sam_h Posted September 13, 2008 Share Posted September 13, 2008 Hi, I was just on here looking for something very simple to act as a spam protection for my contact forms (avoiding captcha). I come across this thread, but was advised to start a new topic because it is so old! http://www.phpfreaks.com/forums/index.php/topic,86873.0.html In response the question, which is the same as mine, one of the answers was put the following lines of code to the top of the script: <? if(!isset($_SERVER['HTTP_USER_AGENT'])){ exit; } if(!$_SERVER['REQUEST_METHOD'] == "POST"){ exit; } ?> can anyone tell me what this does, and is it fairly effective? Regards Sam Quote Link to comment Share on other sites More sharing options...
toivo Posted September 13, 2008 Share Posted September 13, 2008 Hi, The first line checks if the form has been posted by a browser which identifies its type. Mind you, it is possible to use cURL and fake any browser you want. The second line checks if the form has been posted. If the method was GET, the form has probably been displayed by the code earlier and we can now exit. Regards, Quote Link to comment Share on other sites More sharing options...
sam_h Posted September 13, 2008 Author Share Posted September 13, 2008 thanks very much, I use a very simple Name, Email, Message form and currently have no spam protection. I don't want to clog up my page/form with captcha etc and havn't got the no-how to implement a simple 'math based question'. Do you think that this is an OK alternative? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted September 13, 2008 Share Posted September 13, 2008 Only simple spam bot scripts would be stopped by the first check. Most spam bot scripts do set the HTTP_USER_AGENT so the first check won't stop much but would stop some spam attempts. No spam bot script would be stopped by the second check because they will be using the POST method to submit data. The second check just causes the form processing code to ignore page requests that are the result of things like search engines visiting the form processing page or people browsing directly to the form processing page. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.