Honeypot PHP for Comment Form
https://stackoverflow.com/questions/9447716
-
12-11-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am creating a jquery ajax popup comment form, but am having a problem with the way Im setting up my "honeypot" in php.
The honeypot ($robotest) isn't working; instead the script returns "E-mail is not correct". Can anyone point out my error? Thank you
The html form is:
<form class="cmxform" id="commentForm" method="POST" action="">
<p>
<label for="cname">Name</label>
<input id="cname" name="name" size="25" class="required" minlength="2" />
</p>
<p>
<label for="cemail">E-Mail</label>
<input id="cemail" name="email" size="25" class="required email" />
</p>
<p>
<label for="curl">URL</label>
<input id="curl" name="url" size="25" class="url" value="" />
</p>
<p>
<label for="ccomment">Your comment</label>
<textarea id="ccomment" name="comment" cols="22" class="required"></textarea>
</p>
<p class="robotic" id="pot">
<label>Please leave this blank:</label>
<input name="robotest" type="text" id="robotest" class="robotest" />
</p>
<p>
<input class="submit" type="submit" value="Submit"/>
</p>
EDIT:
Thanks to @JamWaffles for the support. Below is the correct way to implement the honeypot. (And as Kamalo noted you will want to have the id of 'robotest' set to display:none in your css):
<?php
$robotest = $_POST['robotest'];
$email = $_POST['email'];
if((!filter_var($email, FILTER_VALIDATE_EMAIL)) && ($robotest == "")) {
print "E-mail is correct";
$to = 'asdfdsafasdfsda@gmail.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster@example.com';
mail($to, $subject, $message, $headers);
} else {
print "E-mail is not correct";
}
?>
Solution
filter_var() returns a non-falsy value when the email is valid, not false. Remove the ! before filter_var( in your if():
if((filter_var($email, FILTER_VALIDATE_EMAIL)) && ($robotest = ""))
You're executing code inside the if() when filter_var() fails, which is why you're getting
E-mail is not correct
for valid emails.
Something else I missed too is the fact you're assigning to $robotest instead of comparing it against an empty string. You need to use the double equals comparison operator instead of the single equals assignment operator. Your if() should look like this:
if((filter_var($email, FILTER_VALIDATE_EMAIL)) && ($robotest == ""))
OTHER TIPS
For an alternative answer, I set up a "honey pot" input in my html with display:none
<input type="text" name="honeypot" id="honeypot" style="display:none;"/>
