Add Spam Protection to a Web Form

Often when submitting to websites you will see that nasty little thing that you have to type two words into to get the form to submit.  These nasty little things may save you receiving a lot of junk requests.

The industry standard as used by Facebook and Google is a technology called recaptcha which can be added to an existing form fairly easily by your web developer.

Here are the steps involved:

  1. Register your website with recaptcha and get public private keys here https://www.google.com/recaptcha/admin/create
  2. Download the software library (here is the php recaptcha link)
  3. Within your web form include the recaptchalib.php file
  4. Echo the function recaptcha_get_html(‘your public key’) within your web form
  5. Put in checks to determine if the code is valid

Here is a simple example:

<html>
<head></head>
<body>
<?php
require_once('recaptchalib.php');
$publickey = "your public key";
$privatekey = "your private key";

$resp = recaptcha_check_answer ($privatekey,
                                    $_SERVER["REMOTE_ADDR"],
                                    $_POST["recaptcha_challenge_field"],
                                    $_POST["recaptcha_response_field"]);

if ($resp->is_valid) 
{
    echo "Success";
} 
else 
{
    echo "Failure";
}
?>
    <form method="post" action="">
<?php echo recaptcha_get_html($publickey, null); ?>
    <input type="submit" value="submit" name="submit" />
    </form>
</body>
</html>

And that’s it, just be sure to call recaptcha_get_html within your form.

 

Leave a Reply

Your email address will not be published. Required fields are marked *