We’ve all seen the captcha tests to prove you are a human. They are presumably effective as well as being annoying. However, for many sites they are an expensive overkill.
Most spambots aren’t that smart. When they find an online form, they put garbage in every field then trigger the submit button. This presents an easy way to stop them.
If you refer back to my earlier PHPmailer article, a simple addition provides a mechanism to stop spambots.
if (isset($_POST['_bottest'])) {
throw new Exception("Failed Robot test!");
}Add this immediately after the “try” command (line 71) in the mailer.php code.
In your form, add a field like
<label for="_bottest">I'm a bot:</label>
<p ><input id="_bottest" name="_bottest" type="checkbox" /> leave blank if you are a person.</p>
A real person using the simply skips over the checkbox. Most bots however see it as just another box to check. When the form goes to the mailer.php script, “_bottest” is set so the code throws an exception and the form submission fails. No e-mail gets sent.
There are other tests that I’ve seen, such as asking a question that any person should be able to answer (e.g. “what is three times five” and expecting a written answer of “fifteen”), but these reject the form submission using javascript.
The checkbox solution requires no extra code in the form. If you start getting spam through your form, it’s an easy addition.
However the solution that I normally use is to not actually have a form on the page. Instead I have a button that triggers some javascript to create a form on the fly. The downside of this is that it only generates one type of form currently. If I want something else, such as more fields, I’m back to creating a form on the page.
And for that, the bot test checkbox keeps my inbox safe.
Gary Dale's Blog 