So in just the past 2 days, my website has just recently experienced a tsunami of spam. It's a simple site where people anonymously post their confessions for others to read or submit themselves.
But last night when I checked, there was around 20 posts of someone advertising their website. I took action by deleting everyone of them, but then today it happened again. So I took further action by setting up a human intelligence question and adding a hidden form field to submit the users ip.
But since the spam contained links, I want to know how I can make it so that form doesn't submit anything if the perpetrator sets their bot to answer my question. My pages strip html tags anyway, but how can I cancel their post all together?
<form id="form1" name="form1" method="POST" action="<?php echo $editFormAction; ?>"> <p><label for="confess"> <textarea name="confess" id="confess" cols="60" rows="8"></textarea> </label><br> <img src="Images/giraffe.jpg" alt="hii" style="float:left;"><p>What is the name of the animal in the picture?</p> <input type="text" name="hii" /> </p> <input type="hidden" name="ip" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>"> <br> <p> <input type="submit" name="confess2" id="confess2" value="Confess" /> </p> <input type="hidden" name="MM_insert" value="form1" /> </form>