PHP Form Field (display:none) Spam Prevention

Question

I am working on the re-development of a clients website and am looking for an alternative to a captcha in order to make the user experience a little nicer. I am redeveloping the various forms throughout the site and am trying to find the best solution for preventing spam.

The clients have specified that they do not want me to use recaptcha or anything else that requires an external web service or calling any external urls, etc.

I have heard before that creating a field called 'email' for example and setting its display to 'display:none'. When the form is submitted I would then check (php) to see if the email field has a value and if so then the submission is spam and to not continue with the process.

Is this method sound? The site receives a very large amount of traffic and I assume would get a very large amount of spam without the captcha control they had been using on the previous form.

All suggestions welcome!

Answer 1

There's quite a nice article on this here - http://doteduguru.com/id3038-are-you-human-is-captcha-needed-some-alternatives.html

I think you are right to consider hidden fields. The only downside is people with CSS turned off but do you really get many of them?

The fanciest alternative I've found is the use of a slider - http://theymakeapps.com/users/add

Answer 2

One method I have used in the past is to have two fields (call them whatever you want). One has a pre-set value, and the other is blank. The user just has to copy the random string over. Just make sure to check that both the values are the same, and also that the original value hasn't been changed.

Also, if you do want to implement something captcha-like without the external links, you can use the gd module in php to create the image/text.