to the form/page?
  • VTech
    VTech Posts: 4,736
    What is it for ?
    Is it for sales of a product or to sell a service ?
    Living MY dream.
  • metronome
    metronome Posts: 670
    Are you powering you form with php?

    An simple solution here: http://www.sitepoint.com/form-validation-with-php/
    tick - tick - tick
  • lucan2
    lucan2 Posts: 294
    Me-109 wrote:
    Look into the likes of Captcha.

    Thanks, will do
  • lucan2
    lucan2 Posts: 294
    VTech wrote:
    What is it for ?
    Is it for sales of a product or to sell a service ?

    It's for a service.
  • VTech
    VTech Posts: 4,736
    The reason I ask is normally the attacks come from a competitor and depending on your line of business/service will depend on the lengths people go to attack you.
    The less people within a certain industry, the more an attack would/could happen as the people they can attack is less so the chance you will be a victim is higher.
    The reason I mention the above is because by knowing the potential risk, you can line yourself up with the most efficient line of defence.
    Have you thought about speaking with your local university ? they have plenty of incredibly skilled IT guys/gals willing to do free work as part of their course.
    I just launched a product at xmas which used the work of a student and I have won many awards for it, I am surprised at the level of work I got to be honest.
    Living MY dream.
  • lucan2
    lucan2 Posts: 294
    metronome wrote:
    Are you powering you form with php?

    An simple solution here: http://www.sitepoint.com/form-validation-with-php/

    That looks like what I'm using.

    I don't understand why that is a solution.
  • lucan2
    lucan2 Posts: 294
    VTech wrote:
    The reason I ask is normally the attacks come from a competitor and depending on your line of business/service will depend on the lengths people go to attack you.
    The less people within a certain industry, the more an attack would/could happen as the people they can attack is less so the chance you will be a victim is higher.
    The reason I mention the above is because by knowing the potential risk, you can line yourself up with the most efficient line of defence.
    Have you thought about speaking with your local university ? they have plenty of incredibly skilled IT guys/gals willing to do free work as part of their course.
    I just launched a product at xmas which used the work of a student and I have won many awards for it, I am surprised at the level of work I got to be honest.

    The spam seems to be advertising of a completely different product, so it's highly unlikely to be a competitor.

    The university idea is worth some further thought, more about generally refining my web presence than addressing this specific issue - thanks for the suggestion.
  • mfin
    mfin Posts: 6,729
    What's the <form .....> line look like in the code? That would help with identifying how it is coded so real suggestions can be made.
  • lucan2
    lucan2 Posts: 294
    mfin wrote:
    What's the <form .....> line look like in the code? That would help with identifying how it is coded so real suggestions can be made.

    <form method="POST" action="thanks.php">
  • lucan2
    lucan2 Posts: 294
    Just giving this a bump in search of any additional advice
  • nathancom
    nathancom Posts: 1,567
    I would have thought you would get better advice on stackoverflow than on bikeradar. Horses for courses and all that.
  • mfin
    mfin Posts: 6,729
    If it's autogenerated spam then you can hide a field in the code, make the submit button only call a javascript which in turn changes a value of a hidden field from a 0 to 1 (or whatever you choose) and then let the javascript continue doing the form submission. Then you simply get the php to cease the form submission if the hidden value doesn't match what you specced.

    This is a basic way of getting bot generated spam to stop a bit and it works.

    But, explaining how to do this without doing it yourself is difficult, it's a bit like trying to talk someone through doing something to a car when the person doing it isn't mechanically inclined.

    I suggest simply getting someone who knows php to fix it for you, there's so many ways of fixing the problem and it's simple for a php programmer.