I have a web form that keeps getting submission from what I'm guessing is a spambot. None of the data I'm getting in the emails matches the form on the website, not even the subject line which is a hidden input. I can't figure out how to stop them. I tried using recaptcha but couldn't make it work (kinda hate it anyway), I also tried using a honeypot trap and a couple of javascript scripts but nothing stops the emails.
This is the form:
I changed some of the data in there, like the email address and the url, to protect my clients anonymity. This is the script for the honeypot trap.
As you can see, I'm using a hidden field to trap the bots and I'm trying to pick out a field called author and block any submissions that contains it. You might be thinking there's no input with that name and you'd be right. I think it was part of an old form that was deleted a while ago. This is the data I'm receiving from the emails.
This is an alternate version of the js. It tries to use the subject line of the email to block the spambot.
None of this works. What can I do?
This is the form:
Code:
<form name="form1" id= "form1" method="post" action="formmail.php" onsubmit="return trappetyTrap();" enctype="multipart/form-data">
<input type="hidden" name="recipients" value="me@email">
<input type="hidden" name="good_url" value="http://whatever/good_page.php">
<input type="hidden" name="bad_url" value="http://whatever/bad_page.php">
<input type="hidden" name="subject" value="Sent from website">
<label for="person">Your Name : </label>
<input type="text" name="person" id="person" size="39">
<label for="email">Email : </label>
<input type="text" name="email" id="email" size="39">
<label for="company">Company Name (if applicable):</label>
<input type="text" name="company" id="company" size="39">
<label for="phone">Contact Phone :</label>
<input type="text" name="phone" id="phone" size="39">
<!-- THIS IS TO KEEP THE B.O.T.S. AWAY-->
<!-- IT USES THE JS AT THE BOTTOM OF THE DOCUMENT TO STOP SUBMISSIONS -->
<!-- FROM ANYTHING WITH THIS FIELD FILLED IN -->
<label for="ruse" id="ruse_label">Keep this field blank</label>
<input type="text" name="ruse" id="ruse" class="ruse" />
<!-- END B.O.T. TRAP -->
<label for="message">Talk to us:</label>
<textarea name="message" id="message" rows="10" cols="47"></textarea>
<button type="submit" class="submit">Submit</button>
</form>
Code:
function trappetyTrap() {
// This is only here because jslint told me to put it here
"use strict";
// The field is empty, submit the form.
if (!document.getElementById("ruse").value) {
return true;
// If an 'author' input exists - it's a spam bot
} else if (document.getElementsByName("author")) {
return false;
} else {
// the field has a value it's a spam bot
return false;
}
}
Code:
From: <pberman@srafoods.com> Date: 7 Dec. 2017 3:50 am Subject: Imaginary Worlds Submission To: <me@email> Cc: email: pberman@srafoods.com realname: author: phone: storyTitle: storyFile:
Code:
// Get the value of the subject line of the email - add to variable
var iws = document.getElementsByName("subject").value;
// start function
function trappetyTrap() {
// This is only here because jslint told me to put it here
"use strict";
// The field is empty, submit the form.
if (!document.getElementById("ruse").value) {
return true;
//} else if (iws === "Imaginary Worlds Submission") {
return false;
} else {
// the field has a value it's a spam bot
return false;
}
}
Comment