Prevent XSS Attacks and Spamming. Creating a honeypot field.

3/8/2017 - 5:16 PM

Prevent XSS Attacks and Spamming. Creating a honeypot field.

Prevent XSS Attacks and Spamming.
Creating a honeypot field.

A honeypot is a field added to the form that the users can't see due to CSS or JavaScript (which hides the field). Honeypots are awesome because they don't inconvenience users like a captcha and they are a valid tool for thwarting spam bots.

index.html

<input type="text" name="a_password" tabindex="-1" autocomplete="off">

form-settings.php

<?php 

// ....

// * honeypot (anti-spam)
if( !isset($_POST['a_password'])): 
    $response->error = true;
    $response->messages[] = "Robot verification failed, please try again.";
endif;
if( isset($_POST['a_password']) && trim($_POST['a_password']) !== "" ):
    $response->error = true;
    $response->messages[] = "Robot verification failed, please try again.";
endif;

form.scss

input[name='a_password'] {
  display: none;
}

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

Prevent XSS Attacks and Spamming. Creating a honeypot field.