Prevent XSS Attacks and Spamming.
Creating a honeypot field.
A honeypot is a field added to the form that the users can't see due to CSS or JavaScript (which hides the field). Honeypots are awesome because they don't inconvenience users like a captcha and they are a valid tool for thwarting spam bots.
<input type="text" name="a_password" tabindex="-1" autocomplete="off">
<?php
// ....
// * honeypot (anti-spam)
if( !isset($_POST['a_password'])):
$response->error = true;
$response->messages[] = "Robot verification failed, please try again.";
endif;
if( isset($_POST['a_password']) && trim($_POST['a_password']) !== "" ):
$response->error = true;
$response->messages[] = "Robot verification failed, please try again.";
endif;
input[name='a_password'] {
display: none;
}