0

Hello,

I have a form that I really don't want to use captchas with.
The problem I have is that people cURL my site and send messages
on my system slowing it down for my legit users.

I am looking for a way to change the name of the form fields.
In a way they would change together my submit page and my action
page.

Where I could add a list of names for the form fields and they
either change with every submit or they change every so many
hours of the day.

Anyone with any ideas...I would really appreciate this.

Thank You
Ender

2
Contributors
7
Replies
8
Views
5 Years
Discussion Span
Last Post by pritaeas
0

When rendering the form, you can generate any name you want for all the fields, and store them in a session variable. After submit, the submit file can read the names from the session and use them in a predefined order. After that reset the session, so those names will no longer be available. It is not fail proof, but will avoid direct posting to your submit script. I have used a similar logic in a guestbook, and it drastically reduced spam.

Edited by pritaeas: n/a

0

@pritaeas Thanks for the advice. Do you think you can provide me with a sample code or point me to a place where I can get an idea of the code. Honestly I am not up to speedn on this stuff :(

Thank You

0

You need to know how to use session variables (see the PHP manual), you need a function to generate random strings (I think I wrote one on in this forum, you'll have to look). If I get the time, I'll write a small sample.

0

Hello again...yes I could really use a sample for this.

Tell me would changing the name of the submit button randomly work?

0

Try this (quick example):

index.php

<?php
  session_start();
	
  function randomName() {
    $chars = array(
      'B','C','D','F','G','H','J','K','L','M',
      'N','P','Q','R','S','T','V','W','X','Y',
      'Z','b','c','d','f','g','h','j','k','m',
      'n','p','q','r','s','t','v','w','x','y'
    );

    $name = '';
    for ($i = 0; $i < 8; $i++) {
      $name .= $chars[rand(0, 39)];
    }

    return $name;
  }

  $_SESSION['formfields'] = array (
    'company' => randomName(),
    'name'    => randomName(),
    'email'   => randomName()
  );	
?>
<html>
<body>
<form action="submit.php" method="post">
<?php
  echo '<label>Company</label><br/>';
  echo '<input name="' . $_SESSION['formfields']['company'] . '" value="" /><br/>';
  echo '<label>Name</label><br/>';
  echo '<input name="' . $_SESSION['formfields']['name'] . '" value="" /><br/>';
  echo '<label>E-mail</label><br/>';
  echo '<input name="' . $_SESSION['formfields']['email'] . '" value="" /><br/>';
?>
<input type="submit" name="submit" value="submit" />
</form>
</body>
</html>

submit.php

<?php
  session_start();
	
  if (isset($_SESSION['formfields'])) {
    foreach ($_SESSION['formfields'] as $field => $randomName) {
      echo $field . ' has value ' . $_POST[$randomName] . '<br/>';
    }
  }
	
  unset($_SESSION['formfields']);
?>
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.