The content of this tutorial is close to the technical direction I am good at: Safe contact forms.
As I mentioned in the previous tutorial, A common contact form helps a visitor communicate with you without exposing your email address to the hateful spam makers.
But if spammer is already targeting you, nothing is worse than an insecure contact foms. Imagine that your network space provider sent you an email with a strong wording saying: They found that your website sent a large number of sex drug ads and other spam. In addition, your website will be offline until you stop it.-Thank you!
So, today, I want to tell you in this tutorial a simple way to add an extra security layer to any contact forms-even if you do not use the super security and super flexibility I provide ultimate Form mail.
Current Status
You realize that spammer has discovered the weakness of your contact forms through remote detection technology, and you want them to go away.
Difficulties
You don't want to use CAPTCHA (completely automatic public Turing test to tell computers and humans apart) Because you understand, so that your visitor can read the seven-to-eight letter numbers before sending messages can only suppress their desire to interact, rather than promote it. (Digital verification defects)
Key point: you want the bad guys to get stuck in the dark, and you want the good boys to get in Rome.
Solution
You will learn to use jquery to add some hidden tag information to your contact forms during page loading. When the form information is submitted to the server, you can use some simple PHPCodePerform the following steps:
The hidden tag is identified. The hidden tag information is consistent with a flag in the cookie downloaded to the browser by your website visitor. The validity period of the hidden tag has not expired. In other words, visitors can enter the form and send it only within a limited period of time. If a spammer tries to submit the form information to your server through a remote call, they will find that they have played a thick and hard iron plate, and will not pay for it.
I will tell you that this method was modified from the blueprint provided by a very smart colleague Chris shiflett. He is a professional security expert on PHPProgramThe security problems that people often encounter are well known. (How do I feel that he can't help but mention his ultimate form mail ~~ Khan ).
Tutorial
I decided to create a similar "hand-held graphic tutorial" based on the response of the last article "easily creating a zebra Chart ". Although it takes some time, it is worth doing so.
Hands-on tutorial
Demo
Source code
Silver bullet?1)
Silver bullet is a term in the software field, meaning a solution to all problems. This is a legend from Europe that only silver bullets can destroy the werewolf.
"So now my form is 100% secure. Can I assume any free cntact Forms Program, and then rest assured ?"
Er... None.
This security mode is based on a key assumption:Spammer will always take soft persimmons and waste time solving a sly opponent. It is a waste of money for them.
Now, let's listen, my friends:
Although robust, this technology is still not a panacea for solving the currently fragile form processing program problems.
The purpose of my security suggestions is to make spammer difficult. Thieves will always step on the page before they initiate a burglary. They are only interested in rooms that can obtain the maximum benefit at the minimum cost. In other words, if they have a 99% chance to block their testing before they start, and it is quite easy to implement, why not give it a try? This is the goal of this technology.
However, this is a permanent cure and cannot solve all problems.