Hi,

I customized a fill out form on 360, which is working fine. But one of the problems we had in the last two years was spam...the form gets spammed left and right. And therefore I took out the form, but I notice users find it much easier to submit with a form than sending manually. Therefore, I've updated the form and the email sends to gmail and forwards to me. But in just a day I got 2/3 of entries as spam. I wanted to add a security question that only a human can reply to. I'm not sure how to do that...I've seen a couple examples on community sites such as "2+2="...the answer needs to be right if it is, the email is sent to me. Another option was a letter in the alphabet. Basically I'd like to add a question and only if answer is right will it go in. I've googled online but I don't see any script example so far.

The script that I'm using is this:

Form Page:
<form method="post" action="SUBMISSIONS_confirm.php">
<?php
$ipi = getenv("REMOTE_ADDR");
$httprefi = getenv ("HTTP_REFERER");
$httpagenti = getenv ("HTTP_USER_AGENT");
?>

<input type="hidden" name="ip" value="<?php echo $ipi ?>" />
<input type="hidden" name="httpref" value="<?php echo $httprefi ?>" />
<input type="hidden" name="httpagent" value="<?php echo $httpagenti ?>" />
Your Name:<br>
<input name="name" type="text" id="name" size="35" />
<br>
<br>
Your Email:<br>
<input name="email" type="text" id="email" size="35" />
<br>
<br>
Site Title: <br>
<input name="title" type="text" id="title" size="35" maxlength="150" />
<br>
<br>
URL:<br>
<input type="text" name="url" size="35" />
<br>
<br>
Select a Category:<br>
<select name="category" size="1" id="category">
<option>3D</option>
<option>Animation</option>
<option>Art</option>
<option>Book</option>
<option>Character Design</option>
<option>Comics</option>
<option>Culture / LifeStyle</option>
<option>Digital Art</option>
<option>Events / Competitions</option>
<option>Film</option>
<option>Flash</option>
<option>Graphic Design</option>
<option>Illustration</option>
<option>Literature</option>
<option>Magazine</option>
<option>Music</option>
<option>Painting</option>
<option>Photography</option>
<option>Portfolio</option>
<option>Trailers / Videos</option>
<option>Web &amp; Design Studio</option>
<option>Web News</option>
<option>Other</option>
</select>
<br>
<br>
A short description about website: <br>
<textarea name="notes" rows="4" cols="40"></textarea>
<br>
<br>
Get 360 Updates:

<select name="subscribe" size="1" id="subscribe">
<option value="Yes">Yes</option>
<option value="No">No </option>
</select>
<br>
<br>
<input type="submit" name="Submit" value="Submit to Scene360" class="submitemail360">


</form>


Confirmation Page with script variables/configuration, etc.:


<?php

$ip = $_POST['ip'];
$httpref = $_POST['httpref'];
$httpagent = $_POST['httpagent'];
$name = $_POST['name'];
$email = $_POST['email'];
$title = $_POST['title'];
$url = $_POST['url'];
$category = $_POST['category'];
$notes = $_POST['notes'];
$subscribe = $_POST['subscribe'];

if (eregi('http:', $notes)) {
die ("Do NOT try that! ! ");
}
if(!$visitormail == "" && (!strstr($visitormail,"@") || !strstr($visitormail,".")))
{
echo "<h2>Enter a Valid E-mail Address<br/></h2>n";
$badinput = "<h2>Your submission was not sent. Retry.</h2>n";
echo $badinput;
die ("- Click on your Internet Browser's 'BACK' button to go to form");
}

if(empty($name) || empty($email) || empty($title) || empty($url) || empty($category) || empty($notes )) {
echo "<h2>Please fill in all fields</h2>n";
die ("- Click on your Internet Browser's 'BACK' button to go to form");
}

$todayis = date("l, F j, Y, g:i a") ;

$subject = ("Site Submission for 360 News");
$title = $title;
$url = $url;
$notes = stripcslashes($notes);
$subscribe = $subscribe;

$message = "$todayis [GMT/UTC] n
________________________________________________

Name: $name
Email: ($email)n

$title
$url n
Category: $category n
$notes

________________________________________________

Subscription: $subscribe n

Additional Info : IP = $ip n
Browser Info: $httpagent n
Referral : $httpref n
";

$from = "From: $emailrn";

/* Change email address here */
mail("360login@gmail.com", $subject, $message, $from);

?>


Hi Adriana,

The mechanism you're looking at is called a CAPTCHA. I use one on The Designers Network under the Add Site section; a simple server generated graphic which a visitor must complete correctly before it will allow their submission.

I've not had any spam additions since I added it; is this the sort of thing you are looking for?

Gavin

Yes, that is the type of mechanism. I've seen those on online store, but the graphic is usually frightening. Is there some way to add new images to it? The method I am talking about is similar, probably just a simplified version of that by asking a q.

If it is simple for me to add, please let me know how to add it, thanks.

Gav, I looked at your submission form, yes something like that would work. Your random graphic is not bad looking :)
As long as I can resolve spam for now. With time, I'm sure they'll figure out a way to override the security graphic. Oh well, until then.

Hi Adriana,

In the form page, you must make a call to the image file like this:


<img src='/human.php' />


human.php contains the following code:


<?php
/* ---------------------------------------------------------------------------------- */

// ---

/* ---------------------------------------------------------------------------------- */
session_start();

class CaptchaSecurityImages
{
var $font = "monofont.ttf";

function generateCode($characters)
{
/* list all possible characters, similar looking characters and vowels have been removed */
$possible = '23456789bcdfghjkmnpqrstvwxyz';
$code = '';
$i = 0;
while ($i < $characters)
{
$code .= substr($possible, mt_rand(0, strlen($possible)-1), 1);
$i++;
}
return $code;
}

function CaptchaSecurityImages($width = '180', $height = '60',$characters = '6')
{
$code = $this->generateCode($characters);

/* font size will be 75% of the image height */
$font_size = $height * 0.75;
$image = @imagecreate($width, $height) or die('Cannot initialize new GD image stream');

/* set the colours */
$background_color = imagecolorallocate($image, 255, 255, 255);
$text_color = imagecolorallocate($image, 127, 127, 127);
$shadow_color = imagecolorallocate($image, 255, 255, 255);
$noise_color = imagecolorallocate($image, mt_rand(0,255), mt_rand(0,255), mt_rand(0,255));

/* generate random dots in background */
for($i = 0; $i < ($width * $height)/3; $i++)
{
imagefilledellipse($image, mt_rand(0,$width), mt_rand(0,$height), 1, 1, $noise_color);
}

/* generate random lines in background */
for($i = 0; $i < ($width * $height) / 2; $i++ )
{
imageline($image, 0, 0, 0, 0, $noise_color);
}

/* create textbox and add text */
$textbox = imagettfbbox($font_size, 0, $this->font, $code) or die('Error in imagettfbbox function');
$x = ($width - $textbox[4])/2;
$y = ($height - $textbox[5])/2;

imagettftext($image, $font_size+30, 0, 0, $y, $shadow_color, $this->font, strrev($code));
imagettftext($image, $font_size, 0, $x, $y, $text_color, $this->font , $code) or die('Error in imagettftext function');

$border = imagecolorallocate($image, 0, 0, 0);
imageline($image, 0, 0, $width-$width, $height, $border);
imageline($image, 0, 0, $width, 0, $border);
imageline($image, $width-1, 0, $width-1, $height, $border);
imageline($image, $width, $height-1, 0, $height-1, $border);
$_SESSION['security_code'] = $code;
/* output captcha image to browser */
header('Content-Type: image/jpeg');

imagejpeg($image);

imagedestroy($image);
}
}

$captcha = new CaptchaSecurityImages();

?>


Then, in the file which processes the form's contents, you must process the provided security code field (which should be near the image file you just added)

<input id='security_code' name='security_code' type='text' />

Then wrap this around your processor like this:


if (isset($_SESSION['security_code'])
&& isset($_POST['security_code'])
&& $_SESSION['security_code'] == $_POST['security_code'])
{
// --- processor code goes here
}
else
{
// --- redirect back to form because the security code doesn't match
header("Location: /some_form.php");
}


This way, the form will only be processed if the POSTed security code is the same as the one set in the session variable.

I can't find the RSS feed I originally saw this on...sorry...

But there is a "poor man's" solution to this problem too, if you don't want to bother your posters with a CAPTCHA image.

If you put an input box within your form and use CSS and/or JavaScript to hide it from your web users, then an automated bot will fill in that box with gibberish. When you process the form, just check to make sure that box is empty...the article claimed that it would work against almost all current spambots.

Simple solution

Question
Please re-arrange the numbers 5,8,4,2 into ascending order with no spaces or commas, e.g. 4,2,3,1 would be: 1234:
and have a text box for the answer - as used by Photium

Both Brandon's and Richard's answers are really good- I'd never thought of such simplicity :-)

Hi,

Thanks for the replies. I'm still trying to figure this out. About the numbers, how do I make a field that detects the answer? I know how to insert content, but not check for an answer...that is where I'm lost.