我正在与我的时事通讯表单订阅的未来机器人垃圾邮件发送者作斗争。我想保持表单简单,使程序快速,所以我不使用验证码,而是使用隐藏表单来捕获机器人。
它是有效的还是机器人知道如何识别隐藏的表单并会绕过它?
问问题
12797 次
3 回答
14
Bots struggle with reading CSS or JavaScript, at least for now.
Some ways you can prevent bot spamming w/o captcha are:
<form method="post" action="send.php">
<ol>
<li>
<label for="name">Name</label>
<input type="text" name="name" value="">
</li>
<li>
<label for="email">Email</label>
<input type="text" name="email">
</li>
<!-- We hide this with CSS,that's why it has an ID. -->
<li id="user">
<label for="username">Username</label>
<input type="text" name="username">
</li>
<!-- //end -->
<li>
<input type="submit" name="submit" value="Send It!">
</li>
</ol>
</form>
As you can see the username field will be hidden. Bots can't recognize this. What you need to do after that is just validate that this field is empty on your backend code.
<?php
if( !isset($_POST['name'])) { die("No Direct Access"); } // Make sure the form has actually been submitted
$name = $_POST['name'];
$email = $_POST['email'];
$spam = $_POST['username']; // Bot trap
if($spam) { // If the hidden field is not empty, it's a bot
die("No spamming allowed bitch!");
} else {
// Process the form like normal
}
The process above can be done easier with the use of the module BOTCHA Spam Prevention
Also you can have a look on these articles to get a better overall view of the subject.
Green-beast and web design but you can find dozens articles like this one on the web as well
于 2013-07-29T04:00:22.077 回答
1
一种有效的方法是让表单提交依赖于 JavaScript。机器人通常不支持 JavaScript。虽然这不是一个完美的解决方案..
于 2013-07-29T02:43:54.743 回答
1
一个老问题,但在这里分享我最近实施的经验。
创建一些使用 CSS 类进行隐藏的输入元素。
//Element to detect spam <input type="text" name="email" class="hide_me" id="email" /> //Real element <input type="text" name="customer_email" id="customer_email" placeholder="Your Email" /> // CSS style to hide the element .hide_me{ opacity: 0; position: absolute; top: 0; left: 0; height: 0; width: 0; z-index: -1; }使用 javascript 检查电子邮件字段是否已填写。如果填写,则不是真人,不应提交表单。
于 2020-11-29T15:37:22.000 回答